Fix DNS resolution: Add fallback DNS for external domains

Problem: - When --accept-dns=true is used, MagicDNS (100.100.100.100) becomes the only DNS resolver for systemd-resolved - If MagicDNS fails to forward external queries, domains like google.com become unreachable - This commonly occurs due to network latency or connectivity issues Solution: - Add configure_dns_fallback() function to quick-install.sh - Create /etc/systemd/resolved.conf.d/headscale-fallback.conf - Set FallbackDNS to 1.1.1.1, 8.8.8.8, 168.126.63.1 (Korea DNS) - Add external DNS verification test in verify_connection() - Support non-systemd systems via /etc/resolv.conf modification Result: - MagicDNS continues to work for *.headscale.local internal domains - External domains resolve via fallback DNS when MagicDNS fails - Installation script verifies DNS resolution before completion Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-20 11:10:27 +00:00
parent 41d3e7d946
commit 1ae707a985
2 changed files with 63 additions and 14 deletions
--- a/quick-install.sh
+++ b/quick-install.sh
@@ -403,6 +403,15 @@ verify_connection() {
    # 연결된 노드 확인
    print_info "네트워크 상태:"
    tailscale status | head -10
+
+    # 외부 DNS 해석 테스트
+    print_status "외부 DNS 해석 테스트 중..."
+    if ping -c 1 -W 5 google.com >/dev/null 2>&1; then
+        print_success "외부 DNS 해석 정상! (google.com)"
+    else
+        print_warning "외부 DNS 해석 실패. 수동 확인이 필요할 수 있습니다."
+        print_info "문제 해결: resolvectl status 명령으로 DNS 상태를 확인하세요."
+    fi
 }

 # ================================
@@ -435,6 +444,42 @@ configure_firewall() {
    print_success "방화벽 설정 완료"
 }

+# ================================
+# DNS Fallback 설정 (외부 도메인 해석 보장)
+# ================================
+configure_dns_fallback() {
+    print_status "DNS Fallback 설정 중..."
+
+    # systemd-resolved가 있는 경우에만 설정
+    if systemctl is-active --quiet systemd-resolved 2>/dev/null; then
+        # Fallback DNS 설정 파일 생성
+        mkdir -p /etc/systemd/resolved.conf.d
+        cat > /etc/systemd/resolved.conf.d/headscale-fallback.conf << 'DNSEOF'
+# Headscale MagicDNS Fallback 설정
+# MagicDNS(100.100.100.100) 실패 시 외부 DNS로 폴백
+[Resolve]
+FallbackDNS=1.1.1.1 8.8.8.8 168.126.63.1
+DNSEOF
+
+        # systemd-resolved 재시작
+        systemctl restart systemd-resolved 2>/dev/null || true
+        print_success "DNS Fallback 설정 완료 (1.1.1.1, 8.8.8.8, 168.126.63.1)"
+    else
+        print_info "systemd-resolved가 없습니다. Fallback DNS 설정을 건너뜁니다."
+
+        # /etc/resolv.conf 직접 수정 (비-systemd 시스템용)
+        if [ -f /etc/resolv.conf ] && ! grep -q "1.1.1.1" /etc/resolv.conf 2>/dev/null; then
+            print_info "resolv.conf에 백업 DNS 추가..."
+            # 기존 내용 백업
+            cp /etc/resolv.conf /etc/resolv.conf.backup.$(date +%Y%m%d) 2>/dev/null || true
+            # nameserver 추가 (끝에)
+            echo "# Fallback DNS for Headscale" >> /etc/resolv.conf
+            echo "nameserver 1.1.1.1" >> /etc/resolv.conf
+            echo "nameserver 8.8.8.8" >> /etc/resolv.conf
+        fi
+    fi
+}
+
 # ================================
 # 정리 작업
 # ================================
@@ -503,6 +548,7 @@ main() {
    
    # 사후 설정
    configure_firewall
+    configure_dns_fallback
    verify_connection
    
    # 정리 및 완료