Struct DnsConfig 

pub struct DnsConfig {
    pub magic_dns: bool,
    pub search_domains: Vec<String>,
    pub extra_records: Vec<ExtraRecord>,
    pub resolvers: Vec<Resolver>,
    pub routes: BTreeMap<String, Vec<Resolver>>,
    pub fallback_resolvers: Vec<Resolver>,
    pub exit_node_filtered_set: Vec<String>,
}

Owned DNS configuration distilled from the control MapResponse for the MagicDNS responder.

Fields

magic_dns: bool

MagicDNS enabled (Go Proxied). When false the responder serves nothing (fail closed).

search_domains: Vec<String>

Tailnet DNS suffix(es), lowercased, no trailing dot, e.g. “user.ts.net”.

extra_records: Vec<ExtraRecord>

Control-pushed static A/AAAA host records (Go ExtraRecords).

resolvers: Vec<Resolver>

Global upstream resolvers (Go Resolvers) used to recursively resolve non-overlay names when no split-DNS route and no fallback resolver matches.

routes: BTreeMap<String, Vec<Resolver>>

Split-DNS routes (Go Routes): suffix (canonicalized, no leading/trailing dot) -> the upstreams that answer that suffix. An empty upstream list is a negative route: names under that suffix are not resolved (Go keeps them on the built-in resolver, which for us means fail-closed NXDOMAIN unless an overlay/extra record matches).

fallback_resolvers: Vec<Resolver>

Fallback resolvers (Go FallbackResolvers) used for non-overlay names that match no route, preferred over resolvers.

exit_node_filtered_set: Vec<String>

DNS suffixes this node, when acting as an exit-node DNS proxy, must not answer (Go ExitNodeFilteredSet). Entries are lowercased, no trailing dot. An entry starting with a period is a suffix match (but .a.b does NOT match a.b — a real prefix label is required); an entry without a leading period is an exact match. Matching is case-insensitive. A filtered name is answered with REFUSED. See DnsConfig::exit_node_filters.

Implementations

impl DnsConfig

pub fn from_serde(c: &DnsConfig<'_>) -> Self

Build the owned config from the borrowed serde view parsed off the wire.

pub fn exit_node_filters(&self, name: &str) -> bool

Whether name (a canonical query name: lowercased, no trailing dot) is in this config’s exit_node_filtered_set and so must be REFUSED when this node answers as an exit-node DNS proxy (Go dnsConfigForNetmap’s filtered-set check).

An entry with a leading period is a suffix match requiring a real label before it (.a.b matches x.a.b but not a.b); an entry without a leading period is an exact match. Matching is case-insensitive (both sides are already lowercased).

pub fn resolvers_with_exit_node(&self) -> impl Iterator<Item = &Resolver>

The resolvers to keep when an exit node is active: those flagged use_with_exit_node. When an exit node is selected, recursive resolution is delegated to it, except for these explicitly-flagged resolvers (Go keeps UseWithExitNode resolvers in the local config).

Trait Implementations

impl Clone for DnsConfig

fn clone(&self) -> DnsConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for DnsConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for DnsConfig

fn default() -> DnsConfig

Returns the “default value” for a type.

impl Eq for DnsConfig

impl PartialEq for DnsConfig

fn eq(&self, other: &DnsConfig) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for DnsConfig