From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 8 Jun 2018 10:04:49 +0000 (+0200)
Subject: resolved: whenever a link starts/stops being relevant flush global DNS caches
X-Git-Tag: v239~112
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=63b121913043ab10639b355dae29acc9855678cd;p=thirdparty%2Fsystemd.git

resolved: whenever a link starts/stops being relevant flush global DNS caches

Let's add some protection for split horizon setups, where different
zones are visible on the same global DNS servers depending on where you
come from.

Fixes: #9196
---

diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c
index a0eedd86d38..ccce2fdb43c 100644
--- a/src/resolve/resolved-link.c
+++ b/src/resolve/resolved-link.c
@@ -115,6 +115,11 @@ void link_allocate_scopes(Link *l) {
 
                 dns_server_reset_features_all(l->manager->fallback_dns_servers);
                 dns_server_reset_features_all(l->manager->dns_servers);
+
+                /* Also, flush the global unicast scope, to deal with split horizon setups, where talking through one
+                 * interface reveals different DNS zones than through others. */
+                if (l->manager->unicast_scope)
+                        dns_cache_flush(&l->manager->unicast_scope->cache);
         }
 
         /* And now, allocate all scopes that makes sense now if we didn't have them yet, and drop those which we don't