[management,client] Make DNS ForwarderPort Configurable & Change Well Known Port

[hakansa]

Describe your changes

[management,client] Make DNS ForwarderPort Configurable & Change Well Known Port

Issue ticket number and link

Stack

Checklist

• Is it a bug fix
• Is a typo/documentation fix
• Is a feature enhancement
• It is a refactor
• Created tests that fail without the change (if possible)

By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.

Documentation

Select exactly one:

• I added/updated documentation for this change
• Documentation is not needed for this change (explain why)

Docs PR URL (required if "docs added" is checked)

Paste the PR link from https://github.com/netbirdio/docs here:

https://github.com/netbirdio/docs/pull/__

[Copilot]

Pull Request Overview

This PR makes the DNS forwarder port configurable in the management and client components, while changing the well-known port from 5454 to 22054. The change includes version-aware port assignment to ensure backward compatibility.

• Adds a configurable ForwarderPort field to the DNS configuration protocol
• Implements version-based port computation that returns the new port (22054) only when all peers support version 0.58.0 or newer
• Updates the client to dynamically restart the DNS forwarder when the port changes

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
shared/management/proto/management.proto	Adds ForwarderPort field to DNSConfig message
shared/management/proto/management.pb.go	Generated protobuf code with ForwarderPort field and getter method
management/server/dns.go	Implements port computation logic based on peer versions
management/server/dns_test.go	Adds comprehensive tests for the port computation functionality
management/server/grpcserver.go	Updates toSyncResponse function to pass all peers for port computation
management/server/peer.go	Updates calls to toSyncResponse with additional peers parameter
management/server/peer_test.go	Updates test call to toSyncResponse with empty peers slice
client/internal/engine.go	Implements DNS forwarder restart logic when port changes
client/internal/dnsfwd/manager.go	Updates manager to accept configurable port parameter

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The function has a duplicate log message (line 1881 and 1882). The log message on line 1881 should be removed since it's identical to the one in the calling function and adds no additional value.

[pascal-fischer]

in case the port is 0 we do skip setting it globally. Why do we restart the forwarder with port 0. Should be capital L no?

[hakansa]

oh, nice catch! fixed.

[lixmal]

This var is not sufficiently protected against races (e.g. ServeDNS reads this outside of the engine's lock). Why do we need a global var accessed by the engine in the first place?

nit: Make this a uint16, then you don't need to convert everywhere else

[hakansa]

We use this listen port value on DNS Interceptor and somewhere in netflow logger. I've guarded this var with a method and mutex, should be fine now.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
2 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[lixmal]

Client changes look OK to me