consomme: add support for dns over tcp#2807
Merged
damanm24 merged 26 commits intomicrosoft:mainfrom Mar 10, 2026
Merged
Conversation
|
This PR modifies files containing For more on why we check whole files, instead of just diffs, check out the Rustonomicon |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds DNS over TCP support to the consomme network stack, complementing the existing DNS over UDP functionality introduced in PR #2633. When a guest initiates a TCP connection to the gateway IP on port 53, consomme intercepts the connection and handles DNS queries using platform-specific system resolvers (DnsQueryRaw on Windows, res_nsend on Unix) instead of creating a real host socket.
Changes:
- Implements virtual TCP DNS handler that processes DNS queries over TCP without real sockets
- Adds TCP transport support to platform-specific DNS resolver backends (RES_USEVC flag for Unix, DNS_PROTOCOL_TCP for Windows)
- Refactors DNS backend to use Arc instead of Box to enable sharing between UDP and TCP handlers
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| vm/devices/net/net_consomme/consomme/src/lib.rs | Defines DNS_PORT constant at crate level for reuse |
| vm/devices/net/net_consomme/consomme/src/udp.rs | Updates UDP DNS handler to include transport type in DnsFlow |
| vm/devices/net/net_consomme/consomme/src/tcp/ring.rs | Removes test-only attribute from is_empty() method (now used in production) |
| vm/devices/net/net_consomme/consomme/src/tcp.rs | Adds TcpBackend enum, DNS TCP connection handling, and poll_dns_backend method |
| vm/devices/net/net_consomme/consomme/src/dns_resolver/mod.rs | Adds DnsTransport enum and changes backend from Box to Arc for sharing |
| vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs | New module implementing DNS TCP framing and message handling per RFC 1035 |
| vm/devices/net/net_consomme/consomme/src/dns_resolver/windows/mod.rs | Adds DNS_PROTOCOL_TCP support to Windows resolver backend |
| vm/devices/net/net_consomme/consomme/src/dns_resolver/unix/glibc.rs | Adds RES_USEVC flag support for TCP queries and refactors ResState structure |
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 25, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 26, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 26, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 26, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 27, 2026
jstarks
reviewed
Feb 27, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 27, 2026
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
vm/devices/net/net_consomme/consomme/src/dns_resolver/dns_tcp.rs
Outdated
Show resolved
Hide resolved
jstarks
reviewed
Feb 27, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Comments suppressed due to low confidence (1)
vm/devices/net/net_consomme/consomme/src/dns_resolver/unix/glibc.rs:227
- This test comment says “With RES_USEVC set, this should use TCP instead of UDP”, but the test doesn’t actually assert anything about transport selection (it only calls
send_queryand ignores the result). Consider either renaming the test to reflect what it verifies (options bit manipulation) or adding a deterministic assertion; otherwise it adds extra resolver I/O without validating the intended behavior.
// With RES_USEVC set, this should use TCP instead of UDP.
let _answer_len = state.send_query(&sample_dns_query());
benhillis
approved these changes
Mar 10, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.
You can also share your feedback on Copilot code review. Take the survey.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds support for DNS over TCP.
If a TCP connection is being initiated (by the guest), addressed to consommé's gateway IP on port 53, consommé's TCP module will intercept the request and instead of creating a socket on the host it will submit the DNS query on behalf of the guest using the resolver implementation that was introduced in #2633.