From 1cff719015aeb20c77af619e6d726233c0eb2bdc Mon Sep 17 00:00:00 2001
From: Maisem Ali <maisem@tailscale.com>
Date: Fri, 12 Aug 2022 12:47:25 -0700
Subject: [PATCH] net/dns: [win] respond with SERVFAIL queries when no
 resolvers

Currently we forward unmatched queries to the default resolver on
Windows. This results in duplicate queries being issued to the same
resolver which is just wasted.

Updates #1659

Signed-off-by: Maisem Ali <maisem@tailscale.com>
---
 net/dns/manager.go | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/net/dns/manager.go b/net/dns/manager.go
index 9889408d0..b5a1fbe42 100644
--- a/net/dns/manager.go
+++ b/net/dns/manager.go
@@ -214,12 +214,11 @@ func (m *Manager) compileConfig(cfg Config) (rcfg resolver.Config, ocfg OSConfig
 	rcfg.Routes = routes
 	ocfg.Nameservers = []netip.Addr{cfg.serviceIP()}
 
-	// If the OS can't do native split-dns, read out the underlying
-	// resolver config and blend it into our config.
 	if m.os.SupportsSplitDNS() {
 		ocfg.MatchDomains = cfg.matchDomains()
-	}
-	if !m.os.SupportsSplitDNS() || isWindows {
+	} else {
+		// If the OS can't do native split-dns, read out the underlying
+		// resolver config and blend it into our config.
 		bcfg, err := m.os.GetBaseConfig()
 		if err != nil {
 			health.SetDNSOSHealth(err)