resolved: whenever a link starts/stops being relevant flush global DNS caches

Let's add some protection for split horizon setups, where different
zones are visible on the same global DNS servers depending on where you
come from.

Fixes: #9196

diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c
index a0eedd86d38c6c0c136a5f071957281ea3d87983..ccce2fdb43ce28f6069511f1e55bec0d89823941 100644 (file)
--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@@ -115,6 +115,11 @@ void link_allocate_scopes(Link *l) {
 
                 dns_server_reset_features_all(l->manager->fallback_dns_servers);
                 dns_server_reset_features_all(l->manager->dns_servers);
+
+                /* Also, flush the global unicast scope, to deal with split horizon setups, where talking through one
+                 * interface reveals different DNS zones than through others. */
+                if (l->manager->unicast_scope)
+                        dns_cache_flush(&l->manager->unicast_scope->cache);
         }
 
         /* And now, allocate all scopes that makes sense now if we didn't have them yet, and drop those which we don't