Only allow 1 CNAME when querying for a service.

This just makes sure that if multiple services are registered with unique service addresses that we don’t blast back multiple CNAMEs for the same service DNS name and keeps us within the DNS specs.
2025-01-22 11:40:06 +00:00 · 2018-07-02 16:12:06 -04:00 · 2018-07-02 16:12:06 -04:00 · 9a8500412b
commit 9a8500412b
parent 8a12d803fd
1 changed files with 11 additions and 0 deletions
--- a/agent/dns.go
+++ b/agent/dns.go
@ -1143,6 +1143,7 @@ func (d *DNSServer) serviceNodeRecords(dc string, nodes structs.CheckServiceNode
 	qType := req.Question[0].Qtype
 	handled := make(map[string]struct{})
 	edns := req.IsEdns0() != nil
+	haveCNAME := false

 	count := 0
 	for _, node := range nodes {
@ -1169,6 +1170,16 @@ func (d *DNSServer) serviceNodeRecords(dc string, nodes structs.CheckServiceNode
 		// Add the node record
 		records := d.formatNodeRecord(node.Node, addr, qName, qType, ttl, edns, true)
 		if records != nil {
+			// only allow at most 1 CNAME record
+			switch records[0].(type) {
+			case *dns.CNAME:
+				if haveCNAME {
+					continue
+				} else {
+					haveCNAME = true
+				}
+			}
+
 			resp.Answer = append(resp.Answer, records...)
 			count++
 			if count == d.config.ARecordLimit {