Add configuration flag to set if RecursionDesired should be set on health checkers in Forward-plugin (#3679)

* Make the RD-flag in health-checks in the Forward-plugin configurable Introduces a new configuration flag; `health_check_non_recursive`. This flag makes the health-checker do non-recursive requests when checking the health of upstream servers. Signed-off-by: Geir Haugom <ghagit@haugom.org> Signed-off-by: Christian Tryti <ctryti@gmail.com> * Changes after feedback from reviewer * Better tests of health-checks with and without recursion * Removed the health_check_non_recursive configuration in favor of extending the existing health_check configuration. Now supports an optional `no_rec` argument. Signed-off-by: Christian Tryti <ctryti@gmail.com> * Add new test that checks setup of health_check. Signed-off-by: Christian Tryti <ctryti@gmail.com>
2025-10-27 08:14:18 -04:00 · 2020-03-06 11:52:43 +01:00
parent a74a209129
commit 116bda4d27
7 changed files with 135 additions and 26 deletions
--- a/plugin/forward/health.go
+++ b/plugin/forward/health.go
@@ -14,13 +14,18 @@ import (
 type HealthChecker interface {
 	Check(*Proxy) error
 	SetTLSConfig(*tls.Config)
+	SetRecursionDesired(bool)
+	GetRecursionDesired() bool
 }

 // dnsHc is a health checker for a DNS endpoint (DNS, and DoT).
-type dnsHc struct{ c *dns.Client }
+type dnsHc struct {
+	c                *dns.Client
+	recursionDesired bool
+}

 // NewHealthChecker returns a new HealthChecker based on transport.
-func NewHealthChecker(trans string) HealthChecker {
+func NewHealthChecker(trans string, recursionDesired bool) HealthChecker {
 	switch trans {
 	case transport.DNS, transport.TLS:
 		c := new(dns.Client)
@@ -28,7 +33,7 @@ func NewHealthChecker(trans string) HealthChecker {
 		c.ReadTimeout = 1 * time.Second
 		c.WriteTimeout = 1 * time.Second

-		return &dnsHc{c: c}
+		return &dnsHc{c: c, recursionDesired: recursionDesired}
 	}

 	log.Warningf("No healthchecker for transport %q", trans)
@@ -40,7 +45,14 @@ func (h *dnsHc) SetTLSConfig(cfg *tls.Config) {
 	h.c.TLSConfig = cfg
 }

-// For HC we send to . IN NS +norec message to the upstream. Dial timeouts and empty
+func (h *dnsHc) SetRecursionDesired(recursionDesired bool) {
+	h.recursionDesired = recursionDesired
+}
+func (h *dnsHc) GetRecursionDesired() bool {
+	return h.recursionDesired
+}
+
+// For HC we send to . IN NS +[no]rec message to the upstream. Dial timeouts and empty
 // replies are considered fails, basically anything else constitutes a healthy upstream.

 // Check is used as the up.Func in the up.Probe.
@@ -59,6 +71,7 @@ func (h *dnsHc) Check(p *Proxy) error {
 func (h *dnsHc) send(addr string) error {
 	ping := new(dns.Msg)
 	ping.SetQuestion(".", dns.TypeNS)
+	ping.MsgHdr.RecursionDesired = h.recursionDesired

 	m, _, err := h.c.Exchange(ping, addr)
 	// If we got a header, we're alright, basically only care about I/O errors 'n stuff.