Pull request: 5117-backport-dns64

Merge in DNS/adguard-home from 5117-backport-dns64 to master Updates #5117. Squashed commit of the following: commit 8ac88534b2da52f49facef6d623ea3504a3cd5ed Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Feb 6 16:44:16 2023 +0300 all: rm todos commit 0aa66c5ecbadc3e372478ea4446f80fcc7457841 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Mon Feb 6 15:40:38 2023 +0300 all: upd dnsproxy commit 872a8efdd2759fd9dad61de9953bc87f734ca918 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Fri Feb 3 14:14:21 2023 +0300 dnsforward: imp docs commit 8efeb42cac69bbe9b8dba8c91c33b14c95397ab9 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Wed Feb 1 02:58:01 2023 +0300 all: rm dns64
2023-02-06 17:17:51 +03:00
parent 6a032bb821
commit b31bab591d
9 changed files with 74 additions and 341 deletions
--- a/internal/dnsforward/dns.go
+++ b/internal/dnsforward/dns.go
@@ -10,6 +10,8 @@ import (
 	"github.com/AdguardTeam/AdGuardHome/internal/dhcpd"
 	"github.com/AdguardTeam/AdGuardHome/internal/filtering"
 	"github.com/AdguardTeam/dnsproxy/proxy"
+	"github.com/AdguardTeam/dnsproxy/upstream"
+	"github.com/AdguardTeam/golibs/errors"
 	"github.com/AdguardTeam/golibs/log"
 	"github.com/AdguardTeam/golibs/netutil"
 	"github.com/AdguardTeam/golibs/stringutil"
@@ -419,7 +421,7 @@ func (s *Server) processDHCPHosts(dctx *dnsContext) (rc resultCode) {
 		}
 		resp.Answer = append(resp.Answer, a)
 	case dns.TypeAAAA:
-		if len(s.dns64Prefs) > 0 {
+		if s.dns64Pref != (netip.Prefix{}) {
 			// Respond with DNS64-mapped address for IPv4 host if DNS64 is
 			// enabled.
 			aaaa := &dns.AAAA{
@@ -468,15 +470,6 @@ func (s *Server) processRestrictLocal(dctx *dnsContext) (rc resultCode) {
 		return resultCodeSuccess
 	}

-	if s.shouldStripDNS64(ip) {
-		// Strip the prefix from the address to get the original IPv4.
-		ip = ip[nat64PrefixLen:]
-
-		// Treat a DNS64-prefixed address as a locally served one since those
-		// queries should never be sent to the global DNS.
-		dctx.unreversedReqIP = ip
-	}
-
 	// Restrict an access to local addresses for external clients.  We also
 	// assume that all the DHCP leases we give are locally served or at least
 	// shouldn't be accessible externally.
@@ -671,11 +664,21 @@ func (s *Server) processUpstream(dctx *dnsContext) (rc resultCode) {
 		return resultCodeError
 	}

-	if dctx.err = prx.Resolve(pctx); dctx.err != nil {
-		return resultCodeError
-	}
+	if err := prx.Resolve(pctx); err != nil {
+		if errors.Is(err, upstream.ErrNoUpstreams) {
+			// Do not even put into querylog.  Currently this happens either
+			// when the private resolvers enabled and the request is DNS64 PTR,
+			// or when the client isn't considered local by prx.
+			//
+			// TODO(e.burkov):  Make proxy detect local client the same way as
+			// AGH does.
+			pctx.Res = s.genNXDomain(req)
+
+			return resultCodeFinish
+		}
+
+		dctx.err = err

-	if s.performDNS64(prx, dctx) == resultCodeError {
 		return resultCodeError
 	}