Only search domain from current namespace in MapResponse

api.go

@@ -260,16 +260,9 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma
 
 	var dnsConfig *tailcfg.DNSConfig
 	if h.cfg.DNSConfig != nil && h.cfg.DNSConfig.Proxied { // if MagicDNS is enabled
-		// TODO(juanfont): We should not be regenerating this all the time
+		// Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN
-		// And we should only send the domains of the peers (this own namespace + those from the shared peers)
-		namespaces, err := h.ListNamespaces()
-		if err != nil {
-			return nil, err
-		}
 		dnsConfig = h.cfg.DNSConfig.Clone()
-		for _, ns := range *namespaces {
+		dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, h.cfg.BaseDomain))
-			dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", ns.Name, h.cfg.BaseDomain))
-		}
 	} else {
 		dnsConfig = h.cfg.DNSConfig
 	}

dns.go

@@ -13,7 +13,7 @@ func (h *Headscale) generateMagicDNSRootDomains() (*[]dnsname.FQDN, error) {
 	}
 
 	// TODO(juanfont): we are not handing out IPv6 addresses yet
-	// and in fact this is Tailscale.com's range (not the fd7a:115c:a1e0: range in the fc00::/7 network)
+	// and in fact this is Tailscale.com's range (note the fd7a:115c:a1e0: range in the fc00::/7 network)
 	ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.")
 	fqdns := []dnsname.FQDN{base, ipv6base}