* middleware/httproxy: implement debug queries
Not too useful at the moment, but o-o.debug queries are supported
and return the Comment from dns.google.com.
Note that this is not always set.
* improve documentation
* Testing cleanups
This PR adds a middleware that talks to dns.google.com over HTTPS,
meaning all your DNS traffic is encrypted when traversing your ISP and
the internet.
The `dns.google.com` address is re-resolved every 30 seconds.
* middleware/proxy: config syntax cleanups
Allow port numbers to be used in the transfer statements and clean
up the proxy stanza parsing. Also allow, when specifying an upstream,
/etc/resolv.conf (or any other file) to be used for getting the upstream
nameserver.
Add tests and fix the documentation to make clear what is allowed.
* Fix the other upstream parse as well
Change the CI setup for K8s to be simpler. Now it just creates a
set of objects via a yaml file, making it very easy to modify
the tests.
Implement PTR for services.
Provide TTL examples for cache middleware. Fixes: #364
Add interaction docs to make non invalidation for cache middleware
clear. Cache might serve stale records. Fixes: #403
* When no records match, reply with NXDOMAIN
* Implement in IsNameError
* case for unexposed namespace. k8s integation tests
* Fix imports order. Lower case of err strs.
Up till now we would only chase 1 CNAME. Spec requires we will chase
all. This PR add support for this. Up to 8 CNAMEs are chased (this
could be longer, by just checking for cycles, but 8 seems enough for
now).
Also add RRSIG of the first CNAME for DNSSEC.
* middleware/cache: cache 0 will be capped at 5
cache 0 would return TTL=0 records, up that to the documented minimum of
5 seconds.
* middleware/cache: check for 0 TTL
Handle 0 TTL differently and return an error, we might need to
special case this in the future.
Be more explicit in the logs when a notify fails.
New notify error message looks like:
2016/11/07 18:21:42 [ERROR] Notify for zone "example.org." was not accepted by "8.8.8.8:53": rcode was "SERVFAIL"
Correctly pick up secondaries
When multiple secondary are specified make sure they are picked up.
Fixes#393#398
The watchers were still trying to process raw v1 objects which
failed to be added to the store. This meant new services and
namespaces created after CoreDNS started would not be discoverable.
Add a filter function that converts watch events with v1 objects
to events with api objects.
* add extra test
* middleware/auto: fix crash when calling empty handler
Don't call the next middleware, we should be auth. for this zone
getitng into this path we should respond with ServFail.
Fixes#388
A NSEC record is need to deny any other name that might exist.
Also don't blindly perform the interface conversion when getting
glue for NS records as they now may include RRSIG - also add tests
for that.
Add a Reverse method to BackendService because different backends want
to to do diff. things. This allows etc/k8s to share even more code and
we can unify the PTR handling.
Fix the delegation handling in the *file* and *dnssec* middleware.
Refactor tests a bit and show that they are failling.
Add a Tree printer, cleanups and tests.
Fix wildcard test - should get no answer from empty-non-terminal
* Fix k8s client to use client-go
* Fix Kubernetes Build Issue
The client-go code requires you to vendor. I have done a hack here
in the Makefile to vendor it to version 1.5. But looks like we
will need to do this the 'right' way soon.
* Convert v1 to api Objects in List Functions
Also removed the endpoint controller which was not used for anything.
The Watch functions may still need the same treatment.
* Vendor client-go release-1.5
* Fix basic SRV feature
This is actually not serving SRV records correctly, but this should
get it to work as it did prior to the k8s client changes. Another
fix will be needed to serve SRV records as defined in the spec.
* Add additional output in test result
Add the response to the test output.
* Fix erroneous test data
* Add ServiceBackend interface
This adds a ServiceBackend interface that is shared between etcd/etcd3
(later) and kubernetes, leading to a massive reduction in code. When
returning the specific records from their backend.
Fixes#273
ListenAddr is the address where the prometheus metric are exported.
This can be used in tests to listen on "localhost:0" and then later
retrieve the metrics from there. It makes the tests indepent on each
other.
When a file is moved into position we should also reload the zones'
content.
This also fixes deadlock bug in the locking, a reload would block any
further lookups.
Add the rcode to the cached item and use this when we synthesize the
answer again. We could also infer the rcode from the reassembled
message, but this seems easier and is only an integer.
Also set the autoritative bit to 0 for all from-cache answers.
Fixes 357
