dcd7d9b015
DNS : Fixes recursors answering the DNS query to properly return the correct response. ( #4461 )
...
* Fixes the DNS recursor properly resolving the requests
* Added a test case for the recursor bug
* Refactored code && added a test case for all failing recursors
* Inner indentation moved into else if check
2018-08-02 10:12:52 -04:00
86ce52d0d3
Merge remote-tracking branch 'origin/master' into bugfix/prevent-multi-cname
2018-07-10 10:26:45 -04:00
a26deb44cf
Ensure TXT RRs always end up in the Additional section except for ANY or TXT queries
...
This also changes where the enforcement of the enable_additional_node_meta_txt configuration gets applied.
formatNodeRecord returns the main RRs and the meta/TXT RRs in separate slices. Its then up to the caller to add to the appropriate sections or not.
2018-07-09 12:30:11 -04:00
e9390fb5c7
Refactor to make this much less confusing
2018-07-03 11:04:19 -04:00
4d1bdd8fdb
Add a bunch of comments about preventing multi-cname
...
Hopefully this a bit clearer as to the reasoning
2018-07-03 10:32:52 -04:00
22cc44877d
Fix some edge cases and add some tests.
2018-07-02 16:58:52 -04:00
e3859b4f04
Only allow 1 CNAME when querying for a service.
...
This just makes sure that if multiple services are registered with unique service addresses that we don’t blast back multiple CNAMEs for the same service DNS name and keeps us within the DNS specs.
2018-07-02 16:12:06 -04:00
1da3c42867
Merge remote-tracking branch 'connect/f-connect'
2018-06-25 19:42:51 +00:00
f3089a6647
connect/ca: undo the interface changes and use sign-self-issued in Vault
2018-06-25 12:25:42 -07:00
b9d1e7042a
Make filtering out TXT RRs only apply when they would end up in Additional section
...
ANY queries are no longer affected.
2018-06-19 10:08:16 -04:00
a5fe6204d5
agent: working DNS for Connect queries, I think, but have to
...
implement Health endpoints to be sure
2018-06-14 09:41:47 -07:00
6604828009
Add configuration entry to control including TXT records for node meta in DNS responses
...
If set to false, the only way to retrieve TXT records for node meta is to specifically query for TXT records.
2018-06-11 11:49:04 -04:00
1c577b2012
Merge pull request #4131 from pierresouchay/enable_full_dns_compression
...
Enable full dns compression
2018-06-01 10:42:03 -04:00
544acdf04e
Fixed comments for max DNS records returned as requested by @mkeeler
2018-05-31 18:15:52 +02:00
cea77e8825
Do reverse service lookup only if address doesn't match node
2018-05-21 22:27:41 +02:00
88514d6a82
Add support for reverse lookup of services
2018-05-19 19:39:02 +02:00
74cbe5ac85
Ensure to never send messages more than 64k
2018-05-16 12:47:35 +02:00
5f529c9ea7
Fixed unit tests and updated limits
2018-05-16 12:11:49 +02:00
7e8878df0b
Re-Enable compression while computing Len(), so we can send more answers
...
This will fix https://github.com/hashicorp/consul/issues/4071
2018-05-16 11:00:51 +02:00
60307ef328
Remove deprecated metric names
2018-05-08 16:23:15 -07:00
a3b028d1d7
Removed unecessary copy of Extra and index
2018-04-20 22:51:04 +02:00
7db49828bd
Fixed sync of Extra in binarySearch
2018-04-18 14:17:44 +02:00
f2fc163b92
Added Unit tests + fixed boudary limit
2018-04-17 09:31:30 +02:00
146152170f
Added comment for function dnsBinaryTruncate
2018-04-17 01:10:52 +02:00
9a819b5b29
Perform a binary search to find optimal size of DNS responses
...
Will fix https://github.com/hashicorp/consul/issues/4036
Instead of removing one by one the entries, find the optimal
size using binary search.
For SRV records, with 5k nodes, duration of DNS lookups is
divided by 4 or more.
2018-04-17 00:50:00 +02:00
be10300d06
Update make static-assets goal and run format
2018-04-13 09:57:25 -07:00
d604642792
GH-3798: More PR Updates
...
Update docs a little
Update/add tests. Make sure all the various ways of determining the source IP work
Update X-Forwarded-For header parsing. This can be a comma separated list with the first element being the original IP so we now handle csv data there.
Got rid of error return from sourceAddrFromRequest
2018-04-12 10:40:46 -04:00
3a0f7789ec
GH-3798: A few more PR updates
2018-04-11 20:32:35 -04:00
de3a9be3d0
GH-3798: Updates for PR
...
Allow DNS peer IP as the source IP.
Break early when the right node was found for executing the preapred query.
Update docs
2018-04-11 17:02:04 -04:00
89cd24aeca
GH-3798: Add near=_ip support for prepared queries
2018-04-10 14:50:50 -04:00
c0b1fb6ede
Merge pull request #3948 from pierresouchay/fix_tcp_dns_limit
...
[BUGFIX] do not break when TCP DNS answer exceeds 64k
2018-03-30 16:25:23 -04:00
fd9297ad8f
Formatting update
2018-03-27 16:31:27 -04:00
2d8a68cce9
GH-3854: Warn when node name isnt a valid DNS label
2018-03-27 15:00:33 -04:00
871b9907cb
Optimize size for SRV records, should improve performance a bit
...
Stricter Unit tests that checks if truncation was OK.
2018-03-09 18:25:29 +01:00
c3713dbbf1
Performance optimization for services having more than 2k records
2018-03-08 00:26:41 +01:00
1085d5a7b4
Avoid issue with compression of DNS messages causing overflow
2018-03-07 23:33:41 +01:00
b672707552
64000 max limit to DNS messages since there is overhead
...
Added debug log to give information about truncation.
2018-03-07 16:14:41 +01:00
06afb4d02c
[BUGFIX] do not break when TCP DNS answer exceeds 64k
...
It will avoid having discovery broken when having large number
of instances of a service (works with SRV and A* records).
Fixes https://github.com/hashicorp/consul/issues/3850
2018-03-07 10:08:06 +01:00
09970479b5
Allow to control the number of A/AAAA Record returned by DNS
...
This allows to have randomized resource records (i.e. each
answer contains only one IP, but the IP changes every request) for
A, AAAA records.
It will fix https://github.com/hashicorp/consul/issues/3355 and
https://github.com/hashicorp/consul/issues/3937
See https://github.com/hashicorp/consul/issues/3937#issuecomment-370610509
for details.
It basically add a new option called `a_record_limit` and will not
return more than a_record_limit when performing A, AAAA or ANY DNS
requests.
The existing `udp_answer_limit` option is still working but should
be considered as deprecated since it works only with DNS clients
not supporting EDNS.
2018-03-06 02:07:42 +01:00
dbb010c865
adding human readability for dns requests debug log ( #3751 )
2018-02-11 09:02:28 -06:00
c2395d9bd0
fix refactoring
2018-01-28 22:53:30 +04:00
05666113a4
remove golint warnings
2018-01-28 22:40:13 +04:00
d26b0406e4
dns: return NXDOMAIN if datacenter is invalid ( #3200 ) ( #3596 )
...
Queries to the DNS server can contain an optional datacenter
name in the query name. You can query for 'foo.service.consul'
or 'foo.service.dc.consul' to get a response for either the
default or a specific datacenter.
Datacenter names cannot have dots, therefore the datacenter
name can refer to only one element in the DNS query name.
The DNS server allowed extra labels between the optional
datacenter name and the domain and returned a valid response
instead of returning NXDOMAIN. For example, if the domain
is set to '.consul' then 'foo.service.dc1.extra.consul'
should return NXDOMAIN because of 'extra' being between
the datacenter name 'dc1' and the domain '.consul'.
Fixes #3200
2017-10-20 16:49:17 -07:00
6f05ea91a3
Replace time.Now().Sub(x) with time.Since(x)
2017-10-17 20:38:24 +02:00
0063516e5e
Update metric names and add a legacy config flag
2017-10-04 16:43:27 -07:00
55c2746963
Implement encodeKVasRFC1464 function
2017-09-28 12:32:46 +02:00
7083f9fb14
Turn encodeKVasRFC1464 into a plain function
2017-09-28 12:32:45 +02:00
8982719f5b
Refactor formatTxtRecords as encodeKVasRFC1464
...
- Move the logic of rfc1035 out of the encoding function
- Left basic version of encodingKV as 'k=v'
2017-09-28 12:32:45 +02:00
a16e0f7419
Fix editorial suggestions
2017-09-28 12:32:45 +02:00
4b2d1546fa
Remove redundant check of Node.Meta size
2017-09-28 12:32:45 +02:00
Siva Prasad