From 9048a6967af12c22aea58c949abbcf1ec5d2d140 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 19 Aug 2024 09:14:41 -0400
Subject: [PATCH 01/46] Move cluster dns config and validate in strict dns
 clusters

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/BUILD                                     |   1 +
 api/envoy/config/cluster/v3/BUILD             |   1 +
 api/envoy/config/cluster/v3/cluster.proto     |  62 +++++-----
 api/envoy/extensions/clusters/dns/v3/BUILD    |  12 ++
 .../extensions/clusters/dns/v3/cluster.proto  | 116 ++++++++++++++++++
 .../common/dynamic_forward_proxy/v3/BUILD     |   2 +-
 .../dynamic_forward_proxy/v3/dns_cache.proto  |   6 +-
 api/versioning/BUILD                          |   1 +
 source/common/common/dns_utils.cc             |  14 +--
 source/common/common/dns_utils.h              |   2 +-
 .../network/dns_resolver/dns_factory_util.cc  |  14 +++
 .../network/dns_resolver/dns_factory_util.h   |  10 ++
 .../common/upstream/cluster_factory_impl.cc   |  10 ++
 source/common/upstream/upstream_impl.cc       |   4 +
 source/extensions/clusters/strict_dns/BUILD   |   1 +
 .../clusters/strict_dns/strict_dns_cluster.cc |  60 +++++++--
 .../clusters/strict_dns/strict_dns_cluster.h  |   6 +-
 .../common/logical_host_integration_test.cc   |   2 +-
 .../redis/redis_cluster_integration_test.cc   |   2 +-
 .../dns_cache_impl_test.cc                    |   4 +-
 .../proxy_filter_integration_test.cc          |   7 +-
 test/integration/protocol_integration_test.cc |   4 +-
 22 files changed, 274 insertions(+), 67 deletions(-)
 create mode 100644 api/envoy/extensions/clusters/dns/v3/BUILD
 create mode 100644 api/envoy/extensions/clusters/dns/v3/cluster.proto

diff --git a/api/BUILD b/api/BUILD
index 096373e79fc7..a8949c917c8d 100644
--- a/api/BUILD
+++ b/api/BUILD
@@ -137,6 +137,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",
         "//envoy/extensions/common/async_files/v3:pkg",
diff --git a/api/envoy/config/cluster/v3/BUILD b/api/envoy/config/cluster/v3/BUILD
index 80d74b61cd6a..df171f9a734d 100644
--- a/api/envoy/config/cluster/v3/BUILD
+++ b/api/envoy/config/cluster/v3/BUILD
@@ -9,6 +9,7 @@ api_proto_package(
         "//envoy/annotations:pkg",
         "//envoy/config/core/v3:pkg",
         "//envoy/config/endpoint/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/type/metadata/v3:pkg",
         "//envoy/type/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 0d2d6f1918ec..b997852caf29 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -13,6 +13,7 @@ import "envoy/config/core/v3/health_check.proto";
 import "envoy/config/core/v3/protocol.proto";
 import "envoy/config/core/v3/resolver.proto";
 import "envoy/config/endpoint/v3/endpoint.proto";
+import "envoy/extensions/clusters/dns/v3/cluster.proto";
 import "envoy/type/metadata/v3/metadata.proto";
 import "envoy/type/v3/percent.proto";
 
@@ -45,7 +46,7 @@ message ClusterCollection {
 }
 
 // Configuration for a single upstream cluster.
-// [#next-free-field: 59]
+// [#next-free-field: 60]
 message Cluster {
   option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster";
 
@@ -141,13 +142,6 @@ message Cluster {
   // this setting is
   // ignored.
   // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
-  enum DnsLookupFamily {
-    AUTO = 0;
-    V4_ONLY = 1;
-    V6_ONLY = 2;
-    V4_PREFERRED = 3;
-    ALL = 4;
-  }
 
   enum ClusterProtocolSelection {
     // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2).
@@ -678,24 +672,6 @@ message Cluster {
     core.v3.HealthStatusSet override_host_status = 8;
   }
 
-  message RefreshRate {
-    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
-
-    // Specifies the base interval between refreshes. This parameter is required and must be greater
-    // than zero and less than
-    // :ref:`max_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.max_interval>`.
-    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
-      required: true
-      gt {nanos: 1000000}
-    }];
-
-    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
-    // greater than or equal to the
-    // :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`  if set. The default
-    // is 10 times the :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`.
-    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
-  }
-
   message PreconnectPolicy {
     // Indicates how many streams (rounded up) can be anticipated per-upstream for each
     // incoming stream. This is useful for high-QPS or latency-sensitive services. Preconnecting
@@ -944,6 +920,9 @@ message Cluster {
   // [#next-major-version: make this a list of typed extensions.]
   map<string, google.protobuf.Any> typed_extension_protocol_options = 36;
 
+  // [#extension-category: envoy.clusters.dns]
+  envoy.extensions.clusters.dns.v3.DnsConfig dns_config = 59;
+
   // If the DNS refresh rate is specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
@@ -953,8 +932,13 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  google.protobuf.Duration dns_refresh_rate = 16
-      [(validate.rules).duration = {gt {nanos: 1000000}}];
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  google.protobuf.Duration dns_refresh_rate = 16 [
+    deprecated = true,
+    (validate.rules).duration = {gt {nanos: 1000000}},
+    (envoy.annotations.deprecated_at_minor_version) = "3.0"
+  ];
 
   // DNS jitter can be optionally specified if the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -965,7 +949,10 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  google.protobuf.Duration dns_jitter = 58;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  google.protobuf.Duration dns_jitter = 58
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // If the DNS failure refresh rate is specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -975,17 +962,27 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  RefreshRate dns_failure_refresh_rate = 44;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  envoy.extensions.clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 44
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  bool respect_dns_ttl = 39;
+  // This field is deprecated in favor of ``dns_config``
+  // which aggregates all of the DNS configuration in a single message.
+  bool respect_dns_ttl = 39
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
+  envoy.extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily dns_lookup_family = 17 [
+    deprecated = true,
+    (validate.rules).enum = {defined_only: true},
+    (envoy.annotations.deprecated_at_minor_version) = "3.0"
+  ];
 
   // If DNS resolvers are specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -1025,6 +1022,7 @@ message Cluster {
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // [#extension-category: envoy.network.dns_resolver]
+  // FIXME do we also want to move this one?
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
diff --git a/api/envoy/extensions/clusters/dns/v3/BUILD b/api/envoy/extensions/clusters/dns/v3/BUILD
new file mode 100644
index 000000000000..09a37ad16b83
--- /dev/null
+++ b/api/envoy/extensions/clusters/dns/v3/BUILD
@@ -0,0 +1,12 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/config/core/v3:pkg",
+        "@com_github_cncf_xds//udpa/annotations:pkg",
+    ],
+)
diff --git a/api/envoy/extensions/clusters/dns/v3/cluster.proto b/api/envoy/extensions/clusters/dns/v3/cluster.proto
new file mode 100644
index 000000000000..699358fa939d
--- /dev/null
+++ b/api/envoy/extensions/clusters/dns/v3/cluster.proto
@@ -0,0 +1,116 @@
+syntax = "proto3";
+
+package envoy.extensions.clusters.dns.v3;
+
+import "envoy/config/core/v3/extension.proto";
+
+import "google/protobuf/any.proto";
+import "google/protobuf/duration.proto";
+import "google/protobuf/struct.proto";
+import "google/protobuf/wrappers.proto";
+
+import "udpa/annotations/migrate.proto";
+import "udpa/annotations/security.proto";
+import "udpa/annotations/status.proto";
+import "udpa/annotations/versioning.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
+option java_outer_classname = "ClusterProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/dns/v3;dnsv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: DNS cluster configuration]
+
+// Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview
+// <arch_overview_http_dynamic_forward_proxy>` for more information.
+// [#extension: envoy.clusters.dns]
+
+// [#next-free-field: 7]
+message DnsConfig {
+  // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
+  // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
+  // only perform a lookup for addresses in the IPv6 family. If AUTO is
+  // specified, the DNS resolver will first perform a lookup for addresses in
+  // the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
+  // This is semantically equivalent to a non-existent V6_PREFERRED option.
+  // AUTO is a legacy name that is more opaque than
+  // necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
+  // If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
+  // IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
+  // target will only get v6 addresses if there were NO v4 addresses to return.
+  // If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
+  // and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
+  // upstream connections. Refer to :ref:`Happy Eyeballs Support <arch_overview_happy_eyeballs>`
+  // for more information.
+  // For cluster types other than
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
+  // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
+  // this setting is
+  // ignored.
+  // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
+  enum DnsLookupFamily {
+    AUTO = 0;
+    V4_ONLY = 1;
+    V6_ONLY = 2;
+    V4_PREFERRED = 3;
+    ALL = 4;
+  }
+
+  message RefreshRate {
+    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
+
+    // Specifies the base interval between refreshes. This parameter is required and must be greater
+    // than zero and less than
+    // :ref:`max_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
+      required: true
+      gt {nanos: 1000000}
+    }];
+
+    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
+    // greater than or equal to the
+    // :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`  if set. The default
+    // is 10 times the :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
+  }
+
+  // This value is the cluster’s DNS refresh rate. The value configured must be at least 1ms.
+  // If this setting is not specified, the
+  // value defaults to 5000ms.
+  google.protobuf.Duration dns_refresh_rate = 1 [(validate.rules).duration = {gt {nanos: 1000000}}];
+
+  // this is the cluster’s DNS refresh rate when requests are failing. If this setting is
+  // not specified, the failure refresh rate defaults to the DNS refresh rate.
+  RefreshRate dns_failure_refresh_rate = 2;
+
+  // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
+  // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
+  // resolution.
+  bool respect_dns_ttl = 3;
+
+  // The DNS IP address resolution policy. If this setting is not specified, the
+  // value defaults to
+  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily.AUTO>`.
+  DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
+
+  // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+  // or any other DNS resolver types and the related parameters.
+  // For example, an object of
+  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+  // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
+  // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+  // configuration.
+  // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
+  // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
+  // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
+  // [#extension-category: envoy.network.dns_resolver]
+  // Fixme docs
+  config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 5;
+
+  // DNS jitter causes the cluster to refresh DNS entries later by a random amount of time to avoid a
+  // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
+  // There will be no jitter if this value is omitted.
+  google.protobuf.Duration dns_jitter = 6;
+}
diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
index a220c748ba7f..23e700f178d9 100644
--- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
+++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
@@ -7,9 +7,9 @@ licenses(["notice"])  # Apache 2
 api_proto_package(
     deps = [
         "//envoy/annotations:pkg",
-        "//envoy/config/cluster/v3:pkg",
         "//envoy/config/common/key_value/v3:pkg",
         "//envoy/config/core/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
     ],
 )
diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
index eae3b8f74261..4413e64d3406 100644
--- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
+++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
@@ -2,11 +2,11 @@ syntax = "proto3";
 
 package envoy.extensions.common.dynamic_forward_proxy.v3;
 
-import "envoy/config/cluster/v3/cluster.proto";
 import "envoy/config/common/key_value/v3/config.proto";
 import "envoy/config/core/v3/address.proto";
 import "envoy/config/core/v3/extension.proto";
 import "envoy/config/core/v3/resolver.proto";
+import "envoy/extensions/clusters/dns/v3/cluster.proto";
 
 import "google/protobuf/duration.proto";
 import "google/protobuf/wrappers.proto";
@@ -53,7 +53,7 @@ message DnsCacheConfig {
   // likely build a "happy eyeballs" connection pool which would race the primary / fall back
   // address and return the one that wins. This same method could potentially also be used for
   // QUIC to TCP fall back.]
-  config.cluster.v3.Cluster.DnsLookupFamily dns_lookup_family = 2
+  clusters.dns.v3.DnsConfig.DnsLookupFamily dns_lookup_family = 2
       [(validate.rules).enum = {defined_only: true}];
 
   // The DNS refresh rate for unresolved DNS hosts. If not specified defaults to 60s.
@@ -97,7 +97,7 @@ message DnsCacheConfig {
   // If the DNS failure refresh rate is specified,
   // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is
   // not specified, the failure refresh rate defaults to the dns_refresh_rate.
-  config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6;
+  clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 6;
 
   // The config of circuit breakers for resolver. It provides a configurable threshold.
   // Envoy will use dns cache circuit breakers with default settings even if this value is not set.
diff --git a/api/versioning/BUILD b/api/versioning/BUILD
index bfc572f7f3bd..03227425b471 100644
--- a/api/versioning/BUILD
+++ b/api/versioning/BUILD
@@ -75,6 +75,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",
         "//envoy/extensions/common/async_files/v3:pkg",
diff --git a/source/common/common/dns_utils.cc b/source/common/common/dns_utils.cc
index f13531396427..da02da460a20 100644
--- a/source/common/common/dns_utils.cc
+++ b/source/common/common/dns_utils.cc
@@ -12,19 +12,19 @@ getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster
   return getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
 }
 
-Network::DnsLookupFamily
-getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
+Network::DnsLookupFamily getDnsLookupFamilyFromEnum(
+    envoy::extensions::clusters::dns::v3::DnsConfig::DnsLookupFamily family) {
   switch (family) {
     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
-  case envoy::config::cluster::v3::Cluster::V6_ONLY:
+  case envoy::extensions::clusters::dns::v3::DnsConfig::V6_ONLY:
     return Network::DnsLookupFamily::V6Only;
-  case envoy::config::cluster::v3::Cluster::V4_ONLY:
+  case envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY:
     return Network::DnsLookupFamily::V4Only;
-  case envoy::config::cluster::v3::Cluster::AUTO:
+  case envoy::extensions::clusters::dns::v3::DnsConfig::AUTO:
     return Network::DnsLookupFamily::Auto;
-  case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
+  case envoy::extensions::clusters::dns::v3::DnsConfig::V4_PREFERRED:
     return Network::DnsLookupFamily::V4Preferred;
-  case envoy::config::cluster::v3::Cluster::ALL:
+  case envoy::extensions::clusters::dns::v3::DnsConfig::ALL:
     return Network::DnsLookupFamily::All;
   }
   IS_ENVOY_BUG("unexpected dns lookup family enum");
diff --git a/source/common/common/dns_utils.h b/source/common/common/dns_utils.h
index 869a91d2a236..77060bd21785 100644
--- a/source/common/common/dns_utils.h
+++ b/source/common/common/dns_utils.h
@@ -12,7 +12,7 @@ namespace DnsUtils {
 Network::DnsLookupFamily
 getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster);
 Network::DnsLookupFamily
-getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family);
+getDnsLookupFamilyFromEnum(envoy::extensions::clusters::dns::v3::DnsConfig::DnsLookupFamily family);
 
 // Generates a list of InstanceConstSharedPtr from the DNS responses provided.
 std::vector<Network::Address::InstanceConstSharedPtr>
diff --git a/source/common/network/dns_resolver/dns_factory_util.cc b/source/common/network/dns_resolver/dns_factory_util.cc
index c66a82374fbf..3b7c46f4129e 100644
--- a/source/common/network/dns_resolver/dns_factory_util.cc
+++ b/source/common/network/dns_resolver/dns_factory_util.cc
@@ -46,6 +46,12 @@ bool tryUseAppleApiForDnsLookups(
   return false;
 }
 
+bool checkDnsResolutionConfigExist(
+    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+    [[maybe_unused]] envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+  return false;
+}
+
 // Overloading the template function for DnsFilterConfig type, which doesn't need to copy anything.
 void handleLegacyDnsResolverData(
     const envoy::extensions::filters::udp::dns_filter::v3::DnsFilterConfig::ClientContextConfig&,
@@ -53,6 +59,14 @@ void handleLegacyDnsResolverData(
   makeDefaultCaresDnsResolverConfig(typed_dns_resolver_config);
 }
 
+void handleLegacyDnsResolverData(
+    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig config,
+    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+  envoy::extensions::network::dns_resolver::cares::v3::CaresDnsResolverConfig cares;
+  typed_dns_resolver_config.mutable_typed_config()->PackFrom(cares);
+  typed_dns_resolver_config.set_name(std::string(CaresDnsResolver));
+}
+
 // Overloading the template function for Cluster config type, which need to copy
 // both use_tcp_for_dns_lookups and dns_resolvers.
 void handleLegacyDnsResolverData(
diff --git a/source/common/network/dns_resolver/dns_factory_util.h b/source/common/network/dns_resolver/dns_factory_util.h
index 2e07c4ded47b..6b3cbb499ee5 100644
--- a/source/common/network/dns_resolver/dns_factory_util.h
+++ b/source/common/network/dns_resolver/dns_factory_util.h
@@ -61,6 +61,11 @@ bool checkDnsResolutionConfigExist(
   return false;
 }
 
+// Overloading the template funciton for DnsConfig because DnsConfig has no dns_resolution_config.
+bool checkDnsResolutionConfigExist(
+    const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
+
 // For backward compatibility, copy over use_tcp_for_dns_lookups from config, and create
 // a CaresDnsResolverConfig typed config. This logic fit for bootstrap, and dns_cache config types.
 template <class ConfigType>
@@ -85,6 +90,11 @@ void handleLegacyDnsResolverData(
     const envoy::config::cluster::v3::Cluster& config,
     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
 
+// Overloading the template function for Dns cluster config type, which doesn't copy anything
+void handleLegacyDnsResolverData(
+    const envoy::extensions::clusters::dns::v3::DnsConfig config,
+    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
+
 // Make typed_dns_resolver_config from the passed @param config.
 template <class ConfigType>
 envoy::config::core::v3::TypedExtensionConfig makeDnsResolverConfig(const ConfigType& config) {
diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc
index a4324b8d472d..11a6ee060882 100644
--- a/source/common/upstream/cluster_factory_impl.cc
+++ b/source/common/upstream/cluster_factory_impl.cc
@@ -74,6 +74,16 @@ ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Clus
   // where 'dns_resolvers' is specified, we have per-cluster DNS
   // resolvers that are created here but ownership resides with
   // StrictDnsClusterImpl/LogicalDnsCluster.
+  if ((cluster.has_dns_config() && cluster.dns_config().has_typed_dns_resolver_config() &&
+       !(cluster.dns_config().typed_dns_resolver_config().typed_config().type_url().empty()))) {
+    envoy::config::core::v3::TypedExtensionConfig typed_dns_resolver_config;
+    Network::DnsResolverFactory& dns_resolver_factory =
+        Network::createDnsResolverFactoryFromProto(cluster.dns_config(), typed_dns_resolver_config);
+    auto& server_context = context.serverFactoryContext();
+    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
+                                                  server_context.api(), typed_dns_resolver_config);
+  }
+
   if ((cluster.has_typed_dns_resolver_config() &&
        !(cluster.typed_dns_resolver_config().typed_config().type_url().empty())) ||
       (cluster.has_dns_resolution_config() &&
diff --git a/source/common/upstream/upstream_impl.cc b/source/common/upstream/upstream_impl.cc
index 195d2ba59acc..6a99595c4574 100644
--- a/source/common/upstream/upstream_impl.cc
+++ b/source/common/upstream/upstream_impl.cc
@@ -2518,6 +2518,10 @@ bool BaseDynamicClusterImpl::updateDynamicHostList(
 
 Network::DnsLookupFamily
 getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster) {
+  // if (cluster.has_dns_config() && cluster.dns_config().dns_lookup_family() !=
+  //                                     envoy::extensions::clusters::dns::v3::DnsConfig::AUTO) {
+  //   return DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_config().dns_lookup_family());
+  // }
   return DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
 }
 
diff --git a/source/extensions/clusters/strict_dns/BUILD b/source/extensions/clusters/strict_dns/BUILD
index 72fdb583d55b..5e05d8dd8ce9 100644
--- a/source/extensions/clusters/strict_dns/BUILD
+++ b/source/extensions/clusters/strict_dns/BUILD
@@ -15,6 +15,7 @@ envoy_cc_extension(
     # prevously considered core code.
     visibility = ["//visibility:public"],
     deps = [
+        "//source/common/common:dns_utils_lib",
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index b379ef1e890e..8990ee9f1c7c 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -7,6 +7,8 @@
 #include "envoy/config/endpoint/v3/endpoint.pb.h"
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 
+#include "source/common/common/dns_utils.h"
+
 namespace Envoy {
 namespace Upstream {
 
@@ -28,16 +30,55 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(const envoy::config::cluster::v3::Clu
                                            absl::Status& creation_status)
     : BaseDynamicClusterImpl(cluster, context, creation_status),
       load_assignment_(cluster.load_assignment()),
-      local_info_(context.serverFactoryContext().localInfo()), dns_resolver_(dns_resolver),
-      dns_refresh_rate_ms_(
-          std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000))),
-      dns_jitter_ms_(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_jitter, 0)),
-      respect_dns_ttl_(cluster.respect_dns_ttl()) {
-  failure_backoff_strategy_ =
-      Config::Utility::prepareDnsRefreshStrategy<envoy::config::cluster::v3::Cluster>(
-          cluster, dns_refresh_rate_ms_.count(),
-          context.serverFactoryContext().api().randomGenerator());
+      local_info_(context.serverFactoryContext().localInfo()), dns_resolver_(dns_resolver) {
+  if (cluster.has_dns_config()) {
+    if (cluster.has_dns_refresh_rate() /* deprecated */) {
+      throw EnvoyException("Only one of dns_refresh_rate or dns_config can be specified.");
+    }
+    if (cluster.has_dns_jitter() /* deprecated */) {
+      throw EnvoyException("Only one of dns_jitter or dns_config can be specified.");
+    }
+    if (cluster.has_typed_dns_resolver_config() /* deprecated */) {
+      throw EnvoyException(
+          "Only one of typed_dns_resolution_config or dns_config can be specified.");
+    }
+    if (cluster.dns_lookup_family() != envoy::extensions::clusters::dns::v3::DnsConfig::AUTO &&
+        cluster.dns_config().dns_lookup_family() !=
+            envoy::extensions::clusters::dns::v3::DnsConfig::AUTO /* deprecated */) {
+      throw EnvoyException("Only one of dns_lookup_family or dns_config can be specified.");
+    }
+    if (cluster.has_dns_refresh_rate() /* deprecated */) {
+      throw EnvoyException("Only one of dns_refresh_rate or dns_config can be specified.");
+    }
+    if (cluster.has_dns_failure_refresh_rate() /* deprecated */) {
+      throw EnvoyException("Only one of dns_failure_refresh_rate or dns_config can be specified.");
+    }
 
+    if (cluster.has_wait_for_warm_on_init() /* deprecated */) {
+      throw EnvoyException("Only one of wait_for_warm_on_init or dns_config can be specified.");
+    }
+    dns_refresh_rate_ms_ = std::chrono::milliseconds(
+        PROTOBUF_GET_MS_OR_DEFAULT(cluster.dns_config(), dns_refresh_rate, 5000));
+    dns_jitter_ms_ =
+        std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster.dns_config(), dns_jitter, 0));
+    dns_lookup_family_ =
+        DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_config().dns_lookup_family());
+    respect_dns_ttl_ = cluster.dns_config().respect_dns_ttl();
+    failure_backoff_strategy_ =
+        Config::Utility::prepareDnsRefreshStrategy<envoy::extensions::clusters::dns::v3::DnsConfig>(
+            cluster.dns_config(), dns_refresh_rate_ms_.count(),
+            context.serverFactoryContext().api().randomGenerator());
+  } else {
+    dns_refresh_rate_ms_ =
+        std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000));
+    dns_jitter_ms_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_jitter, 0));
+    dns_lookup_family_ = DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
+    respect_dns_ttl_ = cluster.respect_dns_ttl();
+    failure_backoff_strategy_ =
+        Config::Utility::prepareDnsRefreshStrategy<envoy::config::cluster::v3::Cluster>(
+            cluster, dns_refresh_rate_ms_.count(),
+            context.serverFactoryContext().api().randomGenerator());
+  }
   std::list<ResolveTargetPtr> resolve_targets;
   const auto& locality_lb_endpoints = load_assignment_.endpoints();
   for (const auto& locality_lb_endpoint : locality_lb_endpoints) {
@@ -55,7 +96,6 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(const envoy::config::cluster::v3::Clu
     }
   }
   resolve_targets_ = std::move(resolve_targets);
-  dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster);
 
   overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(
       load_assignment_.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor);
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 72b4070e5a85..91b4476fe198 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -68,10 +68,10 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
   const LocalInfo::LocalInfo& local_info_;
   Network::DnsResolverSharedPtr dns_resolver_;
   std::list<ResolveTargetPtr> resolve_targets_;
-  const std::chrono::milliseconds dns_refresh_rate_ms_;
-  const std::chrono::milliseconds dns_jitter_ms_;
+  std::chrono::milliseconds dns_refresh_rate_ms_;
+  std::chrono::milliseconds dns_jitter_ms_;
   BackOffStrategyPtr failure_backoff_strategy_;
-  const bool respect_dns_ttl_;
+  bool respect_dns_ttl_;
   Network::DnsLookupFamily dns_lookup_family_;
   uint32_t overprovisioning_factor_;
   bool weighted_priority_health_;
diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index 66beadcdd2cd..4f64c8baabb8 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -85,7 +85,7 @@ TEST_P(LogicalHostIntegrationTest, LogicalDNSRaceCrashTest) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::LOGICAL_DNS);
-    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
+    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
     // Make the refresh rate fast to hit the R/W race.
     cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
   });
diff --git a/test/extensions/clusters/redis/redis_cluster_integration_test.cc b/test/extensions/clusters/redis/redis_cluster_integration_test.cc
index a2ea2415615e..8400e5e04f51 100644
--- a/test/extensions/clusters/redis/redis_cluster_integration_test.cc
+++ b/test/extensions/clusters/redis/redis_cluster_integration_test.cc
@@ -159,7 +159,7 @@ class RedisClusterIntegrationTest : public testing::TestWithParam<Network::Addre
       uint32_t upstream_idx = 0;
       auto* cluster_0 = bootstrap.mutable_static_resources()->mutable_clusters(0);
       if (version_ == Network::Address::IpVersion::v4) {
-        cluster_0->set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
+        cluster_0->set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
       }
       for (int j = 0; j < cluster_0->load_assignment().endpoints_size(); ++j) {
         auto locality_lb = cluster_0->mutable_load_assignment()->mutable_endpoints(j);
diff --git a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
index 2d3dfce1d955..8e6fc048b4e8 100644
--- a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
+++ b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
@@ -43,7 +43,7 @@ class DnsCacheImplTest : public testing::Test, public Event::TestUsingSimulatedT
       std::vector<std::pair<std::string /*host*/, uint32_t /*port*/>> preresolve_hostnames = {},
       uint32_t max_hosts = 1024) {
     config_.set_name("foo");
-    config_.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
+    config_.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
     config_.mutable_max_hosts()->set_value(max_hosts);
     if (!preresolve_hostnames.empty()) {
       for (const auto& [host, port] : preresolve_hostnames) {
@@ -1516,7 +1516,7 @@ TEST(DnsCacheManagerImplTest, LoadViaConfig) {
 
   envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config4;
   config4.set_name("foo");
-  config4.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V6_ONLY);
+  config4.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
   EXPECT_EQ(cache_manager.getCache(config4).status().message(),
             "config specified DNS cache 'foo' with different settings");
 }
diff --git a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
index 5bb5ea66e488..dc2be25f4fce 100644
--- a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
+++ b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
@@ -93,10 +93,9 @@ name: stream-info-to-headers-filter
         Protobuf::util::TimeUtil::MillisecondsToDuration(5000));
     cluster_.set_name("cluster_0");
     cluster_.set_lb_policy(envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED);
-    cluster_.set_dns_lookup_family(
-        GetParam() == Network::Address::IpVersion::v4
-            ? envoy::config::cluster::v3::Cluster_DnsLookupFamily::Cluster_DnsLookupFamily_V4_ONLY
-            : envoy::config::cluster::v3::Cluster_DnsLookupFamily::Cluster_DnsLookupFamily_V6_ONLY);
+    cluster_.set_dns_lookup_family(GetParam() == Network::Address::IpVersion::v4
+                                       ? envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY
+                                       : envoy::extensions::clusters::dns::v3::DnsConfig::V6_ONLY);
 
     protocol_options_.mutable_upstream_http_protocol_options()->set_auto_sni(true);
     if (!override_auto_sni_header.empty()) {
diff --git a/test/integration/protocol_integration_test.cc b/test/integration/protocol_integration_test.cc
index 921e5ba80925..bf8dea48a423 100644
--- a/test/integration/protocol_integration_test.cc
+++ b/test/integration/protocol_integration_test.cc
@@ -79,7 +79,7 @@ TEST_P(ProtocolIntegrationTest, LogicalDns) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::LOGICAL_DNS);
-    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
+    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
   });
   config_helper_.addConfigModifier(
       [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager&
@@ -101,7 +101,7 @@ TEST_P(ProtocolIntegrationTest, StrictDns) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::STRICT_DNS);
-    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
+    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
   });
   initialize();
   codec_client_ = makeHttpConnection(lookupPort("http"));

From 3917c63d05b94bfde26faafd7f4de6cc0382c86b Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 7 Oct 2024 16:12:33 -0400
Subject: [PATCH 02/46] Roll back incompatible API changes

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto | 33 ++++++++++++++++++-----
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index b997852caf29..e3e3d04103c4 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -13,7 +13,6 @@ import "envoy/config/core/v3/health_check.proto";
 import "envoy/config/core/v3/protocol.proto";
 import "envoy/config/core/v3/resolver.proto";
 import "envoy/config/endpoint/v3/endpoint.proto";
-import "envoy/extensions/clusters/dns/v3/cluster.proto";
 import "envoy/type/metadata/v3/metadata.proto";
 import "envoy/type/v3/percent.proto";
 
@@ -142,6 +141,13 @@ message Cluster {
   // this setting is
   // ignored.
   // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
+  enum DnsLookupFamily {
+    AUTO = 0;
+    V4_ONLY = 1;
+    V6_ONLY = 2;
+    V4_PREFERRED = 3;
+    ALL = 4;
+  }
 
   enum ClusterProtocolSelection {
     // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2).
@@ -672,6 +678,24 @@ message Cluster {
     core.v3.HealthStatusSet override_host_status = 8;
   }
 
+  message RefreshRate {
+    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
+
+    // Specifies the base interval between refreshes. This parameter is required and must be greater
+    // than zero and less than
+    // :ref:`max_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.max_interval>`.
+    google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
+      required: true
+      gt {nanos: 1000000}
+    }];
+
+    // Specifies the maximum interval between refreshes. This parameter is optional, but must be
+    // greater than or equal to the
+    // :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`  if set. The default
+    // is 10 times the :ref:`base_interval <envoy_v3_api_field_config.cluster.v3.Cluster.RefreshRate.base_interval>`.
+    google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
+  }
+
   message PreconnectPolicy {
     // Indicates how many streams (rounded up) can be anticipated per-upstream for each
     // incoming stream. This is useful for high-QPS or latency-sensitive services. Preconnecting
@@ -920,9 +944,6 @@ message Cluster {
   // [#next-major-version: make this a list of typed extensions.]
   map<string, google.protobuf.Any> typed_extension_protocol_options = 36;
 
-  // [#extension-category: envoy.clusters.dns]
-  envoy.extensions.clusters.dns.v3.DnsConfig dns_config = 59;
-
   // If the DNS refresh rate is specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
   // or :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
@@ -964,7 +985,7 @@ message Cluster {
   // ignored.
   // This field is deprecated in favor of ``dns_config``
   // which aggregates all of the DNS configuration in a single message.
-  envoy.extensions.clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 44
+  RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
@@ -978,7 +999,7 @@ message Cluster {
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  envoy.extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily dns_lookup_family = 17 [
+  DnsLookupFamily dns_lookup_family = 17 [
     deprecated = true,
     (validate.rules).enum = {defined_only: true},
     (envoy.annotations.deprecated_at_minor_version) = "3.0"

From fd255d0e772fe16ee237c2936bf71f502f6a9448 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 10 Oct 2024 16:01:30 -0400
Subject: [PATCH 03/46] Use cluster_type as extension point

* Also tests for strict dns

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../v3/{cluster.proto => dns_cluster.proto}   |  32 +++--
 .../common/dynamic_forward_proxy/v3/BUILD     |   2 +-
 .../dynamic_forward_proxy/v3/dns_cache.proto  |   6 +-
 source/common/common/dns_utils.cc             |  12 +-
 source/common/common/dns_utils.h              |   2 +-
 .../network/dns_resolver/dns_factory_util.cc  |  24 ++--
 .../network/dns_resolver/dns_factory_util.h   |  11 +-
 .../common/upstream/cluster_factory_impl.cc   |  26 ++--
 source/common/upstream/upstream_impl.cc       |   4 -
 source/extensions/clusters/common/BUILD       |  12 ++
 .../clusters/common/backcompat_dns.cc         |  43 +++++++
 .../clusters/common/backcompat_dns.h          |  13 ++
 source/extensions/clusters/logical_dns/BUILD  |   1 +
 .../logical_dns/logical_dns_cluster.cc        |  89 ++++++++------
 .../logical_dns/logical_dns_cluster.h         |  21 +++-
 source/extensions/clusters/strict_dns/BUILD   |   2 +-
 .../clusters/strict_dns/strict_dns_cluster.cc | 114 +++++++++---------
 .../clusters/strict_dns/strict_dns_cluster.h  |  29 +++--
 test/common/upstream/upstream_impl_test.cc    |  90 ++++++++++----
 .../common/logical_host_integration_test.cc   |   2 +-
 .../redis/redis_cluster_integration_test.cc   |   2 +-
 .../dns_cache_impl_test.cc                    |   4 +-
 .../proxy_filter_integration_test.cc          |   4 +-
 test/integration/protocol_integration_test.cc |   4 +-
 24 files changed, 342 insertions(+), 207 deletions(-)
 rename api/envoy/extensions/clusters/dns/v3/{cluster.proto => dns_cluster.proto} (89%)
 create mode 100644 source/extensions/clusters/common/backcompat_dns.cc
 create mode 100644 source/extensions/clusters/common/backcompat_dns.h

diff --git a/api/envoy/extensions/clusters/dns/v3/cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
similarity index 89%
rename from api/envoy/extensions/clusters/dns/v3/cluster.proto
rename to api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 699358fa939d..83199d8fdc75 100644
--- a/api/envoy/extensions/clusters/dns/v3/cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -16,19 +16,18 @@ import "udpa/annotations/versioning.proto";
 import "validate/validate.proto";
 
 option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
-option java_outer_classname = "ClusterProto";
+option java_outer_classname = "DnsClusterProto";
 option java_multiple_files = true;
 option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/dns/v3;dnsv3";
 option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // [#protodoc-title: DNS cluster configuration]
 
-// Configuration for the dynamic forward proxy cluster. See the :ref:`architecture overview
-// <arch_overview_http_dynamic_forward_proxy>` for more information.
-// [#extension: envoy.clusters.dns]
+// Configuration for strict and logical DNS clusters.
+// FIXME [#extension: envoy.clusters.dns]
 
 // [#next-free-field: 7]
-message DnsConfig {
+message DnsCluster {
   // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
   // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
   // only perform a lookup for addresses in the IPv6 family. If AUTO is
@@ -50,17 +49,16 @@ message DnsConfig {
   // this setting is
   // ignored.
   // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
-  enum DnsLookupFamily {
-    AUTO = 0;
-    V4_ONLY = 1;
-    V6_ONLY = 2;
-    V4_PREFERRED = 3;
-    ALL = 4;
-  }
+//  enum DnsLookupFamily {
+//    UNSPECIFIED = 0;
+//    AUTO = 1;
+//    V4_ONLY = 2;
+//    V6_ONLY = 3;
+//    V4_PREFERRED = 4;
+//    ALL = 5;
+//  }
 
   message RefreshRate {
-    option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster.RefreshRate";
-
     // Specifies the base interval between refreshes. This parameter is required and must be greater
     // than zero and less than
     // :ref:`max_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
@@ -88,12 +86,12 @@ message DnsConfig {
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  bool respect_dns_ttl = 3;
+  google.protobuf.BoolValue respect_dns_ttl = 3;
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
+  // DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
 
   // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
   // or any other DNS resolver types and the related parameters.
@@ -107,7 +105,7 @@ message DnsConfig {
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // [#extension-category: envoy.network.dns_resolver]
   // Fixme docs
-  config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 5;
+  // config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 5;
 
   // DNS jitter causes the cluster to refresh DNS entries later by a random amount of time to avoid a
   // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
index 23e700f178d9..a220c748ba7f 100644
--- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
+++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/BUILD
@@ -7,9 +7,9 @@ licenses(["notice"])  # Apache 2
 api_proto_package(
     deps = [
         "//envoy/annotations:pkg",
+        "//envoy/config/cluster/v3:pkg",
         "//envoy/config/common/key_value/v3:pkg",
         "//envoy/config/core/v3:pkg",
-        "//envoy/extensions/clusters/dns/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
     ],
 )
diff --git a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
index 4413e64d3406..eae3b8f74261 100644
--- a/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
+++ b/api/envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto
@@ -2,11 +2,11 @@ syntax = "proto3";
 
 package envoy.extensions.common.dynamic_forward_proxy.v3;
 
+import "envoy/config/cluster/v3/cluster.proto";
 import "envoy/config/common/key_value/v3/config.proto";
 import "envoy/config/core/v3/address.proto";
 import "envoy/config/core/v3/extension.proto";
 import "envoy/config/core/v3/resolver.proto";
-import "envoy/extensions/clusters/dns/v3/cluster.proto";
 
 import "google/protobuf/duration.proto";
 import "google/protobuf/wrappers.proto";
@@ -53,7 +53,7 @@ message DnsCacheConfig {
   // likely build a "happy eyeballs" connection pool which would race the primary / fall back
   // address and return the one that wins. This same method could potentially also be used for
   // QUIC to TCP fall back.]
-  clusters.dns.v3.DnsConfig.DnsLookupFamily dns_lookup_family = 2
+  config.cluster.v3.Cluster.DnsLookupFamily dns_lookup_family = 2
       [(validate.rules).enum = {defined_only: true}];
 
   // The DNS refresh rate for unresolved DNS hosts. If not specified defaults to 60s.
@@ -97,7 +97,7 @@ message DnsCacheConfig {
   // If the DNS failure refresh rate is specified,
   // this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is
   // not specified, the failure refresh rate defaults to the dns_refresh_rate.
-  clusters.dns.v3.DnsConfig.RefreshRate dns_failure_refresh_rate = 6;
+  config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6;
 
   // The config of circuit breakers for resolver. It provides a configurable threshold.
   // Envoy will use dns cache circuit breakers with default settings even if this value is not set.
diff --git a/source/common/common/dns_utils.cc b/source/common/common/dns_utils.cc
index da02da460a20..1570eff5daf5 100644
--- a/source/common/common/dns_utils.cc
+++ b/source/common/common/dns_utils.cc
@@ -13,18 +13,18 @@ getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster
 }
 
 Network::DnsLookupFamily getDnsLookupFamilyFromEnum(
-    envoy::extensions::clusters::dns::v3::DnsConfig::DnsLookupFamily family) {
+    envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
   switch (family) {
     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
-  case envoy::extensions::clusters::dns::v3::DnsConfig::V6_ONLY:
+  case envoy::config::cluster::v3::Cluster::V6_ONLY:
     return Network::DnsLookupFamily::V6Only;
-  case envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY:
+  case envoy::config::cluster::v3::Cluster::V4_ONLY:
     return Network::DnsLookupFamily::V4Only;
-  case envoy::extensions::clusters::dns::v3::DnsConfig::AUTO:
+  case envoy::config::cluster::v3::Cluster::AUTO:
     return Network::DnsLookupFamily::Auto;
-  case envoy::extensions::clusters::dns::v3::DnsConfig::V4_PREFERRED:
+  case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
     return Network::DnsLookupFamily::V4Preferred;
-  case envoy::extensions::clusters::dns::v3::DnsConfig::ALL:
+  case envoy::config::cluster::v3::Cluster::ALL:
     return Network::DnsLookupFamily::All;
   }
   IS_ENVOY_BUG("unexpected dns lookup family enum");
diff --git a/source/common/common/dns_utils.h b/source/common/common/dns_utils.h
index 77060bd21785..869a91d2a236 100644
--- a/source/common/common/dns_utils.h
+++ b/source/common/common/dns_utils.h
@@ -12,7 +12,7 @@ namespace DnsUtils {
 Network::DnsLookupFamily
 getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster);
 Network::DnsLookupFamily
-getDnsLookupFamilyFromEnum(envoy::extensions::clusters::dns::v3::DnsConfig::DnsLookupFamily family);
+getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family);
 
 // Generates a list of InstanceConstSharedPtr from the DNS responses provided.
 std::vector<Network::Address::InstanceConstSharedPtr>
diff --git a/source/common/network/dns_resolver/dns_factory_util.cc b/source/common/network/dns_resolver/dns_factory_util.cc
index 3b7c46f4129e..2e80505807f7 100644
--- a/source/common/network/dns_resolver/dns_factory_util.cc
+++ b/source/common/network/dns_resolver/dns_factory_util.cc
@@ -46,11 +46,11 @@ bool tryUseAppleApiForDnsLookups(
   return false;
 }
 
-bool checkDnsResolutionConfigExist(
-    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig& config,
-    [[maybe_unused]] envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
-  return false;
-}
+//bool checkDnsResolutionConfigExist(
+//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+//    [[maybe_unused]] envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+//  return false;
+//}
 
 // Overloading the template function for DnsFilterConfig type, which doesn't need to copy anything.
 void handleLegacyDnsResolverData(
@@ -59,13 +59,13 @@ void handleLegacyDnsResolverData(
   makeDefaultCaresDnsResolverConfig(typed_dns_resolver_config);
 }
 
-void handleLegacyDnsResolverData(
-    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig config,
-    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
-  envoy::extensions::network::dns_resolver::cares::v3::CaresDnsResolverConfig cares;
-  typed_dns_resolver_config.mutable_typed_config()->PackFrom(cares);
-  typed_dns_resolver_config.set_name(std::string(CaresDnsResolver));
-}
+//void handleLegacyDnsResolverData(
+//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig config,
+//    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
+//  envoy::extensions::network::dns_resolver::cares::v3::CaresDnsResolverConfig cares;
+//  typed_dns_resolver_config.mutable_typed_config()->PackFrom(cares);
+//  typed_dns_resolver_config.set_name(std::string(CaresDnsResolver));
+//}
 
 // Overloading the template function for Cluster config type, which need to copy
 // both use_tcp_for_dns_lookups and dns_resolvers.
diff --git a/source/common/network/dns_resolver/dns_factory_util.h b/source/common/network/dns_resolver/dns_factory_util.h
index 6b3cbb499ee5..6a8290a58774 100644
--- a/source/common/network/dns_resolver/dns_factory_util.h
+++ b/source/common/network/dns_resolver/dns_factory_util.h
@@ -62,9 +62,9 @@ bool checkDnsResolutionConfigExist(
 }
 
 // Overloading the template funciton for DnsConfig because DnsConfig has no dns_resolution_config.
-bool checkDnsResolutionConfigExist(
-    const envoy::extensions::clusters::dns::v3::DnsConfig& config,
-    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
+// bool checkDnsResolutionConfigExist(
+//     const envoy::extensions::clusters::dns::v3::DnsConfig& config,
+//     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
 
 // For backward compatibility, copy over use_tcp_for_dns_lookups from config, and create
 // a CaresDnsResolverConfig typed config. This logic fit for bootstrap, and dns_cache config types.
@@ -90,11 +90,6 @@ void handleLegacyDnsResolverData(
     const envoy::config::cluster::v3::Cluster& config,
     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
 
-// Overloading the template function for Dns cluster config type, which doesn't copy anything
-void handleLegacyDnsResolverData(
-    const envoy::extensions::clusters::dns::v3::DnsConfig config,
-    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
-
 // Make typed_dns_resolver_config from the passed @param config.
 template <class ConfigType>
 envoy::config::core::v3::TypedExtensionConfig makeDnsResolverConfig(const ConfigType& config) {
diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc
index 11a6ee060882..0e1b2978d790 100644
--- a/source/common/upstream/cluster_factory_impl.cc
+++ b/source/common/upstream/cluster_factory_impl.cc
@@ -65,24 +65,26 @@ ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluste
   return factory->create(cluster, context);
 }
 
-absl::StatusOr<Network::DnsResolverSharedPtr>
-ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
-                                          ClusterFactoryContext& context) {
+absl::StatusOr<Network::DnsResolverSharedPtr> ClusterFactoryImplBase::selectDnsResolver(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    ClusterFactoryContext& context) {
   // We make this a shared pointer to deal with the distinct ownership
   // scenarios that can exist: in one case, we pass in the "default"
   // DNS resolver that is owned by the Server::Instance. In the case
   // where 'dns_resolvers' is specified, we have per-cluster DNS
   // resolvers that are created here but ownership resides with
   // StrictDnsClusterImpl/LogicalDnsCluster.
-  if ((cluster.has_dns_config() && cluster.dns_config().has_typed_dns_resolver_config() &&
-       !(cluster.dns_config().typed_dns_resolver_config().typed_config().type_url().empty()))) {
-    envoy::config::core::v3::TypedExtensionConfig typed_dns_resolver_config;
-    Network::DnsResolverFactory& dns_resolver_factory =
-        Network::createDnsResolverFactoryFromProto(cluster.dns_config(), typed_dns_resolver_config);
-    auto& server_context = context.serverFactoryContext();
-    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
-                                                  server_context.api(), typed_dns_resolver_config);
-  }
+  // if ((cluster.has_dns_config() && cluster.dns_config().has_typed_dns_resolver_config() &&
+  //     !(cluster.dns_config().typed_dns_resolver_config().typed_config().type_url().empty()))) {
+  //  envoy::config::core::v3::TypedExtensionConfig typed_dns_resolver_config;
+  //  Network::DnsResolverFactory& dns_resolver_factory =
+  //      Network::createDnsResolverFactoryFromProto(cluster.dns_config(),
+  //      typed_dns_resolver_config);
+  //  auto& server_context = context.serverFactoryContext();
+  //  return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
+  //                                                server_context.api(),
+  //                                                typed_dns_resolver_config);
+  //}
 
   if ((cluster.has_typed_dns_resolver_config() &&
        !(cluster.typed_dns_resolver_config().typed_config().type_url().empty())) ||
diff --git a/source/common/upstream/upstream_impl.cc b/source/common/upstream/upstream_impl.cc
index 2c5860e9321b..1dafc23d65b8 100644
--- a/source/common/upstream/upstream_impl.cc
+++ b/source/common/upstream/upstream_impl.cc
@@ -2554,10 +2554,6 @@ bool BaseDynamicClusterImpl::updateDynamicHostList(
 
 Network::DnsLookupFamily
 getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster) {
-  // if (cluster.has_dns_config() && cluster.dns_config().dns_lookup_family() !=
-  //                                     envoy::extensions::clusters::dns::v3::DnsConfig::AUTO) {
-  //   return DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_config().dns_lookup_family());
-  // }
   return DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
 }
 
diff --git a/source/extensions/clusters/common/BUILD b/source/extensions/clusters/common/BUILD
index cf520569c34b..f2ac13e0e1fe 100644
--- a/source/extensions/clusters/common/BUILD
+++ b/source/extensions/clusters/common/BUILD
@@ -18,3 +18,15 @@ envoy_cc_library(
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
     ],
 )
+
+envoy_cc_library(
+    name = "backcompat_dns_lib",
+    srcs = ["backcompat_dns.cc"],
+    hdrs = ["backcompat_dns.h"],
+    deps = [
+        "//source/common/upstream:cluster_factory_includes",
+        "//source/common/upstream:upstream_includes",
+        "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
+        "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+    ],
+)
diff --git a/source/extensions/clusters/common/backcompat_dns.cc b/source/extensions/clusters/common/backcompat_dns.cc
new file mode 100644
index 000000000000..9a6afbe5a4ea
--- /dev/null
+++ b/source/extensions/clusters/common/backcompat_dns.cc
@@ -0,0 +1,43 @@
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
+
+namespace Envoy {
+namespace Upstream {
+
+void mergeClusterAndProtoConfig(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config) {
+
+  if (cluster.has_dns_refresh_rate() && !new_proto_config.has_dns_refresh_rate()) {
+    new_proto_config.mutable_dns_refresh_rate()->CopyFrom(cluster.dns_refresh_rate());
+  }
+
+  if (cluster.has_dns_failure_refresh_rate() && !new_proto_config.has_dns_failure_refresh_rate()) {
+    auto* new_refresh_rate = new_proto_config.mutable_dns_failure_refresh_rate();
+    const auto& old_refresh_rate = cluster.dns_failure_refresh_rate();
+    new_refresh_rate->mutable_max_interval()->CopyFrom(old_refresh_rate.max_interval());
+    new_refresh_rate->mutable_base_interval()->CopyFrom(old_refresh_rate.base_interval());
+  }
+
+  if (!new_proto_config.has_respect_dns_ttl()) {
+    new_proto_config.mutable_respect_dns_ttl()->set_value(cluster.respect_dns_ttl());
+  }
+
+  // if (new_proto_config.dns_lookup_family() ==
+  //     envoy::extensions::clusters::dns::v3::DnsCluster::UNSPECIFIED) {
+  //   new_proto_config.set_dns_lookup_family(translateLookupFamily(cluster.dns_lookup_family()));
+  // }
+
+  // if (cluster.has_typed_dns_resolver_config() &&
+  //     !new_proto_config.has_typed_dns_resolver_config()) {
+  //   new_proto_config.mutable_typed_dns_resolver_config()->CopyFrom(
+  //       cluster.typed_dns_resolver_config());
+  // }
+
+  if (cluster.has_dns_jitter() && !new_proto_config.has_dns_jitter()) {
+    new_proto_config.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
+  }
+}
+} // namespace Upstream
+} // namespace Envoy
diff --git a/source/extensions/clusters/common/backcompat_dns.h b/source/extensions/clusters/common/backcompat_dns.h
new file mode 100644
index 000000000000..4ebea7739baa
--- /dev/null
+++ b/source/extensions/clusters/common/backcompat_dns.h
@@ -0,0 +1,13 @@
+#pragma once
+
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+
+namespace Envoy {
+namespace Upstream {
+
+void mergeClusterAndProtoConfig(const envoy::config::cluster::v3::Cluster& cluster,
+                                envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
+
+}
+} // namespace Envoy
diff --git a/source/extensions/clusters/logical_dns/BUILD b/source/extensions/clusters/logical_dns/BUILD
index fe4b358b31a2..8230144962d4 100644
--- a/source/extensions/clusters/logical_dns/BUILD
+++ b/source/extensions/clusters/logical_dns/BUILD
@@ -25,6 +25,7 @@ envoy_cc_extension(
         "//source/common/protobuf:utility_lib",
         "//source/common/upstream:cluster_factory_lib",
         "//source/common/upstream:upstream_includes",
+        "//source/extensions/clusters/common:backcompat_dns_lib",
         "//source/extensions/clusters/common:logical_host_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index ef3d443af702..8ed757c202c3 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -1,4 +1,5 @@
 #include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
 
 #include <chrono>
 #include <list>
@@ -10,6 +11,7 @@
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/config/core/v3/address.pb.h"
 #include "envoy/config/endpoint/v3/endpoint.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 #include "envoy/stats/scope.h"
 
 #include "source/common/common/dns_utils.h"
@@ -44,15 +46,52 @@ convertPriority(const envoy::config::endpoint::v3::ClusterLoadAssignment& load_a
 }
 } // namespace
 
-LogicalDnsCluster::LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster,
-                                     ClusterFactoryContext& context,
-                                     Network::DnsResolverSharedPtr dns_resolver,
-                                     absl::Status& creation_status)
+absl::StatusOr<std::unique_ptr<LogicalDnsCluster>>
+LogicalDnsCluster::create(const envoy::config::cluster::v3::Cluster& cluster,
+                          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+                          ClusterFactoryContext& context,
+                          Network::DnsResolverSharedPtr dns_resolver) {
+
+  envoy::extensions::clusters::dns::v3::DnsCluster new_proto_config{};
+  new_proto_config.MergeFrom(dns_cluster);
+  mergeClusterAndProtoConfig(cluster, new_proto_config);
+
+  const auto& load_assignment = cluster.load_assignment();
+  const auto& locality_lb_endpoints = load_assignment.endpoints();
+  if (locality_lb_endpoints.size() != 1 || locality_lb_endpoints[0].lb_endpoints().size() != 1) {
+    if (cluster.has_load_assignment()) {
+      return absl::InvalidArgumentError(
+          "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+    } else {
+      return absl::InvalidArgumentError("LOGICAL_DNS clusters must have a single host");
+    }
+  }
+
+  const envoy::config::core::v3::SocketAddress& socket_address =
+      locality_lb_endpoints[0].lb_endpoints()[0].endpoint().address().socket_address();
+  if (!socket_address.resolver_name().empty()) {
+    return absl::InvalidArgumentError(
+        "LOGICAL_DNS clusters must NOT have a custom resolver name set");
+  }
+
+  absl::Status creation_status = absl::OkStatus();
+  auto ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
+      cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
+  RETURN_IF_NOT_OK(creation_status);
+  return ret;
+}
+
+LogicalDnsCluster::LogicalDnsCluster(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+    ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver,
+    absl::Status& creation_status)
     : ClusterImplBase(cluster, context, creation_status), dns_resolver_(dns_resolver),
-      dns_refresh_rate_ms_(
-          std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000))),
-      dns_jitter_ms_(std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_jitter, 0))),
-      respect_dns_ttl_(cluster.respect_dns_ttl()),
+      dns_refresh_rate_ms_(std::chrono::milliseconds(
+          PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
+      dns_jitter_ms_(
+          std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0))),
+      respect_dns_ttl_(dns_cluster.respect_dns_ttl().value()),
       resolve_timer_(context.serverFactoryContext().mainThreadDispatcher().createTimer(
           [this]() -> void { startResolve(); })),
       local_info_(context.serverFactoryContext().localInfo()),
@@ -169,36 +208,18 @@ void LogicalDnsCluster::startResolve() {
 }
 
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-LogicalDnsClusterFactory::createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                                            ClusterFactoryContext& context) {
+LogicalDnsClusterFactory::createClusterWithConfig(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+    ClusterFactoryContext& context) {
   auto dns_resolver_or_error = selectDnsResolver(cluster, context);
   THROW_IF_NOT_OK(dns_resolver_or_error.status());
 
-  const auto& load_assignment = cluster.load_assignment();
-  const auto& locality_lb_endpoints = load_assignment.endpoints();
-  if (locality_lb_endpoints.size() != 1 || locality_lb_endpoints[0].lb_endpoints().size() != 1) {
-    if (cluster.has_load_assignment()) {
-      return absl::InvalidArgumentError(
-          "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
-    } else {
-      return absl::InvalidArgumentError("LOGICAL_DNS clusters must have a single host");
-    }
-  }
-
-  const envoy::config::core::v3::SocketAddress& socket_address =
-      locality_lb_endpoints[0].lb_endpoints()[0].endpoint().address().socket_address();
-  if (!socket_address.resolver_name().empty()) {
-    return absl::InvalidArgumentError(
-        "LOGICAL_DNS clusters must NOT have a custom resolver name set");
-  }
+  auto cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
+                                                       std::move(dns_resolver_or_error.value()));
+  return std::make_pair(std::shared_ptr<LogicalDnsCluster>(std::move(*cluster_or_error)),
+                        nullptr);
 
-  absl::Status creation_status = absl::OkStatus();
-  auto ret = std::make_pair(
-      std::shared_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
-          cluster, context, std::move(dns_resolver_or_error.value()), creation_status)),
-      nullptr);
-  RETURN_IF_NOT_OK(creation_status);
-  return ret;
 }
 
 /**
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 8522af08edd8..78106edd7488 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -8,6 +8,9 @@
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/config/endpoint/v3/endpoint.pb.h"
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.validate.h"
+
 #include "envoy/stats/scope.h"
 
 #include "source/common/common/empty_string.h"
@@ -38,11 +41,18 @@ class LogicalDnsCluster : public ClusterImplBase {
 public:
   ~LogicalDnsCluster() override;
 
+  absl::StatusOr<std::unique_ptr<LogicalDnsCluster>>
+  static create(const envoy::config::cluster::v3::Cluster& cluster,
+        const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+        ClusterFactoryContext& context,
+        Network::DnsResolverSharedPtr dns_resolver);
+
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
 
 protected:
   LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster,
+                    const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
                     ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver,
                     absl::Status& creation_status);
 
@@ -85,15 +95,18 @@ class LogicalDnsCluster : public ClusterImplBase {
   const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_;
 };
 
-class LogicalDnsClusterFactory : public ClusterFactoryImplBase {
+class LogicalDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
+                                     envoy::extensions::clusters::dns::v3::DnsCluster> {
 public:
-  LogicalDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.logical_dns") {}
+  LogicalDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.logical_dns") {}
+
 
 private:
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-  createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                    ClusterFactoryContext& context) override;
+  createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
+                          const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+                          Upstream::ClusterFactoryContext& context) override;
 };
 
 DECLARE_FACTORY(LogicalDnsClusterFactory);
diff --git a/source/extensions/clusters/strict_dns/BUILD b/source/extensions/clusters/strict_dns/BUILD
index 5e05d8dd8ce9..6cb6e498ff07 100644
--- a/source/extensions/clusters/strict_dns/BUILD
+++ b/source/extensions/clusters/strict_dns/BUILD
@@ -15,9 +15,9 @@ envoy_cc_extension(
     # prevously considered core code.
     visibility = ["//visibility:public"],
     deps = [
-        "//source/common/common:dns_utils_lib",
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
+        "//source/extensions/clusters/common:backcompat_dns_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
     ],
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index 8990ee9f1c7c..14bef0d814e0 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -1,4 +1,5 @@
 #include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
 
 #include <chrono>
 
@@ -6,79 +7,47 @@
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/config/endpoint/v3/endpoint.pb.h"
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
-
-#include "source/common/common/dns_utils.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
 namespace Envoy {
 namespace Upstream {
 
 absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
 StrictDnsClusterImpl::create(const envoy::config::cluster::v3::Cluster& cluster,
+                             const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
                              ClusterFactoryContext& context,
                              Network::DnsResolverSharedPtr dns_resolver) {
   absl::Status creation_status = absl::OkStatus();
+
+  // do we need to make a non-const copy?
+  envoy::extensions::clusters::dns::v3::DnsCluster merged_dns_cluster{};
+  merged_dns_cluster.MergeFrom(dns_cluster);
+  mergeClusterAndProtoConfig(cluster, merged_dns_cluster);
+
+
   auto ret = std::unique_ptr<StrictDnsClusterImpl>(
-      new StrictDnsClusterImpl(cluster, context, dns_resolver, creation_status));
+      new StrictDnsClusterImpl(cluster, merged_dns_cluster, context, dns_resolver, creation_status));
 
   RETURN_IF_NOT_OK(creation_status);
   return ret;
 }
 
-StrictDnsClusterImpl::StrictDnsClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                                           ClusterFactoryContext& context,
-                                           Network::DnsResolverSharedPtr dns_resolver,
-                                           absl::Status& creation_status)
+StrictDnsClusterImpl::StrictDnsClusterImpl(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+    ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver,
+    absl::Status& creation_status)
     : BaseDynamicClusterImpl(cluster, context, creation_status),
       load_assignment_(cluster.load_assignment()),
-      local_info_(context.serverFactoryContext().localInfo()), dns_resolver_(dns_resolver) {
-  if (cluster.has_dns_config()) {
-    if (cluster.has_dns_refresh_rate() /* deprecated */) {
-      throw EnvoyException("Only one of dns_refresh_rate or dns_config can be specified.");
-    }
-    if (cluster.has_dns_jitter() /* deprecated */) {
-      throw EnvoyException("Only one of dns_jitter or dns_config can be specified.");
-    }
-    if (cluster.has_typed_dns_resolver_config() /* deprecated */) {
-      throw EnvoyException(
-          "Only one of typed_dns_resolution_config or dns_config can be specified.");
-    }
-    if (cluster.dns_lookup_family() != envoy::extensions::clusters::dns::v3::DnsConfig::AUTO &&
-        cluster.dns_config().dns_lookup_family() !=
-            envoy::extensions::clusters::dns::v3::DnsConfig::AUTO /* deprecated */) {
-      throw EnvoyException("Only one of dns_lookup_family or dns_config can be specified.");
-    }
-    if (cluster.has_dns_refresh_rate() /* deprecated */) {
-      throw EnvoyException("Only one of dns_refresh_rate or dns_config can be specified.");
-    }
-    if (cluster.has_dns_failure_refresh_rate() /* deprecated */) {
-      throw EnvoyException("Only one of dns_failure_refresh_rate or dns_config can be specified.");
-    }
+      local_info_(context.serverFactoryContext().localInfo()), dns_resolver_(dns_resolver),
+      dns_refresh_rate_ms_(std::chrono::milliseconds(
+          PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
+      dns_jitter_ms_(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0)),
+      respect_dns_ttl_(dns_cluster.respect_dns_ttl().value()) {
+  failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy(
+      dns_cluster, dns_refresh_rate_ms_.count(),
+      context.serverFactoryContext().api().randomGenerator());
 
-    if (cluster.has_wait_for_warm_on_init() /* deprecated */) {
-      throw EnvoyException("Only one of wait_for_warm_on_init or dns_config can be specified.");
-    }
-    dns_refresh_rate_ms_ = std::chrono::milliseconds(
-        PROTOBUF_GET_MS_OR_DEFAULT(cluster.dns_config(), dns_refresh_rate, 5000));
-    dns_jitter_ms_ =
-        std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster.dns_config(), dns_jitter, 0));
-    dns_lookup_family_ =
-        DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_config().dns_lookup_family());
-    respect_dns_ttl_ = cluster.dns_config().respect_dns_ttl();
-    failure_backoff_strategy_ =
-        Config::Utility::prepareDnsRefreshStrategy<envoy::extensions::clusters::dns::v3::DnsConfig>(
-            cluster.dns_config(), dns_refresh_rate_ms_.count(),
-            context.serverFactoryContext().api().randomGenerator());
-  } else {
-    dns_refresh_rate_ms_ =
-        std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_refresh_rate, 5000));
-    dns_jitter_ms_ = std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(cluster, dns_jitter, 0));
-    dns_lookup_family_ = DnsUtils::getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
-    respect_dns_ttl_ = cluster.respect_dns_ttl();
-    failure_backoff_strategy_ =
-        Config::Utility::prepareDnsRefreshStrategy<envoy::config::cluster::v3::Cluster>(
-            cluster, dns_refresh_rate_ms_.count(),
-            context.serverFactoryContext().api().randomGenerator());
-  }
   std::list<ResolveTargetPtr> resolve_targets;
   const auto& locality_lb_endpoints = load_assignment_.endpoints();
   for (const auto& locality_lb_endpoint : locality_lb_endpoints) {
@@ -96,6 +65,7 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(const envoy::config::cluster::v3::Clu
     }
   }
   resolve_targets_ = std::move(resolve_targets);
+  dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster);
 
   overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(
       load_assignment_.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor);
@@ -257,14 +227,38 @@ void StrictDnsClusterImpl::ResolveTarget::startResolve() {
       });
 }
 
+// envoy::extensions::clusters::dns::v3::DnsCluster::DnsLookupFamily
+// translateLookupFamily(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
+//   switch (family) {
+//     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
+//   case envoy::config::cluster::v3::Cluster::AUTO:
+//     return envoy::extensions::clusters::dns::v3::DnsCluster::AUTO;
+//   case envoy::config::cluster::v3::Cluster::V4_ONLY:
+//     return envoy::extensions::clusters::dns::v3::DnsCluster::V4_ONLY;
+//   case envoy::config::cluster::v3::Cluster::V6_ONLY:
+//     return envoy::extensions::clusters::dns::v3::DnsCluster::V6_ONLY;
+//   case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
+//     return envoy::extensions::clusters::dns::v3::DnsCluster::V4_PREFERRED;
+//   case envoy::config::cluster::v3::Cluster::ALL:
+//     return envoy::extensions::clusters::dns::v3::DnsCluster::ALL;
+//   }
+//   IS_ENVOY_BUG("unexpected dns lookup family enum");
+//   return envoy::extensions::clusters::dns::v3::DnsCluster::ALL;
+// }
+
+// Fixme naming
+
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-StrictDnsClusterFactory::createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                                           ClusterFactoryContext& context) {
+StrictDnsClusterFactory::createClusterWithConfig(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+    Upstream::ClusterFactoryContext& context) {
+
   auto dns_resolver_or_error = selectDnsResolver(cluster, context);
   RETURN_IF_NOT_OK(dns_resolver_or_error.status());
 
-  auto cluster_or_error =
-      StrictDnsClusterImpl::create(cluster, context, std::move(dns_resolver_or_error.value()));
+  auto cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config, context,
+                                                       std::move(dns_resolver_or_error.value()));
   RETURN_IF_NOT_OK(cluster_or_error.status());
   return std::make_pair(std::shared_ptr<StrictDnsClusterImpl>(std::move(*cluster_or_error)),
                         nullptr);
@@ -273,7 +267,7 @@ StrictDnsClusterFactory::createClusterImpl(const envoy::config::cluster::v3::Clu
 /**
  * Static registration for the strict dns cluster factory. @see RegisterFactory.
  */
-REGISTER_FACTORY(StrictDnsClusterFactory, ClusterFactory);
+REGISTER_FACTORY(StrictDnsClusterFactory, Upstream::ClusterFactory);
 
 } // namespace Upstream
 } // namespace Envoy
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 91b4476fe198..d825b20f895d 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -2,6 +2,8 @@
 
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.validate.h"
 
 #include "source/common/upstream/cluster_factory_impl.h"
 #include "source/common/upstream/upstream_impl.h"
@@ -18,11 +20,13 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
   static absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
-  create(const envoy::config::cluster::v3::Cluster& cluster, ClusterFactoryContext& context,
-         Network::DnsResolverSharedPtr dns_resolver);
+  create(const envoy::config::cluster::v3::Cluster& cluster,
+         const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+         ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
 
 protected:
   StrictDnsClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
+                       const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
                        ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver,
                        absl::Status& creation_status);
 
@@ -68,10 +72,10 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
   const LocalInfo::LocalInfo& local_info_;
   Network::DnsResolverSharedPtr dns_resolver_;
   std::list<ResolveTargetPtr> resolve_targets_;
-  std::chrono::milliseconds dns_refresh_rate_ms_;
-  std::chrono::milliseconds dns_jitter_ms_;
+  const std::chrono::milliseconds dns_refresh_rate_ms_;
+  const std::chrono::milliseconds dns_jitter_ms_;
   BackOffStrategyPtr failure_backoff_strategy_;
-  bool respect_dns_ttl_;
+  const bool respect_dns_ttl_;
   Network::DnsLookupFamily dns_lookup_family_;
   uint32_t overprovisioning_factor_;
   bool weighted_priority_health_;
@@ -80,16 +84,21 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 /**
  * Factory for StrictDnsClusterImpl
  */
-class StrictDnsClusterFactory : public ClusterFactoryImplBase {
+
+class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
+                                    envoy::extensions::clusters::dns::v3::DnsCluster> {
 public:
-  StrictDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.strict_dns") {}
+  StrictDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.strict_dns") {}
 
 private:
-  absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-  createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                    ClusterFactoryContext& context) override;
+  absl::StatusOr<
+      std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
+  createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
+                          const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+                          Upstream::ClusterFactoryContext& context) override;
 };
 
+
 DECLARE_FACTORY(StrictDnsClusterFactory);
 
 } // namespace Upstream
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index fc78e4c7189d..7bd23e717abf 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -23,6 +23,7 @@
 #include "source/common/network/resolver_impl.h"
 #include "source/common/network/transport_socket_options_impl.h"
 #include "source/common/network/utility.h"
+#include "source/common/protobuf/utility.h"
 #include "source/common/singleton/manager_impl.h"
 #include "source/extensions/clusters/static/static_cluster.h"
 #include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
@@ -89,6 +90,25 @@ class UpstreamImplTestBase {
 };
 
 namespace {
+
+// Usually, the factory is in charge of parsing the cluster config and creating the DNS cluster,
+// but we can't use a factory to create because we need to inject out mock DNS resolver.
+absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
+makeStrictDnsClusterFromDnsResolver(const envoy::config::cluster::v3::Cluster& cluster_config,
+                                    ClusterFactoryContext& factory_context,
+                                    std::shared_ptr<Network::DnsResolver> dns_resolver) {
+  ProtobufTypes::MessagePtr dns_cluster =
+      std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
+  Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
+                                         factory_context.messageValidationVisitor(), *dns_cluster);
+  cluster_config.cluster_type().typed_config(), factory_context.messageValidationVisitor();
+  return StrictDnsClusterImpl::create(
+      cluster_config,
+      MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
+          *dns_cluster, factory_context.messageValidationVisitor()),
+      factory_context, dns_resolver);
+}
+
 std::list<std::string> hostListToAddresses(const HostVector& hosts) {
   std::list<std::string> addresses;
   for (const HostSharedPtr& host : hosts) {
@@ -195,11 +215,12 @@ class StrictDnsParamTest : public testing::TestWithParam<StrictDnsConfigTuple>,
         server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
         false);
     if (numerator <= 100) {
-      auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver);
+      auto cluster =
+          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
       EXPECT_EQ(drop_ratio, cluster->dropOverload().value());
     } else {
       EXPECT_EQ(
-          StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver)
+          makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
               .status()
               .message(),
           fmt::format("load_balancing_policy.drop_overload_limit runtime key config {} is invalid. "
@@ -244,8 +265,8 @@ TEST_P(StrictDnsParamTest, ImmediateResolve) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver);
-
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
   cluster->initialize([&]() -> void { initialized.ready(); });
   EXPECT_EQ(2UL, cluster->prioritySet().hostSetsPerPriority()[0]->hosts().size());
   EXPECT_EQ(2UL, cluster->prioritySet().hostSetsPerPriority()[0]->healthyHosts().size());
@@ -273,7 +294,8 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBasicMillion) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
   EXPECT_EQ(0.000035f, cluster->dropOverload().value());
   EXPECT_EQ("test", cluster->dropCategory());
 }
@@ -300,7 +322,8 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBasicTenThousand) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
   EXPECT_EQ(0.1f, cluster->dropOverload().value());
   EXPECT_EQ("foo", cluster->dropCategory());
 }
@@ -328,7 +351,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBadDenominator) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  EXPECT_EQ(StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver)
+  EXPECT_EQ(makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
                 .status()
                 .message(),
             "Cluster drop_overloads config denominator setting is invalid : 4. Valid range 0~2.");
@@ -358,7 +381,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBadNumerator) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
   EXPECT_EQ(
-      StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver)
+      makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
           .status()
           .message(),
       "Cluster drop_overloads config is invalid. drop_ratio=2(Numerator 200 / Denominator 100). "
@@ -390,7 +413,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestMultipleCategory) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  EXPECT_EQ(StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver)
+  EXPECT_EQ(makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
                 .status()
                 .message(),
             "Cluster drop_overloads config has 2 categories. Envoy only support one.");
@@ -437,7 +460,8 @@ TEST_F(StrictDnsClusterImplTest, ZeroHostsIsInializedImmediately) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
   EXPECT_CALL(initialized, ready());
   cluster->initialize([&]() -> void { initialized.ready(); });
   EXPECT_EQ(0UL, cluster->prioritySet().hostSetsPerPriority()[0]->hosts().size());
@@ -470,7 +494,8 @@ TEST_F(StrictDnsClusterImplTest, ZeroHostsHealthChecker) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
   EXPECT_CALL(*health_checker, addHostCheckCompleteCb(_));
@@ -514,7 +539,8 @@ TEST_F(StrictDnsClusterImplTest, DontWaitForDNSOnInit) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher initialized;
 
@@ -595,7 +621,8 @@ TEST_F(StrictDnsClusterImplTest, Basic) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   EXPECT_CALL(runtime_.snapshot_, getInteger("circuit_breakers.name.default.max_connections", 43))
       .Times(AnyNumber());
@@ -764,7 +791,8 @@ TEST_F(StrictDnsClusterImplTest, HostRemovalActiveHealthSkipped) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -824,7 +852,8 @@ TEST_F(StrictDnsClusterImplTest, HostRemovalAfterHcFail) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -903,7 +932,8 @@ TEST_F(StrictDnsClusterImplTest, HostUpdateWithDisabledACEndpoint) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -1017,7 +1047,8 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasic) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   EXPECT_CALL(runtime_.snapshot_, getInteger("circuit_breakers.name.default.max_connections", 43));
   EXPECT_EQ(43U, cluster->info()->resourceManager(ResourcePriority::Default).connections().max());
@@ -1210,7 +1241,7 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasic) {
               cancel(Network::ActiveDnsQuery::CancelReason::QueryAbandoned));
 }
 
-TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
+TEST_P(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
   ResolverData resolver3(*dns_resolver_, server_context_.dispatcher_);
   ResolverData resolver2(*dns_resolver_, server_context_.dispatcher_);
   ResolverData resolver1(*dns_resolver_, server_context_.dispatcher_);
@@ -1261,7 +1292,8 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher membership_updated;
   auto priority_update_cb = cluster->prioritySet().addPriorityUpdateCb(
@@ -1380,7 +1412,8 @@ TEST_F(StrictDnsClusterImplTest, CustomResolverFails) {
       false);
 
   EXPECT_THROW_WITH_MESSAGE(
-      auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_),
+      auto cluster =
+          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
       EnvoyException, "STRICT_DNS clusters must NOT have a custom resolver name set");
 }
 
@@ -1412,7 +1445,8 @@ TEST_F(StrictDnsClusterImplTest, FailureRefreshRateBackoffResetsWhenSuccessHappe
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   cluster->initialize([] {});
 
@@ -1460,7 +1494,8 @@ TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateNoJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher membership_updated;
   auto priority_update_cb = cluster->prioritySet().addPriorityUpdateCb(
@@ -1517,7 +1552,8 @@ TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateYesJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
 
   cluster->initialize([] {});
 
@@ -1586,7 +1622,8 @@ TEST_F(StrictDnsClusterImplTest, Http2UserDefinedSettingsParametersValidation) {
       false);
 
   EXPECT_THROW_WITH_REGEX(
-      auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_),
+      auto cluster =
+          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
       EnvoyException,
       R"(the \{hpack_table_size\} HTTP/2 SETTINGS parameter\(s\) can not be configured through)"
       " both");
@@ -3802,7 +3839,8 @@ TEST_F(ClusterImplTest, CloseConnectionsOnHostHealthFailure) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
 
   EXPECT_TRUE(cluster->info()->features() &
               ClusterInfo::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE);
@@ -4013,7 +4051,7 @@ class ClusterInfoImplTest : public testing::Test {
         false);
 
     return THROW_OR_RETURN_VALUE(
-        StrictDnsClusterImpl::create(cluster_config_, factory_context, dns_resolver_),
+        makeStrictDnsClusterFromDnsResolver(cluster_config_, factory_context, dns_resolver_),
         std::unique_ptr<StrictDnsClusterImpl>);
   }
 
diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index 4f64c8baabb8..66beadcdd2cd 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -85,7 +85,7 @@ TEST_P(LogicalHostIntegrationTest, LogicalDNSRaceCrashTest) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::LOGICAL_DNS);
-    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
+    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
     // Make the refresh rate fast to hit the R/W race.
     cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
   });
diff --git a/test/extensions/clusters/redis/redis_cluster_integration_test.cc b/test/extensions/clusters/redis/redis_cluster_integration_test.cc
index 8400e5e04f51..a2ea2415615e 100644
--- a/test/extensions/clusters/redis/redis_cluster_integration_test.cc
+++ b/test/extensions/clusters/redis/redis_cluster_integration_test.cc
@@ -159,7 +159,7 @@ class RedisClusterIntegrationTest : public testing::TestWithParam<Network::Addre
       uint32_t upstream_idx = 0;
       auto* cluster_0 = bootstrap.mutable_static_resources()->mutable_clusters(0);
       if (version_ == Network::Address::IpVersion::v4) {
-        cluster_0->set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
+        cluster_0->set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
       }
       for (int j = 0; j < cluster_0->load_assignment().endpoints_size(); ++j) {
         auto locality_lb = cluster_0->mutable_load_assignment()->mutable_endpoints(j);
diff --git a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
index 8e6fc048b4e8..65436dce07a6 100644
--- a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
+++ b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
@@ -43,7 +43,7 @@ class DnsCacheImplTest : public testing::Test, public Event::TestUsingSimulatedT
       std::vector<std::pair<std::string /*host*/, uint32_t /*port*/>> preresolve_hostnames = {},
       uint32_t max_hosts = 1024) {
     config_.set_name("foo");
-    config_.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
+    config_.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
     config_.mutable_max_hosts()->set_value(max_hosts);
     if (!preresolve_hostnames.empty()) {
       for (const auto& [host, port] : preresolve_hostnames) {
@@ -1516,7 +1516,7 @@ TEST(DnsCacheManagerImplTest, LoadViaConfig) {
 
   envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config4;
   config4.set_name("foo");
-  config4.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY);
+  config4.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
   EXPECT_EQ(cache_manager.getCache(config4).status().message(),
             "config specified DNS cache 'foo' with different settings");
 }
diff --git a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
index f872849157ef..fa53ca1b9362 100644
--- a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
+++ b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
@@ -95,8 +95,8 @@ name: stream-info-to-headers-filter
     cluster_.set_name("cluster_0");
     cluster_.set_lb_policy(envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED);
     cluster_.set_dns_lookup_family(GetParam() == Network::Address::IpVersion::v4
-                                       ? envoy::extensions::clusters::dns::v3::DnsConfig::V4_ONLY
-                                       : envoy::extensions::clusters::dns::v3::DnsConfig::V6_ONLY);
+                                       ? envoy::config::cluster::v3::Cluster::V4_ONLY
+                                       : envoy::config::cluster::v3::Cluster::V6_ONLY);
 
     protocol_options_.mutable_upstream_http_protocol_options()->set_auto_sni(true);
     if (!override_auto_sni_header.empty()) {
diff --git a/test/integration/protocol_integration_test.cc b/test/integration/protocol_integration_test.cc
index e53403354a0c..510cd6924d9c 100644
--- a/test/integration/protocol_integration_test.cc
+++ b/test/integration/protocol_integration_test.cc
@@ -79,7 +79,7 @@ TEST_P(ProtocolIntegrationTest, LogicalDns) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::LOGICAL_DNS);
-    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
+    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
   });
   config_helper_.addConfigModifier(
       [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager&
@@ -101,7 +101,7 @@ TEST_P(ProtocolIntegrationTest, StrictDns) {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
     cluster.set_type(envoy::config::cluster::v3::Cluster::STRICT_DNS);
-    cluster.set_dns_lookup_family(envoy::extensions::clusters::dns::v3::DnsConfig::ALL);
+    cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
   });
   initialize();
   codec_client_ = makeHttpConnection(lookupPort("http"));

From c944d7ec77ebe27f24db2920cd39caddd4b44135 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 10 Oct 2024 16:06:00 -0400
Subject: [PATCH 04/46] Revert unecessary changes

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../common/dynamic_forward_proxy/dns_cache_impl_test.cc    | 2 +-
 .../dynamic_forward_proxy/proxy_filter_integration_test.cc | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
index 65436dce07a6..2d3dfce1d955 100644
--- a/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
+++ b/test/extensions/common/dynamic_forward_proxy/dns_cache_impl_test.cc
@@ -1516,7 +1516,7 @@ TEST(DnsCacheManagerImplTest, LoadViaConfig) {
 
   envoy::extensions::common::dynamic_forward_proxy::v3::DnsCacheConfig config4;
   config4.set_name("foo");
-  config4.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V4_ONLY);
+  config4.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::V6_ONLY);
   EXPECT_EQ(cache_manager.getCache(config4).status().message(),
             "config specified DNS cache 'foo' with different settings");
 }
diff --git a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
index fa53ca1b9362..81d4bcee5486 100644
--- a/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
+++ b/test/extensions/filters/http/dynamic_forward_proxy/proxy_filter_integration_test.cc
@@ -94,9 +94,10 @@ name: stream-info-to-headers-filter
         Protobuf::util::TimeUtil::MillisecondsToDuration(5000));
     cluster_.set_name("cluster_0");
     cluster_.set_lb_policy(envoy::config::cluster::v3::Cluster::CLUSTER_PROVIDED);
-    cluster_.set_dns_lookup_family(GetParam() == Network::Address::IpVersion::v4
-                                       ? envoy::config::cluster::v3::Cluster::V4_ONLY
-                                       : envoy::config::cluster::v3::Cluster::V6_ONLY);
+    cluster_.set_dns_lookup_family(
+        GetParam() == Network::Address::IpVersion::v4
+            ? envoy::config::cluster::v3::Cluster_DnsLookupFamily::Cluster_DnsLookupFamily_V4_ONLY
+            : envoy::config::cluster::v3::Cluster_DnsLookupFamily::Cluster_DnsLookupFamily_V6_ONLY);
 
     protocol_options_.mutable_upstream_http_protocol_options()->set_auto_sni(true);
     if (!override_auto_sni_header.empty()) {

From 8ed51ae7b5b32656d9baf5c9296841057ba6a48c Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 10 Oct 2024 16:16:50 -0400
Subject: [PATCH 05/46] Format

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../clusters/dns/v3/dns_cluster.proto         | 49 ++-----------------
 source/common/common/dns_utils.cc             |  4 +-
 .../network/dns_resolver/dns_factory_util.cc  | 14 ------
 .../network/dns_resolver/dns_factory_util.h   |  5 --
 .../common/upstream/cluster_factory_impl.cc   | 17 ++-----
 source/extensions/clusters/common/BUILD       |  4 +-
 .../clusters/common/backcompat_dns.cc         | 15 ++----
 source/extensions/clusters/logical_dns/BUILD  |  1 +
 .../logical_dns/logical_dns_cluster.cc        |  8 ++-
 .../logical_dns/logical_dns_cluster.h         | 11 ++---
 source/extensions/clusters/strict_dns/BUILD   |  1 +
 .../clusters/strict_dns/strict_dns_cluster.cc |  8 +--
 .../clusters/strict_dns/strict_dns_cluster.h  |  1 -
 13 files changed, 26 insertions(+), 112 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 83199d8fdc75..ccae1881a95b 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -28,35 +28,6 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // [#next-free-field: 7]
 message DnsCluster {
-  // When V4_ONLY is selected, the DNS resolver will only perform a lookup for
-  // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
-  // only perform a lookup for addresses in the IPv6 family. If AUTO is
-  // specified, the DNS resolver will first perform a lookup for addresses in
-  // the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
-  // This is semantically equivalent to a non-existent V6_PREFERRED option.
-  // AUTO is a legacy name that is more opaque than
-  // necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
-  // If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
-  // IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
-  // target will only get v6 addresses if there were NO v4 addresses to return.
-  // If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
-  // and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
-  // upstream connections. Refer to :ref:`Happy Eyeballs Support <arch_overview_happy_eyeballs>`
-  // for more information.
-  // For cluster types other than
-  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
-  // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`,
-  // this setting is
-  // ignored.
-  // [#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
-//  enum DnsLookupFamily {
-//    UNSPECIFIED = 0;
-//    AUTO = 1;
-//    V4_ONLY = 2;
-//    V6_ONLY = 3;
-//    V4_PREFERRED = 4;
-//    ALL = 5;
-//  }
 
   message RefreshRate {
     // Specifies the base interval between refreshes. This parameter is required and must be greater
@@ -77,36 +48,22 @@ message DnsCluster {
   // This value is the cluster’s DNS refresh rate. The value configured must be at least 1ms.
   // If this setting is not specified, the
   // value defaults to 5000ms.
-  google.protobuf.Duration dns_refresh_rate = 1 [(validate.rules).duration = {gt {nanos: 1000000}}];
+  google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gt {nanos: 1000000}}];
 
   // this is the cluster’s DNS refresh rate when requests are failing. If this setting is
   // not specified, the failure refresh rate defaults to the DNS refresh rate.
-  RefreshRate dns_failure_refresh_rate = 2;
+  RefreshRate dns_failure_refresh_rate = 4;
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  google.protobuf.BoolValue respect_dns_ttl = 3;
+  google.protobuf.BoolValue respect_dns_ttl = 5;
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily.AUTO>`.
   // DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
 
-  // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
-  // or any other DNS resolver types and the related parameters.
-  // For example, an object of
-  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
-  // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
-  // :ref:`dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
-  // configuration.
-  // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
-  // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
-  // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
-  // [#extension-category: envoy.network.dns_resolver]
-  // Fixme docs
-  // config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 5;
-
   // DNS jitter causes the cluster to refresh DNS entries later by a random amount of time to avoid a
   // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
   // There will be no jitter if this value is omitted.
diff --git a/source/common/common/dns_utils.cc b/source/common/common/dns_utils.cc
index 1570eff5daf5..f13531396427 100644
--- a/source/common/common/dns_utils.cc
+++ b/source/common/common/dns_utils.cc
@@ -12,8 +12,8 @@ getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster
   return getDnsLookupFamilyFromEnum(cluster.dns_lookup_family());
 }
 
-Network::DnsLookupFamily getDnsLookupFamilyFromEnum(
-    envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
+Network::DnsLookupFamily
+getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
   switch (family) {
     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
   case envoy::config::cluster::v3::Cluster::V6_ONLY:
diff --git a/source/common/network/dns_resolver/dns_factory_util.cc b/source/common/network/dns_resolver/dns_factory_util.cc
index 2e80505807f7..c66a82374fbf 100644
--- a/source/common/network/dns_resolver/dns_factory_util.cc
+++ b/source/common/network/dns_resolver/dns_factory_util.cc
@@ -46,12 +46,6 @@ bool tryUseAppleApiForDnsLookups(
   return false;
 }
 
-//bool checkDnsResolutionConfigExist(
-//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig& config,
-//    [[maybe_unused]] envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
-//  return false;
-//}
-
 // Overloading the template function for DnsFilterConfig type, which doesn't need to copy anything.
 void handleLegacyDnsResolverData(
     const envoy::extensions::filters::udp::dns_filter::v3::DnsFilterConfig::ClientContextConfig&,
@@ -59,14 +53,6 @@ void handleLegacyDnsResolverData(
   makeDefaultCaresDnsResolverConfig(typed_dns_resolver_config);
 }
 
-//void handleLegacyDnsResolverData(
-//    [[maybe_unused]] const envoy::extensions::clusters::dns::v3::DnsConfig config,
-//    envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config) {
-//  envoy::extensions::network::dns_resolver::cares::v3::CaresDnsResolverConfig cares;
-//  typed_dns_resolver_config.mutable_typed_config()->PackFrom(cares);
-//  typed_dns_resolver_config.set_name(std::string(CaresDnsResolver));
-//}
-
 // Overloading the template function for Cluster config type, which need to copy
 // both use_tcp_for_dns_lookups and dns_resolvers.
 void handleLegacyDnsResolverData(
diff --git a/source/common/network/dns_resolver/dns_factory_util.h b/source/common/network/dns_resolver/dns_factory_util.h
index 6a8290a58774..2e07c4ded47b 100644
--- a/source/common/network/dns_resolver/dns_factory_util.h
+++ b/source/common/network/dns_resolver/dns_factory_util.h
@@ -61,11 +61,6 @@ bool checkDnsResolutionConfigExist(
   return false;
 }
 
-// Overloading the template funciton for DnsConfig because DnsConfig has no dns_resolution_config.
-// bool checkDnsResolutionConfigExist(
-//     const envoy::extensions::clusters::dns::v3::DnsConfig& config,
-//     envoy::config::core::v3::TypedExtensionConfig& typed_dns_resolver_config);
-
 // For backward compatibility, copy over use_tcp_for_dns_lookups from config, and create
 // a CaresDnsResolverConfig typed config. This logic fit for bootstrap, and dns_cache config types.
 template <class ConfigType>
diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc
index 0e1b2978d790..4b8529da1204 100644
--- a/source/common/upstream/cluster_factory_impl.cc
+++ b/source/common/upstream/cluster_factory_impl.cc
@@ -65,26 +65,15 @@ ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluste
   return factory->create(cluster, context);
 }
 
-absl::StatusOr<Network::DnsResolverSharedPtr> ClusterFactoryImplBase::selectDnsResolver(
-    const envoy::config::cluster::v3::Cluster& cluster,
-    ClusterFactoryContext& context) {
+absl::StatusOr<Network::DnsResolverSharedPtr>
+ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
+                                          ClusterFactoryContext& context) {
   // We make this a shared pointer to deal with the distinct ownership
   // scenarios that can exist: in one case, we pass in the "default"
   // DNS resolver that is owned by the Server::Instance. In the case
   // where 'dns_resolvers' is specified, we have per-cluster DNS
   // resolvers that are created here but ownership resides with
   // StrictDnsClusterImpl/LogicalDnsCluster.
-  // if ((cluster.has_dns_config() && cluster.dns_config().has_typed_dns_resolver_config() &&
-  //     !(cluster.dns_config().typed_dns_resolver_config().typed_config().type_url().empty()))) {
-  //  envoy::config::core::v3::TypedExtensionConfig typed_dns_resolver_config;
-  //  Network::DnsResolverFactory& dns_resolver_factory =
-  //      Network::createDnsResolverFactoryFromProto(cluster.dns_config(),
-  //      typed_dns_resolver_config);
-  //  auto& server_context = context.serverFactoryContext();
-  //  return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
-  //                                                server_context.api(),
-  //                                                typed_dns_resolver_config);
-  //}
 
   if ((cluster.has_typed_dns_resolver_config() &&
        !(cluster.typed_dns_resolver_config().typed_config().type_url().empty())) ||
diff --git a/source/extensions/clusters/common/BUILD b/source/extensions/clusters/common/BUILD
index f2ac13e0e1fe..cfb399912e21 100644
--- a/source/extensions/clusters/common/BUILD
+++ b/source/extensions/clusters/common/BUILD
@@ -26,7 +26,7 @@ envoy_cc_library(
     deps = [
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
-        "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
-        "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+        "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
diff --git a/source/extensions/clusters/common/backcompat_dns.cc b/source/extensions/clusters/common/backcompat_dns.cc
index 9a6afbe5a4ea..b2694f510db5 100644
--- a/source/extensions/clusters/common/backcompat_dns.cc
+++ b/source/extensions/clusters/common/backcompat_dns.cc
@@ -1,6 +1,7 @@
+#include "source/extensions/clusters/common/backcompat_dns.h"
+
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
 
 namespace Envoy {
 namespace Upstream {
@@ -24,20 +25,10 @@ void mergeClusterAndProtoConfig(
     new_proto_config.mutable_respect_dns_ttl()->set_value(cluster.respect_dns_ttl());
   }
 
-  // if (new_proto_config.dns_lookup_family() ==
-  //     envoy::extensions::clusters::dns::v3::DnsCluster::UNSPECIFIED) {
-  //   new_proto_config.set_dns_lookup_family(translateLookupFamily(cluster.dns_lookup_family()));
-  // }
-
-  // if (cluster.has_typed_dns_resolver_config() &&
-  //     !new_proto_config.has_typed_dns_resolver_config()) {
-  //   new_proto_config.mutable_typed_dns_resolver_config()->CopyFrom(
-  //       cluster.typed_dns_resolver_config());
-  // }
-
   if (cluster.has_dns_jitter() && !new_proto_config.has_dns_jitter()) {
     new_proto_config.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
   }
 }
+
 } // namespace Upstream
 } // namespace Envoy
diff --git a/source/extensions/clusters/logical_dns/BUILD b/source/extensions/clusters/logical_dns/BUILD
index 8230144962d4..3022d0c85a02 100644
--- a/source/extensions/clusters/logical_dns/BUILD
+++ b/source/extensions/clusters/logical_dns/BUILD
@@ -30,5 +30,6 @@ envoy_cc_extension(
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index 8ed757c202c3..a30aa7cd6180 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -1,5 +1,4 @@
 #include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
 
 #include <chrono>
 #include <list>
@@ -21,6 +20,7 @@
 #include "source/common/network/utility.h"
 #include "source/common/protobuf/protobuf.h"
 #include "source/common/protobuf/utility.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
 
 namespace Envoy {
 namespace Upstream {
@@ -216,10 +216,8 @@ LogicalDnsClusterFactory::createClusterWithConfig(
   THROW_IF_NOT_OK(dns_resolver_or_error.status());
 
   auto cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
-                                                       std::move(dns_resolver_or_error.value()));
-  return std::make_pair(std::shared_ptr<LogicalDnsCluster>(std::move(*cluster_or_error)),
-                        nullptr);
-
+                                                    std::move(dns_resolver_or_error.value()));
+  return std::make_pair(std::shared_ptr<LogicalDnsCluster>(std::move(*cluster_or_error)), nullptr);
 }
 
 /**
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 78106edd7488..20ccc1944cd2 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -10,7 +10,6 @@
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.validate.h"
-
 #include "envoy/stats/scope.h"
 
 #include "source/common/common/empty_string.h"
@@ -41,11 +40,10 @@ class LogicalDnsCluster : public ClusterImplBase {
 public:
   ~LogicalDnsCluster() override;
 
-  absl::StatusOr<std::unique_ptr<LogicalDnsCluster>>
-  static create(const envoy::config::cluster::v3::Cluster& cluster,
-        const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
-        ClusterFactoryContext& context,
-        Network::DnsResolverSharedPtr dns_resolver);
+  absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> static create(
+      const envoy::config::cluster::v3::Cluster& cluster,
+      const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+      ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
 
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
@@ -100,7 +98,6 @@ class LogicalDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase
 public:
   LogicalDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.logical_dns") {}
 
-
 private:
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
diff --git a/source/extensions/clusters/strict_dns/BUILD b/source/extensions/clusters/strict_dns/BUILD
index 6cb6e498ff07..b05fb2cd9ba8 100644
--- a/source/extensions/clusters/strict_dns/BUILD
+++ b/source/extensions/clusters/strict_dns/BUILD
@@ -20,5 +20,6 @@ envoy_cc_extension(
         "//source/extensions/clusters/common:backcompat_dns_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index 14bef0d814e0..2a9ee760e8b9 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -1,5 +1,4 @@
 #include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
 
 #include <chrono>
 
@@ -9,6 +8,8 @@
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
+#include "source/extensions/clusters/common/backcompat_dns.h"
+
 namespace Envoy {
 namespace Upstream {
 
@@ -24,9 +25,8 @@ StrictDnsClusterImpl::create(const envoy::config::cluster::v3::Cluster& cluster,
   merged_dns_cluster.MergeFrom(dns_cluster);
   mergeClusterAndProtoConfig(cluster, merged_dns_cluster);
 
-
-  auto ret = std::unique_ptr<StrictDnsClusterImpl>(
-      new StrictDnsClusterImpl(cluster, merged_dns_cluster, context, dns_resolver, creation_status));
+  auto ret = std::unique_ptr<StrictDnsClusterImpl>(new StrictDnsClusterImpl(
+      cluster, merged_dns_cluster, context, dns_resolver, creation_status));
 
   RETURN_IF_NOT_OK(creation_status);
   return ret;
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index d825b20f895d..9944ccbca470 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -98,7 +98,6 @@ class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
                           Upstream::ClusterFactoryContext& context) override;
 };
 
-
 DECLARE_FACTORY(StrictDnsClusterFactory);
 
 } // namespace Upstream

From 8915b81579e43c95a9a7620a06337e9f31a03920 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 10 Oct 2024 21:31:16 -0400
Subject: [PATCH 06/46] Fix logical dns tests

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/BUILD             |  1 -
 api/envoy/config/cluster/v3/cluster.proto     |  2 +-
 api/envoy/extensions/clusters/dns/v3/BUILD    |  5 +-
 .../clusters/dns/v3/dns_cluster.proto         | 10 +---
 .../clusters/common/backcompat_dns.cc         | 32 +++++++------
 .../clusters/common/backcompat_dns.h          |  5 +-
 .../logical_dns/logical_dns_cluster.cc        | 35 ++++++++++----
 .../clusters/strict_dns/strict_dns_cluster.cc | 46 ++++++-------------
 test/common/upstream/upstream_impl_test.cc    | 29 +++++++-----
 .../logical_dns/logical_dns_cluster_test.cc   | 41 +++++++++++++++--
 10 files changed, 117 insertions(+), 89 deletions(-)

diff --git a/api/envoy/config/cluster/v3/BUILD b/api/envoy/config/cluster/v3/BUILD
index df171f9a734d..80d74b61cd6a 100644
--- a/api/envoy/config/cluster/v3/BUILD
+++ b/api/envoy/config/cluster/v3/BUILD
@@ -9,7 +9,6 @@ api_proto_package(
         "//envoy/annotations:pkg",
         "//envoy/config/core/v3:pkg",
         "//envoy/config/endpoint/v3:pkg",
-        "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/type/metadata/v3:pkg",
         "//envoy/type/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index e3e3d04103c4..7e05736106ee 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -45,7 +45,7 @@ message ClusterCollection {
 }
 
 // Configuration for a single upstream cluster.
-// [#next-free-field: 60]
+// [#next-free-field: 59]
 message Cluster {
   option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Cluster";
 
diff --git a/api/envoy/extensions/clusters/dns/v3/BUILD b/api/envoy/extensions/clusters/dns/v3/BUILD
index 09a37ad16b83..29ebf0741406 100644
--- a/api/envoy/extensions/clusters/dns/v3/BUILD
+++ b/api/envoy/extensions/clusters/dns/v3/BUILD
@@ -5,8 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
 licenses(["notice"])  # Apache 2
 
 api_proto_package(
-    deps = [
-        "//envoy/config/core/v3:pkg",
-        "@com_github_cncf_xds//udpa/annotations:pkg",
-    ],
+    deps = ["@com_github_cncf_xds//udpa/annotations:pkg"],
 )
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index ccae1881a95b..413e6a365e95 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -2,17 +2,10 @@ syntax = "proto3";
 
 package envoy.extensions.clusters.dns.v3;
 
-import "envoy/config/core/v3/extension.proto";
-
-import "google/protobuf/any.proto";
 import "google/protobuf/duration.proto";
 import "google/protobuf/struct.proto";
-import "google/protobuf/wrappers.proto";
 
-import "udpa/annotations/migrate.proto";
-import "udpa/annotations/security.proto";
 import "udpa/annotations/status.proto";
-import "udpa/annotations/versioning.proto";
 import "validate/validate.proto";
 
 option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
@@ -28,7 +21,6 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // [#next-free-field: 7]
 message DnsCluster {
-
   message RefreshRate {
     // Specifies the base interval between refreshes. This parameter is required and must be greater
     // than zero and less than
@@ -57,7 +49,7 @@ message DnsCluster {
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  google.protobuf.BoolValue respect_dns_ttl = 5;
+  bool respect_dns_ttl = 5;
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
diff --git a/source/extensions/clusters/common/backcompat_dns.cc b/source/extensions/clusters/common/backcompat_dns.cc
index b2694f510db5..2c1832cc1897 100644
--- a/source/extensions/clusters/common/backcompat_dns.cc
+++ b/source/extensions/clusters/common/backcompat_dns.cc
@@ -6,27 +6,33 @@
 namespace Envoy {
 namespace Upstream {
 
-void mergeClusterAndProtoConfig(
+void createDnsClusterFromLegacyFields(
     const envoy::config::cluster::v3::Cluster& cluster,
-    envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config) {
+    envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster) {
 
-  if (cluster.has_dns_refresh_rate() && !new_proto_config.has_dns_refresh_rate()) {
-    new_proto_config.mutable_dns_refresh_rate()->CopyFrom(cluster.dns_refresh_rate());
+  // We have to add all these guards because otherwise dns_cluster.mutable_FIELD will initialize the
+  // field and dns_cluster.has_FIELD will return true
+  if (cluster.has_dns_refresh_rate()) {
+    dns_cluster.mutable_dns_refresh_rate()->CopyFrom(cluster.dns_refresh_rate());
   }
 
-  if (cluster.has_dns_failure_refresh_rate() && !new_proto_config.has_dns_failure_refresh_rate()) {
-    auto* new_refresh_rate = new_proto_config.mutable_dns_failure_refresh_rate();
+  // FIXME: tests this
+  if (cluster.has_dns_failure_refresh_rate()) {
+    auto* new_refresh_rate = dns_cluster.mutable_dns_failure_refresh_rate();
     const auto& old_refresh_rate = cluster.dns_failure_refresh_rate();
-    new_refresh_rate->mutable_max_interval()->CopyFrom(old_refresh_rate.max_interval());
-    new_refresh_rate->mutable_base_interval()->CopyFrom(old_refresh_rate.base_interval());
-  }
 
-  if (!new_proto_config.has_respect_dns_ttl()) {
-    new_proto_config.mutable_respect_dns_ttl()->set_value(cluster.respect_dns_ttl());
+    if (old_refresh_rate.has_max_interval()) {
+      new_refresh_rate->mutable_max_interval()->CopyFrom(old_refresh_rate.max_interval());
+    }
+    if (old_refresh_rate.has_base_interval()) {
+      new_refresh_rate->mutable_base_interval()->CopyFrom(old_refresh_rate.base_interval());
+    }
   }
 
-  if (cluster.has_dns_jitter() && !new_proto_config.has_dns_jitter()) {
-    new_proto_config.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
+  dns_cluster.set_respect_dns_ttl(cluster.respect_dns_ttl());
+
+  if (cluster.has_dns_jitter()) {
+    dns_cluster.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
   }
 }
 
diff --git a/source/extensions/clusters/common/backcompat_dns.h b/source/extensions/clusters/common/backcompat_dns.h
index 4ebea7739baa..4dfa23ddf90c 100644
--- a/source/extensions/clusters/common/backcompat_dns.h
+++ b/source/extensions/clusters/common/backcompat_dns.h
@@ -6,8 +6,9 @@
 namespace Envoy {
 namespace Upstream {
 
-void mergeClusterAndProtoConfig(const envoy::config::cluster::v3::Cluster& cluster,
-                                envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
+void createDnsClusterFromLegacyFields(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
 
 }
 } // namespace Envoy
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index a30aa7cd6180..9fef749c270a 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -51,11 +51,6 @@ LogicalDnsCluster::create(const envoy::config::cluster::v3::Cluster& cluster,
                           const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
                           ClusterFactoryContext& context,
                           Network::DnsResolverSharedPtr dns_resolver) {
-
-  envoy::extensions::clusters::dns::v3::DnsCluster new_proto_config{};
-  new_proto_config.MergeFrom(dns_cluster);
-  mergeClusterAndProtoConfig(cluster, new_proto_config);
-
   const auto& load_assignment = cluster.load_assignment();
   const auto& locality_lb_endpoints = load_assignment.endpoints();
   if (locality_lb_endpoints.size() != 1 || locality_lb_endpoints[0].lb_endpoints().size() != 1) {
@@ -75,8 +70,18 @@ LogicalDnsCluster::create(const envoy::config::cluster::v3::Cluster& cluster,
   }
 
   absl::Status creation_status = absl::OkStatus();
-  auto ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
-      cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
+  std::unique_ptr<LogicalDnsCluster> ret;
+
+  // dns_cluster should be cluster.cluster_type.typed_config cast to the right type.
+  if (cluster.has_cluster_type()) {
+    ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
+        cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
+  } else {
+    envoy::extensions::clusters::dns::v3::DnsCluster legacy_dns_cluster{};
+    createDnsClusterFromLegacyFields(cluster, legacy_dns_cluster);
+    ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
+        cluster, legacy_dns_cluster, context, std::move(dns_resolver), creation_status));
+  }
   RETURN_IF_NOT_OK(creation_status);
   return ret;
 }
@@ -91,7 +96,7 @@ LogicalDnsCluster::LogicalDnsCluster(
           PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
       dns_jitter_ms_(
           std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0))),
-      respect_dns_ttl_(dns_cluster.respect_dns_ttl().value()),
+      respect_dns_ttl_(dns_cluster.respect_dns_ttl()),
       resolve_timer_(context.serverFactoryContext().mainThreadDispatcher().createTimer(
           [this]() -> void { startResolve(); })),
       local_info_(context.serverFactoryContext().localInfo()),
@@ -215,8 +220,18 @@ LogicalDnsClusterFactory::createClusterWithConfig(
   auto dns_resolver_or_error = selectDnsResolver(cluster, context);
   THROW_IF_NOT_OK(dns_resolver_or_error.status());
 
-  auto cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
-                                                    std::move(dns_resolver_or_error.value()));
+  absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> cluster_or_error;
+  if (cluster.has_cluster_type()) {
+    cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
+                                                    std::move(*dns_resolver_or_error));
+  } else {
+    envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
+    createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
+    cluster_or_error = LogicalDnsCluster::create(cluster, proto_config_legacy, context,
+                                                    std::move(*dns_resolver_or_error));
+  }
+
+  RETURN_IF_NOT_OK(cluster_or_error.status());
   return std::make_pair(std::shared_ptr<LogicalDnsCluster>(std::move(*cluster_or_error)), nullptr);
 }
 
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index 2a9ee760e8b9..e22e8be37e23 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -19,15 +19,8 @@ StrictDnsClusterImpl::create(const envoy::config::cluster::v3::Cluster& cluster,
                              ClusterFactoryContext& context,
                              Network::DnsResolverSharedPtr dns_resolver) {
   absl::Status creation_status = absl::OkStatus();
-
-  // do we need to make a non-const copy?
-  envoy::extensions::clusters::dns::v3::DnsCluster merged_dns_cluster{};
-  merged_dns_cluster.MergeFrom(dns_cluster);
-  mergeClusterAndProtoConfig(cluster, merged_dns_cluster);
-
   auto ret = std::unique_ptr<StrictDnsClusterImpl>(new StrictDnsClusterImpl(
-      cluster, merged_dns_cluster, context, dns_resolver, creation_status));
-
+      cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
   RETURN_IF_NOT_OK(creation_status);
   return ret;
 }
@@ -43,7 +36,7 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(
       dns_refresh_rate_ms_(std::chrono::milliseconds(
           PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
       dns_jitter_ms_(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0)),
-      respect_dns_ttl_(dns_cluster.respect_dns_ttl().value()) {
+      respect_dns_ttl_(dns_cluster.respect_dns_ttl()) {
   failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy(
       dns_cluster, dns_refresh_rate_ms_.count(),
       context.serverFactoryContext().api().randomGenerator());
@@ -227,38 +220,25 @@ void StrictDnsClusterImpl::ResolveTarget::startResolve() {
       });
 }
 
-// envoy::extensions::clusters::dns::v3::DnsCluster::DnsLookupFamily
-// translateLookupFamily(envoy::config::cluster::v3::Cluster::DnsLookupFamily family) {
-//   switch (family) {
-//     PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
-//   case envoy::config::cluster::v3::Cluster::AUTO:
-//     return envoy::extensions::clusters::dns::v3::DnsCluster::AUTO;
-//   case envoy::config::cluster::v3::Cluster::V4_ONLY:
-//     return envoy::extensions::clusters::dns::v3::DnsCluster::V4_ONLY;
-//   case envoy::config::cluster::v3::Cluster::V6_ONLY:
-//     return envoy::extensions::clusters::dns::v3::DnsCluster::V6_ONLY;
-//   case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
-//     return envoy::extensions::clusters::dns::v3::DnsCluster::V4_PREFERRED;
-//   case envoy::config::cluster::v3::Cluster::ALL:
-//     return envoy::extensions::clusters::dns::v3::DnsCluster::ALL;
-//   }
-//   IS_ENVOY_BUG("unexpected dns lookup family enum");
-//   return envoy::extensions::clusters::dns::v3::DnsCluster::ALL;
-// }
-
-// Fixme naming
-
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
 StrictDnsClusterFactory::createClusterWithConfig(
     const envoy::config::cluster::v3::Cluster& cluster,
     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
     Upstream::ClusterFactoryContext& context) {
-
+  absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>> cluster_or_error;
   auto dns_resolver_or_error = selectDnsResolver(cluster, context);
   RETURN_IF_NOT_OK(dns_resolver_or_error.status());
 
-  auto cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config, context,
-                                                       std::move(dns_resolver_or_error.value()));
+  if (cluster.has_cluster_type()) {
+    cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config, context,
+                                                    std::move(*dns_resolver_or_error));
+  } else {
+    envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
+    createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
+    cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config_legacy, context,
+                                                    std::move(*dns_resolver_or_error));
+  }
+
   RETURN_IF_NOT_OK(cluster_or_error.status());
   return std::make_pair(std::shared_ptr<StrictDnsClusterImpl>(std::move(*cluster_or_error)),
                         nullptr);
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 7bd23e717abf..6bbb4c03664e 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -25,6 +25,7 @@
 #include "source/common/network/utility.h"
 #include "source/common/protobuf/utility.h"
 #include "source/common/singleton/manager_impl.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
 #include "source/extensions/clusters/static/static_cluster.h"
 #include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
 #include "source/extensions/load_balancing_policies/least_request/config.h"
@@ -97,16 +98,22 @@ absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
 makeStrictDnsClusterFromDnsResolver(const envoy::config::cluster::v3::Cluster& cluster_config,
                                     ClusterFactoryContext& factory_context,
                                     std::shared_ptr<Network::DnsResolver> dns_resolver) {
-  ProtobufTypes::MessagePtr dns_cluster =
-      std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
-  Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
-                                         factory_context.messageValidationVisitor(), *dns_cluster);
-  cluster_config.cluster_type().typed_config(), factory_context.messageValidationVisitor();
-  return StrictDnsClusterImpl::create(
-      cluster_config,
-      MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
-          *dns_cluster, factory_context.messageValidationVisitor()),
-      factory_context, dns_resolver);
+  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+
+  if (cluster_config.has_cluster_type()) {
+    ProtobufTypes::MessagePtr dns_cluster_msg =
+        std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
+    Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
+                                           factory_context.messageValidationVisitor(),
+                                           *dns_cluster_msg);
+    dns_cluster =
+        MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
+            *dns_cluster_msg, factory_context.messageValidationVisitor());
+
+  } else {
+    createDnsClusterFromLegacyFields(cluster_config, dns_cluster);
+  }
+  return StrictDnsClusterImpl::create(cluster_config, dns_cluster, factory_context, dns_resolver);
 }
 
 std::list<std::string> hostListToAddresses(const HostVector& hosts) {
@@ -1241,7 +1248,7 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasic) {
               cancel(Network::ActiveDnsQuery::CancelReason::QueryAbandoned));
 }
 
-TEST_P(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
+TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
   ResolverData resolver3(*dns_resolver_, server_context_.dispatcher_);
   ResolverData resolver2(*dns_resolver_, server_context_.dispatcher_);
   ResolverData resolver1(*dns_resolver_, server_context_.dispatcher_);
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 8c4a1c68d488..27c3fdedf154 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -12,6 +12,7 @@
 
 #include "source/common/network/utility.h"
 #include "source/common/singleton/manager_impl.h"
+#include "source/extensions/clusters/common/backcompat_dns.h"
 #include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
 #include "source/server/transport_socket_config_impl.h"
 
@@ -55,10 +56,26 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
     Envoy::Upstream::ClusterFactoryContextImpl factory_context(
         server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
         false);
-    absl::Status creation_status = absl::OkStatus();
-    cluster_ = std::shared_ptr<LogicalDnsCluster>(
-        new LogicalDnsCluster(cluster_config, factory_context, dns_resolver_, creation_status));
-    THROW_IF_NOT_OK(creation_status);
+    absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> status_or_cluster;
+
+    envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+    if (cluster_config.has_cluster_type()) {
+      ProtobufTypes::MessagePtr dns_cluster_msg =
+          std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
+      Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
+                                             factory_context.messageValidationVisitor(),
+                                             *dns_cluster_msg);
+      dns_cluster =
+          MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
+              *dns_cluster_msg, factory_context.messageValidationVisitor());
+    } else {
+      createDnsClusterFromLegacyFields(cluster_config, dns_cluster);
+    }
+
+    status_or_cluster =
+        LogicalDnsCluster::create(cluster_config, dns_cluster, factory_context, dns_resolver_);
+    THROW_IF_NOT_OK(status_or_cluster.status());
+    cluster_ = std::move(*status_or_cluster);
     priority_update_cb_ = cluster_->prioritySet().addPriorityUpdateCb(
         [&](uint32_t, const HostVector&, const HostVector&) {
           membership_updated_.ready();
@@ -77,7 +94,21 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
         nullptr, false);
 
     LogicalDnsClusterFactory factory;
-    return factory.createClusterImpl(cluster_config, factory_context).status();
+    envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+    if (cluster_config.has_cluster_type()) {
+      ProtobufTypes::MessagePtr dns_cluster_msg =
+          std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
+      Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
+                                             factory_context.messageValidationVisitor(),
+                                             *dns_cluster_msg);
+      dns_cluster =
+          MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
+              *dns_cluster_msg, factory_context.messageValidationVisitor());
+    } else {
+      createDnsClusterFromLegacyFields(cluster_config, dns_cluster);
+    }
+
+    return factory.createClusterWithConfig(cluster_config, dns_cluster, factory_context).status();
   }
 
   void expectResolve(Network::DnsLookupFamily dns_lookup_family,

From 2464e2cf4ad80efcad26b7c0864312c8878ad5b8 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 15:09:17 -0400
Subject: [PATCH 07/46] format

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto      | 18 ++++++++----------
 .../logical_dns/logical_dns_cluster.cc         |  4 ++--
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 7e05736106ee..506623367a5b 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -953,8 +953,8 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of ``dns_config``
-  // which aggregates all of the DNS configuration in a single message.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_refresh_rate = 16 [
     deprecated = true,
     (validate.rules).duration = {gt {nanos: 1000000}},
@@ -970,8 +970,8 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of ``dns_config``
-  // which aggregates all of the DNS configuration in a single message.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_jitter = 58
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -983,16 +983,16 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  // This field is deprecated in favor of ``dns_config``
-  // which aggregates all of the DNS configuration in a single message.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
   RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  // This field is deprecated in favor of ``dns_config``
-  // which aggregates all of the DNS configuration in a single message.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
   bool respect_dns_ttl = 39
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -1015,8 +1015,6 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of ``dns_resolution_config``
-  // which aggregates all of the DNS resolver configuration in a single message.
   repeated core.v3.Address dns_resolvers = 18
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index 9fef749c270a..c98d79ba641b 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -223,12 +223,12 @@ LogicalDnsClusterFactory::createClusterWithConfig(
   absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> cluster_or_error;
   if (cluster.has_cluster_type()) {
     cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
-                                                    std::move(*dns_resolver_or_error));
+                                                 std::move(*dns_resolver_or_error));
   } else {
     envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
     createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
     cluster_or_error = LogicalDnsCluster::create(cluster, proto_config_legacy, context,
-                                                    std::move(*dns_resolver_or_error));
+                                                 std::move(*dns_resolver_or_error));
   }
 
   RETURN_IF_NOT_OK(cluster_or_error.status());

From 821bb34a6a72ce9a302554271b4a7ca1c0e55a3c Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 15:14:53 -0400
Subject: [PATCH 08/46] Remove extra changes

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 506623367a5b..d70dd90e8520 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -1015,6 +1015,8 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
+  // This field is deprecated in favor of ``dns_resolution_config``
+  // which aggregates all of the DNS resolver configuration in a single message.
   repeated core.v3.Address dns_resolvers = 18
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -1041,7 +1043,6 @@ message Cluster {
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // [#extension-category: envoy.network.dns_resolver]
-  // FIXME do we also want to move this one?
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for

From 1d54cff72133ca72217b5ecdf7908edad1ca6d84 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 15:30:35 -0400
Subject: [PATCH 09/46] extra change

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/common/upstream/cluster_factory_impl.cc | 1 -
 1 file changed, 1 deletion(-)

diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc
index 4b8529da1204..a4324b8d472d 100644
--- a/source/common/upstream/cluster_factory_impl.cc
+++ b/source/common/upstream/cluster_factory_impl.cc
@@ -74,7 +74,6 @@ ClusterFactoryImplBase::selectDnsResolver(const envoy::config::cluster::v3::Clus
   // where 'dns_resolvers' is specified, we have per-cluster DNS
   // resolvers that are created here but ownership resides with
   // StrictDnsClusterImpl/LogicalDnsCluster.
-
   if ((cluster.has_typed_dns_resolver_config() &&
        !(cluster.typed_dns_resolver_config().typed_config().type_url().empty())) ||
       (cluster.has_dns_resolution_config() &&

From 58dbf1f52d6601078381a094d65beec27745683b Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 15:47:19 -0400
Subject: [PATCH 10/46] Doc fixes in dns cluster proto

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../extensions/clusters/dns/v3/dns_cluster.proto | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 413e6a365e95..5e81c7c35061 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -17,14 +17,15 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 // [#protodoc-title: DNS cluster configuration]
 
 // Configuration for strict and logical DNS clusters.
-// FIXME [#extension: envoy.clusters.dns]
+// [#extension: envoy.clusters.strict_dns]
+// [#extension: envoy.clusters.dns]
 
 // [#next-free-field: 7]
 message DnsCluster {
   message RefreshRate {
     // Specifies the base interval between refreshes. This parameter is required and must be greater
     // than zero and less than
-    // :ref:`max_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    // :ref:`max_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.RefreshRate.max_interval>`.
     google.protobuf.Duration base_interval = 1 [(validate.rules).duration = {
       required: true
       gt {nanos: 1000000}
@@ -32,8 +33,8 @@ message DnsCluster {
 
     // Specifies the maximum interval between refreshes. This parameter is optional, but must be
     // greater than or equal to the
-    // :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`  if set. The default
-    // is 10 times the :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsConfig.RefreshRate.max_interval>`.
+    // :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.RefreshRate.base_interval>`  if set. The default
+    // is 10 times the :ref:`base_interval <envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.RefreshRate.base_interval>`.
     google.protobuf.Duration max_interval = 2 [(validate.rules).duration = {gt {nanos: 1000000}}];
   }
 
@@ -42,7 +43,7 @@ message DnsCluster {
   // value defaults to 5000ms.
   google.protobuf.Duration dns_refresh_rate = 3 [(validate.rules).duration = {gt {nanos: 1000000}}];
 
-  // this is the cluster’s DNS refresh rate when requests are failing. If this setting is
+  // This is the cluster’s DNS refresh rate when requests are failing. If this setting is
   // not specified, the failure refresh rate defaults to the DNS refresh rate.
   RefreshRate dns_failure_refresh_rate = 4;
 
@@ -51,11 +52,6 @@ message DnsCluster {
   // resolution.
   bool respect_dns_ttl = 5;
 
-  // The DNS IP address resolution policy. If this setting is not specified, the
-  // value defaults to
-  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsConfig.DnsLookupFamily.AUTO>`.
-  // DnsLookupFamily dns_lookup_family = 4 [(validate.rules).enum = {defined_only: true}];
-
   // DNS jitter causes the cluster to refresh DNS entries later by a random amount of time to avoid a
   // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
   // There will be no jitter if this value is omitted.

From 9784406f689665747874b48a70f624f5dca79bc4 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 15:51:21 -0400
Subject: [PATCH 11/46] more docs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto              | 6 +-----
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 2 +-
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index d70dd90e8520..ffa050c06d57 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -999,11 +999,7 @@ message Cluster {
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 17 [
-    deprecated = true,
-    (validate.rules).enum = {defined_only: true},
-    (envoy.annotations.deprecated_at_minor_version) = "3.0"
-  ];
+  DnsLookupFamily dns_lookup_family = 17;
 
   // If DNS resolvers are specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 5e81c7c35061..815ccffb8c9b 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -18,7 +18,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // Configuration for strict and logical DNS clusters.
 // [#extension: envoy.clusters.strict_dns]
-// [#extension: envoy.clusters.dns]
+// [#extension: envoy.clusters.logical_dns]
 
 // [#next-free-field: 7]
 message DnsCluster {

From 7309f8dce79f7b81eaca7081c058e516c36aa396 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 11 Oct 2024 17:14:25 -0400
Subject: [PATCH 12/46] More logical dns tests

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/clusters/common/BUILD       |  6 +-
 ...ompat_dns.cc => dns_cluster_backcompat.cc} |  2 +-
 ...kcompat_dns.h => dns_cluster_backcompat.h} |  0
 source/extensions/clusters/logical_dns/BUILD  |  2 +-
 .../logical_dns/logical_dns_cluster.cc        |  2 +-
 source/extensions/clusters/strict_dns/BUILD   |  2 +-
 .../clusters/strict_dns/strict_dns_cluster.cc |  2 +-
 test/common/upstream/upstream_impl_test.cc    |  2 +-
 test/extensions/clusters/common/BUILD         | 12 ++++
 .../common/dns_cluster_backcompat_test.cc     | 72 +++++++++++++++++++
 .../logical_dns/logical_dns_cluster_test.cc   | 47 +++++++++++-
 11 files changed, 139 insertions(+), 10 deletions(-)
 rename source/extensions/clusters/common/{backcompat_dns.cc => dns_cluster_backcompat.cc} (95%)
 rename source/extensions/clusters/common/{backcompat_dns.h => dns_cluster_backcompat.h} (100%)
 create mode 100644 test/extensions/clusters/common/dns_cluster_backcompat_test.cc

diff --git a/source/extensions/clusters/common/BUILD b/source/extensions/clusters/common/BUILD
index cfb399912e21..b36c45e6924a 100644
--- a/source/extensions/clusters/common/BUILD
+++ b/source/extensions/clusters/common/BUILD
@@ -20,9 +20,9 @@ envoy_cc_library(
 )
 
 envoy_cc_library(
-    name = "backcompat_dns_lib",
-    srcs = ["backcompat_dns.cc"],
-    hdrs = ["backcompat_dns.h"],
+    name = "dns_cluster_backcompat_lib",
+    srcs = ["dns_cluster_backcompat.cc"],
+    hdrs = ["dns_cluster_backcompat.h"],
     deps = [
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
diff --git a/source/extensions/clusters/common/backcompat_dns.cc b/source/extensions/clusters/common/dns_cluster_backcompat.cc
similarity index 95%
rename from source/extensions/clusters/common/backcompat_dns.cc
rename to source/extensions/clusters/common/dns_cluster_backcompat.cc
index 2c1832cc1897..93fc390a640b 100644
--- a/source/extensions/clusters/common/backcompat_dns.cc
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.cc
@@ -1,4 +1,4 @@
-#include "source/extensions/clusters/common/backcompat_dns.h"
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
diff --git a/source/extensions/clusters/common/backcompat_dns.h b/source/extensions/clusters/common/dns_cluster_backcompat.h
similarity index 100%
rename from source/extensions/clusters/common/backcompat_dns.h
rename to source/extensions/clusters/common/dns_cluster_backcompat.h
diff --git a/source/extensions/clusters/logical_dns/BUILD b/source/extensions/clusters/logical_dns/BUILD
index 3022d0c85a02..9f8c8efa68b8 100644
--- a/source/extensions/clusters/logical_dns/BUILD
+++ b/source/extensions/clusters/logical_dns/BUILD
@@ -25,7 +25,7 @@ envoy_cc_extension(
         "//source/common/protobuf:utility_lib",
         "//source/common/upstream:cluster_factory_lib",
         "//source/common/upstream:upstream_includes",
-        "//source/extensions/clusters/common:backcompat_dns_lib",
+        "//source/extensions/clusters/common:dns_cluster_backcompat_lib",
         "//source/extensions/clusters/common:logical_host_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/core/v3:pkg_cc_proto",
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index c98d79ba641b..ddc04a766730 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -20,7 +20,7 @@
 #include "source/common/network/utility.h"
 #include "source/common/protobuf/protobuf.h"
 #include "source/common/protobuf/utility.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 
 namespace Envoy {
 namespace Upstream {
diff --git a/source/extensions/clusters/strict_dns/BUILD b/source/extensions/clusters/strict_dns/BUILD
index b05fb2cd9ba8..ca170cb67482 100644
--- a/source/extensions/clusters/strict_dns/BUILD
+++ b/source/extensions/clusters/strict_dns/BUILD
@@ -17,7 +17,7 @@ envoy_cc_extension(
     deps = [
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
-        "//source/extensions/clusters/common:backcompat_dns_lib",
+        "//source/extensions/clusters/common:dns_cluster_backcompat_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
         "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
         "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index e22e8be37e23..3ccefde88d5a 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -8,7 +8,7 @@
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
-#include "source/extensions/clusters/common/backcompat_dns.h"
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 
 namespace Envoy {
 namespace Upstream {
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 6bbb4c03664e..106c0dd81b9f 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -25,7 +25,7 @@
 #include "source/common/network/utility.h"
 #include "source/common/protobuf/utility.h"
 #include "source/common/singleton/manager_impl.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 #include "source/extensions/clusters/static/static_cluster.h"
 #include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
 #include "source/extensions/load_balancing_policies/least_request/config.h"
diff --git a/test/extensions/clusters/common/BUILD b/test/extensions/clusters/common/BUILD
index 65f9d13c7696..b7a3a3974029 100644
--- a/test/extensions/clusters/common/BUILD
+++ b/test/extensions/clusters/common/BUILD
@@ -8,6 +8,18 @@ licenses(["notice"])  # Apache 2
 
 envoy_package()
 
+envoy_cc_test(
+    name = "dns_cluster_backcompat_test",
+    srcs = ["dns_cluster_backcompat_test.cc"],
+    rbe_pool = "2core",
+    deps = [
+        "//source/extensions/clusters/common:dns_cluster_backcompat_lib",
+        "//test/test_common:utility_lib",
+        "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
+    ],
+)
+
 envoy_cc_test(
     name = "logical_host_test",
     srcs = ["logical_host_test.cc"],
diff --git a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
new file mode 100644
index 000000000000..7a2a3a464bf4
--- /dev/null
+++ b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
@@ -0,0 +1,72 @@
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
+
+#include "test/test_common/utility.h"
+
+#include "gtest/gtest.h"
+
+namespace Envoy {
+namespace Upstream {
+
+class DnsClusterBackcompatUtilTest : public testing::Test {};
+
+TEST_F(DnsClusterBackcompatUtilTest, Empty) {
+  envoy::config::cluster::v3::Cluster cluster{};
+  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_FALSE(dns_cluster.has_dns_jitter());
+  ASSERT_FALSE(dns_cluster.has_dns_refresh_rate());
+  ASSERT_FALSE(dns_cluster.has_dns_failure_refresh_rate());
+  ASSERT_FALSE(dns_cluster.respect_dns_ttl());
+};
+
+TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefresRate) {
+  envoy::config::cluster::v3::Cluster cluster{};
+
+  cluster.mutable_dns_failure_refresh_rate();
+  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_FALSE(dns_cluster.has_dns_jitter());
+  ASSERT_FALSE(dns_cluster.has_dns_refresh_rate());
+  ASSERT_TRUE(dns_cluster.has_dns_failure_refresh_rate());
+  ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_base_interval());
+  ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_max_interval());
+  ASSERT_FALSE(dns_cluster.respect_dns_ttl());
+};
+
+TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
+  envoy::config::cluster::v3::Cluster cluster =
+      TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_jitter:
+            seconds: 1
+            nanos: 2
+          dns_failure_refresh_rate:
+            base_interval:
+              seconds: 3
+              nanos: 4
+            max_interval:
+              seconds: 5
+              nanos: 6
+          dns_refresh_rate:
+            seconds: 7
+            nanos: 8
+          respect_dns_ttl: true
+      )EOF");
+
+  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_EQ(dns_cluster.dns_jitter().seconds(), 1);
+  ASSERT_EQ(dns_cluster.dns_jitter().nanos(), 2);
+  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().seconds(), 3);
+  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().nanos(), 4);
+  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().seconds(), 5);
+  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().nanos(), 6);
+  ASSERT_EQ(dns_cluster.dns_refresh_rate().seconds(), 7);
+  ASSERT_EQ(dns_cluster.dns_refresh_rate().nanos(), 8);
+  ASSERT_TRUE(dns_cluster.respect_dns_ttl());
+};
+} // namespace Upstream
+} // namespace Envoy
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 27c3fdedf154..d4e2a84cfa11 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -12,7 +12,7 @@
 
 #include "source/common/network/utility.h"
 #include "source/common/singleton/manager_impl.h"
-#include "source/extensions/clusters/common/backcompat_dns.h"
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 #include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
 #include "source/server/transport_socket_config_impl.h"
 
@@ -435,6 +435,51 @@ TEST_F(LogicalDnsParamTest, TtlAsDnsRefreshRate) {
                 TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
 }
 
+TEST_F(LogicalDnsParamTest, UseNewConfig) {
+  const std::string yaml = R"EOF(
+  name: name
+  cluster_type:
+    name: envoy.cluster.logical_dns
+    typed_config:
+      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+      dns_refresh_rate: 4s
+      respect_dns_ttl: true
+  connect_timeout: 0.25s
+  lb_policy: ROUND_ROBIN
+  # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
+  # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
+  dns_lookup_family: V4_ONLY
+  load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                     address: foo.bar.com
+                     port_value: 443
+  )EOF";
+
+  expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
+  setupFromV3Yaml(yaml);
+
+  // TTL is recorded when the DNS response is successful and not empty
+  EXPECT_CALL(membership_updated_, ready());
+  EXPECT_CALL(initialized_, ready());
+  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(5000), _));
+  dns_callback_(Network::DnsResolver::ResolutionStatus::Completed, "",
+                TestUtility::makeDnsResponse({"127.0.0.1", "127.0.0.2"}, std::chrono::seconds(5)));
+
+  // If the response is successful but empty, the cluster uses the cluster configured refresh rate.
+  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
+  dns_callback_(Network::DnsResolver::ResolutionStatus::Completed, "",
+                TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
+
+  // On failure, the cluster uses the cluster configured refresh rate.
+  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
+  dns_callback_(Network::DnsResolver::ResolutionStatus::Failure, "",
+                TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
+}
+
 TEST_F(LogicalDnsClusterTest, BadConfig) {
   const std::string multiple_hosts_yaml = R"EOF(
   name: name

From 69f9cec43e2f6534cb349376651df3bf5cd3f0b7 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 14 Oct 2024 10:19:43 -0400
Subject: [PATCH 13/46] CI please work

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 1 -
 1 file changed, 1 deletion(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 815ccffb8c9b..91f25466ca27 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -3,7 +3,6 @@ syntax = "proto3";
 package envoy.extensions.clusters.dns.v3;
 
 import "google/protobuf/duration.proto";
-import "google/protobuf/struct.proto";
 
 import "udpa/annotations/status.proto";
 import "validate/validate.proto";

From 54208790029332a6de7b5b469b960f5b061a9338 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 14 Oct 2024 13:35:52 -0400
Subject: [PATCH 14/46] fix tests?

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto        | 16 ++++++++--------
 test/extensions/clusters/common/BUILD            |  1 +
 .../common/logical_host_integration_test.cc      |  7 +++++--
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index ffa050c06d57..aef9fba13d73 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -953,8 +953,8 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_refresh_rate = 16 [
     deprecated = true,
     (validate.rules).duration = {gt {nanos: 1000000}},
@@ -970,8 +970,8 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_jitter = 58
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -983,16 +983,16 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_enum_value_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
+  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   bool respect_dns_ttl = 39
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
diff --git a/test/extensions/clusters/common/BUILD b/test/extensions/clusters/common/BUILD
index b7a3a3974029..ca321166e58d 100644
--- a/test/extensions/clusters/common/BUILD
+++ b/test/extensions/clusters/common/BUILD
@@ -43,5 +43,6 @@ envoy_cc_test(
         "//test/mocks/network:network_mocks",
         "//test/test_common:registry_lib",
         "//test/test_common:threadsafe_singleton_injector_lib",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index 66beadcdd2cd..b6436d1466cd 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -1,3 +1,4 @@
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 #include "source/common/config/utility.h"
 
 #include "test/integration/http_integration.h"
@@ -84,10 +85,12 @@ TEST_P(LogicalHostIntegrationTest, LogicalDNSRaceCrashTest) {
   config_helper_.addConfigModifier([&](envoy::config::bootstrap::v3::Bootstrap& bootstrap) -> void {
     RELEASE_ASSERT(bootstrap.mutable_static_resources()->clusters_size() == 1, "");
     auto& cluster = *bootstrap.mutable_static_resources()->mutable_clusters(0);
-    cluster.set_type(envoy::config::cluster::v3::Cluster::LOGICAL_DNS);
     cluster.set_dns_lookup_family(envoy::config::cluster::v3::Cluster::ALL);
+    cluster.mutable_cluster_type()->set_name("envoy.cluster.logical_dns");
+    envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
     // Make the refresh rate fast to hit the R/W race.
-    cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
+    dns_cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
+    cluster.mutable_cluster_type()->mutable_typed_config()->PackFrom(dns_cluster);
   });
   config_helper_.addConfigModifier(
       [](envoy::extensions::filters::network::http_connection_manager::v3::HttpConnectionManager&

From a9a5a5cc720d5d8d54fd9abae6927d72f3e052ac Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 14 Oct 2024 18:01:35 -0400
Subject: [PATCH 15/46] Fix integration test (not really)

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../logical_dns/logical_dns_cluster.cc        | 19 +++++--------------
 .../logical_dns/logical_dns_cluster.h         | 10 +++++-----
 .../clusters/strict_dns/strict_dns_cluster.h  |  1 +
 test/config/utility.cc                        |  3 ++-
 .../common/logical_host_integration_test.cc   |  1 +
 5 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index ddc04a766730..bc6ed5482f18 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -72,16 +72,8 @@ LogicalDnsCluster::create(const envoy::config::cluster::v3::Cluster& cluster,
   absl::Status creation_status = absl::OkStatus();
   std::unique_ptr<LogicalDnsCluster> ret;
 
-  // dns_cluster should be cluster.cluster_type.typed_config cast to the right type.
-  if (cluster.has_cluster_type()) {
-    ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
-        cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
-  } else {
-    envoy::extensions::clusters::dns::v3::DnsCluster legacy_dns_cluster{};
-    createDnsClusterFromLegacyFields(cluster, legacy_dns_cluster);
-    ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
-        cluster, legacy_dns_cluster, context, std::move(dns_resolver), creation_status));
-  }
+  ret = std::unique_ptr<LogicalDnsCluster>(new LogicalDnsCluster(
+      cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
   RETURN_IF_NOT_OK(creation_status);
   return ret;
 }
@@ -101,10 +93,9 @@ LogicalDnsCluster::LogicalDnsCluster(
           [this]() -> void { startResolve(); })),
       local_info_(context.serverFactoryContext().localInfo()),
       load_assignment_(convertPriority(cluster.load_assignment())) {
-  failure_backoff_strategy_ =
-      Config::Utility::prepareDnsRefreshStrategy<envoy::config::cluster::v3::Cluster>(
-          cluster, dns_refresh_rate_ms_.count(),
-          context.serverFactoryContext().api().randomGenerator());
+  failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy(
+      dns_cluster, dns_refresh_rate_ms_.count(),
+      context.serverFactoryContext().api().randomGenerator());
 
   const envoy::config::core::v3::SocketAddress& socket_address =
       lbEndpoint().endpoint().address().socket_address();
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 20ccc1944cd2..4c727b121386 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -40,14 +40,14 @@ class LogicalDnsCluster : public ClusterImplBase {
 public:
   ~LogicalDnsCluster() override;
 
-  absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> static create(
-      const envoy::config::cluster::v3::Cluster& cluster,
-      const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
-      ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
-
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
 
+  static absl::StatusOr<std::unique_ptr<LogicalDnsCluster>>
+  create(const envoy::config::cluster::v3::Cluster& cluster,
+         const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
+         ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
+
 protected:
   LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster,
                     const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 9944ccbca470..3914cef2551c 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -19,6 +19,7 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 public:
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
+
   static absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
   create(const envoy::config::cluster::v3::Cluster& cluster,
          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
diff --git a/test/config/utility.cc b/test/config/utility.cc
index 668d4f290882..6ae3e8624043 100644
--- a/test/config/utility.cc
+++ b/test/config/utility.cc
@@ -1021,7 +1021,8 @@ void ConfigHelper::setPorts(const std::vector<uint32_t>& ports, bool override_po
       eds_hosts = true;
     } else if (cluster->type() == envoy::config::cluster::v3::Cluster::ORIGINAL_DST) {
       original_dst_cluster = true;
-    } else if (cluster->has_cluster_type()) {
+    } else if (cluster->has_cluster_type() &&
+               !cluster->cluster_type().name().starts_with("envoy.cluster.")) {
       custom_cluster = true;
     } else {
       // Assign ports to statically defined load_assignment hosts.
diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index b6436d1466cd..30eb3edfb537 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -1,4 +1,5 @@
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+
 #include "source/common/config/utility.h"
 
 #include "test/integration/http_integration.h"

From 16f9cc1629084d30a79738a84ce3a43845541567 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 15 Oct 2024 10:46:05 -0400
Subject: [PATCH 16/46] Use Absl StartsWith

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 test/config/utility.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/config/utility.cc b/test/config/utility.cc
index 6ae3e8624043..aedd5b7f0b5b 100644
--- a/test/config/utility.cc
+++ b/test/config/utility.cc
@@ -27,6 +27,7 @@
 #include "test/test_common/resources.h"
 #include "test/test_common/utility.h"
 
+#include "absl/strings/match.h"
 #include "absl/strings/str_replace.h"
 #include "gtest/gtest.h"
 
@@ -1022,7 +1023,7 @@ void ConfigHelper::setPorts(const std::vector<uint32_t>& ports, bool override_po
     } else if (cluster->type() == envoy::config::cluster::v3::Cluster::ORIGINAL_DST) {
       original_dst_cluster = true;
     } else if (cluster->has_cluster_type() &&
-               !cluster->cluster_type().name().starts_with("envoy.cluster.")) {
+               !absl::StartsWith(cluster->cluster_type().name(), "envoy.cluster.")) {
       custom_cluster = true;
     } else {
       // Assign ports to statically defined load_assignment hosts.

From d4a005835f847888aae961fa3a052625d0973474 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 21 Oct 2024 10:41:25 -0400
Subject: [PATCH 17/46] Remove FIXME

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/clusters/common/dns_cluster_backcompat.cc | 1 -
 1 file changed, 1 deletion(-)

diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.cc b/source/extensions/clusters/common/dns_cluster_backcompat.cc
index 93fc390a640b..b5bc3ad1d2a3 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.cc
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.cc
@@ -16,7 +16,6 @@ void createDnsClusterFromLegacyFields(
     dns_cluster.mutable_dns_refresh_rate()->CopyFrom(cluster.dns_refresh_rate());
   }
 
-  // FIXME: tests this
   if (cluster.has_dns_failure_refresh_rate()) {
     auto* new_refresh_rate = dns_cluster.mutable_dns_failure_refresh_rate();
     const auto& old_refresh_rate = cluster.dns_failure_refresh_rate();

From 9586603ea2ce25b52d0a6ed5ba263665a035212a Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 21 Oct 2024 14:40:33 -0400
Subject: [PATCH 18/46] Some typos

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto  | 8 ++++----
 test/common/upstream/upstream_impl_test.cc | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 80a60f1689e1..a79fe4cb11c8 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -954,7 +954,7 @@ message Cluster {
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
   // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_refresh_rate = 16 [
     deprecated = true,
     (validate.rules).duration = {gt {nanos: 1000000}},
@@ -971,7 +971,7 @@ message Cluster {
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
   // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_jitter = 58
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -984,7 +984,7 @@ message Cluster {
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
   // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -992,7 +992,7 @@ message Cluster {
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
   // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   bool respect_dns_ttl = 39
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 106c0dd81b9f..c511543e4889 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -93,7 +93,7 @@ class UpstreamImplTestBase {
 namespace {
 
 // Usually, the factory is in charge of parsing the cluster config and creating the DNS cluster,
-// but we can't use a factory to create because we need to inject out mock DNS resolver.
+// but we can't use a factory to create because we need to inject our mock DNS resolver.
 absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
 makeStrictDnsClusterFromDnsResolver(const envoy::config::cluster::v3::Cluster& cluster_config,
                                     ClusterFactoryContext& factory_context,

From 64a6fbd80928b35a4daca2c5f0b72b90d3bd3971 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 8 Nov 2024 17:44:02 -0500
Subject: [PATCH 19/46] Add generic factory

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto     |  9 +++-
 api/envoy/extensions/clusters/dns/v3/BUILD    |  5 +-
 .../clusters/dns/v3/dns_cluster.proto         | 36 +++++++++++++
 source/extensions/clusters/dns/BUILD          | 26 +++++++++
 source/extensions/clusters/dns/dns_cluster.cc | 54 +++++++++++++++++++
 source/extensions/clusters/dns/dns_cluster.h  | 34 ++++++++++++
 .../clusters/strict_dns/strict_dns_cluster.h  |  1 +
 source/extensions/extensions_build_config.bzl |  1 +
 8 files changed, 163 insertions(+), 3 deletions(-)
 create mode 100644 source/extensions/clusters/dns/BUILD
 create mode 100644 source/extensions/clusters/dns/dns_cluster.cc
 create mode 100644 source/extensions/clusters/dns/dns_cluster.h

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index a79fe4cb11c8..ff35e61113ca 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -999,7 +999,11 @@ message Cluster {
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
+  DnsLookupFamily dns_lookup_family = 17 [
+    (validate.rules).enum = {defined_only: true},
+    deprecated = true,
+    (envoy.annotations.deprecated_at_minor_version) = "3.0",
+  ];
 
   // If DNS resolvers are specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -1039,7 +1043,8 @@ message Cluster {
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // [#extension-category: envoy.network.dns_resolver]
-  core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
+  core.v3.TypedExtensionConfig typed_dns_resolver_config = 55
+      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
diff --git a/api/envoy/extensions/clusters/dns/v3/BUILD b/api/envoy/extensions/clusters/dns/v3/BUILD
index 29ebf0741406..09a37ad16b83 100644
--- a/api/envoy/extensions/clusters/dns/v3/BUILD
+++ b/api/envoy/extensions/clusters/dns/v3/BUILD
@@ -5,5 +5,8 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
 licenses(["notice"])  # Apache 2
 
 api_proto_package(
-    deps = ["@com_github_cncf_xds//udpa/annotations:pkg"],
+    deps = [
+        "//envoy/config/core/v3:pkg",
+        "@com_github_cncf_xds//udpa/annotations:pkg",
+    ],
 )
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 91f25466ca27..6fb09ecff928 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -2,6 +2,8 @@ syntax = "proto3";
 
 package envoy.extensions.clusters.dns.v3;
 
+import "envoy/config/core/v3/extension.proto";
+
 import "google/protobuf/duration.proto";
 
 import "udpa/annotations/status.proto";
@@ -55,4 +57,38 @@ message DnsCluster {
   // stampede of DNS requests. This value sets the upper bound (exclusive) for the random amount.
   // There will be no jitter if this value is omitted.
   google.protobuf.Duration dns_jitter = 6;
+
+  // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
+  // or any other DNS resolver types and the related parameters.
+  // For example, an object of
+  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+  // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
+  // :ref:`Cluster.dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolution_config>`
+  // configuration which replaces `Cluster.dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`.
+  // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolution_config``, and
+  // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
+  // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.
+  // [#extension-category: envoy.network.dns_resolver]
+  envoy.config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 7;
+
+  // The DNS IP address resolution policy. If this setting is not specified, the
+  // value defaults to
+  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsCluster.DnsLookupFamily.AUTO>`.
+  DnsLookupFamily dns_lookup_family = 8;
+
+  DnsDiscoveryType dns_discovery_type = 9;
+
+  enum DnsLookupFamily {
+    UNSPECIFIED = 0;
+    AUTO = 1;
+    V4_ONLY = 2;
+    V6_ONLY = 3;
+    V4_PREFERRED = 4;
+    ALL = 5;
+  }
+
+  enum DnsDiscoveryType {
+    LOGICAL = 0;
+    STRICT = 1;
+  }
 }
diff --git a/source/extensions/clusters/dns/BUILD b/source/extensions/clusters/dns/BUILD
new file mode 100644
index 000000000000..6fbd134cc764
--- /dev/null
+++ b/source/extensions/clusters/dns/BUILD
@@ -0,0 +1,26 @@
+load(
+    "//bazel:envoy_build_system.bzl",
+    "envoy_cc_extension",
+    "envoy_extension_package",
+)
+
+licenses(["notice"])  # Apache 2
+
+envoy_extension_package()
+
+envoy_cc_extension(
+    name = "dns_cluster_lib",
+    srcs = ["dns_cluster.cc"],
+    hdrs = ["dns_cluster.h"],
+    # prevously considered core code.
+    visibility = ["//visibility:public"],
+    deps = [
+        "//source/common/upstream:cluster_factory_includes",
+        "//source/common/upstream:upstream_includes",
+        "//source/extensions/clusters/logical_dns:logical_dns_cluster_lib",
+        "//source/extensions/clusters/strict_dns:strict_dns_cluster_lib",
+        "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
+        "@envoy_api//envoy/config/endpoint/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
+    ],
+)
diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
new file mode 100644
index 000000000000..f1f50f229b61
--- /dev/null
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -0,0 +1,54 @@
+#include "source/extensions/clusters/dns/dns_cluster.h"
+
+#include <chrono>
+
+#include "envoy/common/exception.h"
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/config/endpoint/v3/endpoint.pb.h"
+#include "envoy/config/endpoint/v3/endpoint_components.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+
+#include "source/extensions/clusters/common/dns_cluster_backcompat.h"
+
+namespace Envoy {
+namespace Upstream {
+
+absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
+
+DnsClusterFactory::createClusterWithConfig(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+    Upstream::ClusterFactoryContext& context) {
+  std::string cluster_type_name = "";
+  switch (proto_config.dns_discovery_type()) {
+    PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
+  case envoy::extensions::clusters::dns::v3::DnsCluster::STRICT:
+    cluster_type_name = "envoy.cluster.strict_dns";
+    break;
+  case envoy::extensions::clusters::dns::v3::DnsCluster::LOGICAL:
+    cluster_type_name = "envoy.cluster.logical_dns";
+    break;
+  }
+  ClusterFactory* factory =
+      Registry::FactoryRegistry<ClusterFactory>::getFactory(cluster_type_name);
+
+  if (factory == nullptr) {
+    return absl::InvalidArgumentError(
+        fmt::format("Didn't find a registered cluster factory implementation for name: '{}'",
+                    cluster_type_name));
+  }
+  auto value = factory->create(cluster, context);
+  if (!value.ok()) {
+    return value.status();
+  }
+  return std::make_pair(std::dynamic_pointer_cast<ClusterImplBase>(value->first),
+                        std::move(value->second));
+}
+
+/**
+ * Static registration for the strict dns cluster factory. @see RegisterFactory.
+ */
+REGISTER_FACTORY(DnsClusterFactory, Upstream::ClusterFactory);
+
+} // namespace Upstream
+} // namespace Envoy
diff --git a/source/extensions/clusters/dns/dns_cluster.h b/source/extensions/clusters/dns/dns_cluster.h
new file mode 100644
index 000000000000..75de2e02cb10
--- /dev/null
+++ b/source/extensions/clusters/dns/dns_cluster.h
@@ -0,0 +1,34 @@
+#pragma once
+
+#include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/config/endpoint/v3/endpoint_components.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.validate.h"
+
+#include "source/common/upstream/cluster_factory_impl.h"
+#include "source/common/upstream/upstream_impl.h"
+
+namespace Envoy {
+namespace Upstream {
+
+/**
+ * Factory for DnsClusterImpl
+ */
+
+class DnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
+                              envoy::extensions::clusters::dns::v3::DnsCluster> {
+public:
+  DnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.dns") {}
+
+private:
+  absl::StatusOr<
+      std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
+  createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
+                          const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+                          Upstream::ClusterFactoryContext& context) override;
+};
+
+DECLARE_FACTORY(DnsClusterFactory);
+
+} // namespace Upstream
+} // namespace Envoy
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 8f6ed7925f50..bf2aebb43abe 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -19,6 +19,7 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 public:
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
+
   static absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
   create(const envoy::config::cluster::v3::Cluster& cluster,
          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
diff --git a/source/extensions/extensions_build_config.bzl b/source/extensions/extensions_build_config.bzl
index 8a00f2810875..5c6eb8e54b4d 100644
--- a/source/extensions/extensions_build_config.bzl
+++ b/source/extensions/extensions_build_config.bzl
@@ -26,6 +26,7 @@ EXTENSIONS = {
     "envoy.clusters.strict_dns":                        "//source/extensions/clusters/strict_dns:strict_dns_cluster_lib",
     "envoy.clusters.original_dst":                      "//source/extensions/clusters/original_dst:original_dst_cluster_lib",
     "envoy.clusters.logical_dns":                       "//source/extensions/clusters/logical_dns:logical_dns_cluster_lib",
+    "envoy.clusters.dns":                               "//source/extensions/clusters/dns:dns_cluster_lib",
 
     #
     # Compression

From 52647e3a08c1a90ae59cc6b72dccd8abe4dc16f7 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 12 Nov 2024 13:45:50 -0500
Subject: [PATCH 20/46] wip

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto     | 21 ++++++++++------
 .../extensions/clusters/common/dns/v3/BUILD   | 11 ++++++++
 .../clusters/common/dns/v3/dns.proto          | 19 ++++++++++++++
 api/envoy/extensions/clusters/dns/v3/BUILD    |  1 +
 .../clusters/dns/v3/dns_cluster.proto         | 12 ++-------
 source/common/common/BUILD                    |  1 +
 source/common/common/dns_utils.cc             | 21 ++++++++++++++++
 source/common/common/dns_utils.h              |  3 +++
 .../clusters/common/dns_cluster_backcompat.cc | 21 ++++++++++++++++
 source/extensions/clusters/dns/dns_cluster.cc | 10 ++++----
 source/extensions/clusters/logical_dns/BUILD  |  1 +
 .../logical_dns/logical_dns_cluster.cc        | 25 ++++++++++++++++---
 .../logical_dns/logical_dns_cluster.h         | 10 ++++++++
 source/extensions/clusters/strict_dns/BUILD   |  2 ++
 .../clusters/strict_dns/strict_dns_cluster.cc | 23 ++++++++++++++---
 .../clusters/strict_dns/strict_dns_cluster.h  |  6 +++++
 .../logical_dns/logical_dns_cluster_test.cc   |  2 +-
 17 files changed, 159 insertions(+), 30 deletions(-)
 create mode 100644 api/envoy/extensions/clusters/common/dns/v3/BUILD
 create mode 100644 api/envoy/extensions/clusters/common/dns/v3/dns.proto

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index ff35e61113ca..e1473a303ac4 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -999,11 +999,13 @@ message Cluster {
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 17 [
-    (validate.rules).enum = {defined_only: true},
-    deprecated = true,
-    (envoy.annotations.deprecated_at_minor_version) = "3.0",
-  ];
+  // Note that this field is deprecated for cluster types
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+  // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
+  // and will be ignored if ``config_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
+  // ``envoy.cluster.strict_dns``.
+  // Use :ref:`config_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.config_type>` instead.
+  DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
 
   // If DNS resolvers are specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
@@ -1042,9 +1044,14 @@ message Cluster {
   // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
+  // Also note that this field is deprecated for cluster types
+  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
+  // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
+  // and will be ignored if ``config_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
+  // ``envoy.cluster.strict_dns``.
+  // Use :ref:`config_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.config_type>` instead.
   // [#extension-category: envoy.network.dns_resolver]
-  core.v3.TypedExtensionConfig typed_dns_resolver_config = 55
-      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
+  core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
   // Optional configuration for having cluster readiness block on warm-up. Currently, only applicable for
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
diff --git a/api/envoy/extensions/clusters/common/dns/v3/BUILD b/api/envoy/extensions/clusters/common/dns/v3/BUILD
new file mode 100644
index 000000000000..b514f18ab81a
--- /dev/null
+++ b/api/envoy/extensions/clusters/common/dns/v3/BUILD
@@ -0,0 +1,11 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "@com_github_cncf_xds//udpa/annotations:pkg",
+    ],
+)
diff --git a/api/envoy/extensions/clusters/common/dns/v3/dns.proto b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
new file mode 100644
index 000000000000..05333236d9f8
--- /dev/null
+++ b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
@@ -0,0 +1,19 @@
+syntax = "proto3";
+
+package envoy.extensions.clusters.common.dns.v3;
+
+import "udpa/annotations/status.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/common/dns/v3;dnsv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+enum DnsLookupFamily {
+  UNSPECIFIED = 0;
+  AUTO = 1;
+  V4_ONLY = 2;
+  V6_ONLY = 3;
+  V4_PREFERRED = 4;
+  ALL = 5;
+}
diff --git a/api/envoy/extensions/clusters/dns/v3/BUILD b/api/envoy/extensions/clusters/dns/v3/BUILD
index 09a37ad16b83..c8b8444932e9 100644
--- a/api/envoy/extensions/clusters/dns/v3/BUILD
+++ b/api/envoy/extensions/clusters/dns/v3/BUILD
@@ -7,6 +7,7 @@ licenses(["notice"])  # Apache 2
 api_proto_package(
     deps = [
         "//envoy/config/core/v3:pkg",
+        "//envoy/extensions/clusters/common/dns/v3:pkg",
         "@com_github_cncf_xds//udpa/annotations:pkg",
     ],
 )
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 6fb09ecff928..2456cc77e9d4 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -3,6 +3,7 @@ syntax = "proto3";
 package envoy.extensions.clusters.dns.v3;
 
 import "envoy/config/core/v3/extension.proto";
+import "envoy/extensions/clusters/common/dns/v3/dns.proto";
 
 import "google/protobuf/duration.proto";
 
@@ -74,19 +75,10 @@ message DnsCluster {
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsCluster.DnsLookupFamily.AUTO>`.
-  DnsLookupFamily dns_lookup_family = 8;
+  envoy.extensions.clusters.common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
   DnsDiscoveryType dns_discovery_type = 9;
 
-  enum DnsLookupFamily {
-    UNSPECIFIED = 0;
-    AUTO = 1;
-    V4_ONLY = 2;
-    V6_ONLY = 3;
-    V4_PREFERRED = 4;
-    ALL = 5;
-  }
-
   enum DnsDiscoveryType {
     LOGICAL = 0;
     STRICT = 1;
diff --git a/source/common/common/BUILD b/source/common/common/BUILD
index c80ef430d63f..bdb99b4e608c 100644
--- a/source/common/common/BUILD
+++ b/source/common/common/BUILD
@@ -109,6 +109,7 @@ envoy_cc_library(
         "//envoy/network:dns_interface",
         "//source/common/network:utility_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
 
diff --git a/source/common/common/dns_utils.cc b/source/common/common/dns_utils.cc
index f13531396427..40ec21ebc873 100644
--- a/source/common/common/dns_utils.cc
+++ b/source/common/common/dns_utils.cc
@@ -31,6 +31,27 @@ getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily
   return Network::DnsLookupFamily::All;
 }
 
+Network::DnsLookupFamily
+getDnsLookupFamilyFromEnum(envoy::extensions::clusters::common::dns::v3::DnsLookupFamily family) {
+  switch (family) {
+    PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
+  case envoy::extensions::clusters::common::dns::v3::V6_ONLY:
+    return Network::DnsLookupFamily::V6Only;
+  case envoy::extensions::clusters::common::dns::v3::V4_ONLY:
+    return Network::DnsLookupFamily::V4Only;
+  case envoy::extensions::clusters::common::dns::v3::AUTO:
+  case envoy::extensions::clusters::common::dns::v3::UNSPECIFIED:
+    return Network::DnsLookupFamily::Auto;
+  case envoy::extensions::clusters::common::dns::v3::V4_PREFERRED:
+    return Network::DnsLookupFamily::V4Preferred;
+  case envoy::extensions::clusters::common::dns::v3::ALL:
+    return Network::DnsLookupFamily::All;
+    break;
+  }
+  IS_ENVOY_BUG("unexpected dns lookup family enum");
+  return Network::DnsLookupFamily::All;
+}
+
 std::vector<Network::Address::InstanceConstSharedPtr>
 generateAddressList(const std::list<Network::DnsResponse>& responses, uint32_t port) {
   std::vector<Network::Address::InstanceConstSharedPtr> addresses;
diff --git a/source/common/common/dns_utils.h b/source/common/common/dns_utils.h
index 869a91d2a236..04d7b1a67dcb 100644
--- a/source/common/common/dns_utils.h
+++ b/source/common/common/dns_utils.h
@@ -1,6 +1,7 @@
 #pragma once
 
 #include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 #include "envoy/network/dns.h"
 
 namespace Envoy {
@@ -13,6 +14,8 @@ Network::DnsLookupFamily
 getDnsLookupFamilyFromCluster(const envoy::config::cluster::v3::Cluster& cluster);
 Network::DnsLookupFamily
 getDnsLookupFamilyFromEnum(envoy::config::cluster::v3::Cluster::DnsLookupFamily family);
+Network::DnsLookupFamily
+getDnsLookupFamilyFromEnum(envoy::extensions::clusters::common::dns::v3::DnsLookupFamily family);
 
 // Generates a list of InstanceConstSharedPtr from the DNS responses provided.
 std::vector<Network::Address::InstanceConstSharedPtr>
diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.cc b/source/extensions/clusters/common/dns_cluster_backcompat.cc
index b5bc3ad1d2a3..c1a430602c3c 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.cc
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.cc
@@ -1,5 +1,6 @@
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 
+#include "envoy/common/exception.h"
 #include "envoy/config/cluster/v3/cluster.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
@@ -33,6 +34,26 @@ void createDnsClusterFromLegacyFields(
   if (cluster.has_dns_jitter()) {
     dns_cluster.mutable_dns_jitter()->CopyFrom(cluster.dns_jitter());
   }
+
+  switch (cluster.dns_lookup_family()) {
+    PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
+  case envoy::config::cluster::v3::Cluster::AUTO:
+    dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::AUTO);
+    break;
+  case envoy::config::cluster::v3::Cluster::V4_ONLY:
+    dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::V4_ONLY);
+    break;
+  case envoy::config::cluster::v3::Cluster::V6_ONLY:
+    dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::V6_ONLY);
+    break;
+  case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
+    dns_cluster.set_dns_lookup_family(
+        envoy::extensions::clusters::common::dns::v3::V4_PREFERRED);
+    break;
+  case envoy::config::cluster::v3::Cluster::ALL:
+    dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::ALL);
+    break;
+  }
 }
 
 } // namespace Upstream
diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
index f1f50f229b61..cd022f896a4b 100644
--- a/source/extensions/clusters/dns/dns_cluster.cc
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -37,12 +37,12 @@ DnsClusterFactory::createClusterWithConfig(
         fmt::format("Didn't find a registered cluster factory implementation for name: '{}'",
                     cluster_type_name));
   }
-  auto value = factory->create(cluster, context);
-  if (!value.ok()) {
-    return value.status();
+  auto dns_cluster = factory->create(cluster, context);
+  if (!dns_cluster.ok()) {
+    return dns_cluster.status();
   }
-  return std::make_pair(std::dynamic_pointer_cast<ClusterImplBase>(value->first),
-                        std::move(value->second));
+  return std::make_pair(std::dynamic_pointer_cast<ClusterImplBase>(dns_cluster->first),
+                        std::move(dns_cluster->second));
 }
 
 /**
diff --git a/source/extensions/clusters/logical_dns/BUILD b/source/extensions/clusters/logical_dns/BUILD
index 9f8c8efa68b8..1ba2bd814c4a 100644
--- a/source/extensions/clusters/logical_dns/BUILD
+++ b/source/extensions/clusters/logical_dns/BUILD
@@ -21,6 +21,7 @@ envoy_cc_extension(
         "//source/common/config:utility_lib",
         "//source/common/network:address_lib",
         "//source/common/network:utility_lib",
+        "//source/common/network/dns_resolver:dns_factory_util_lib",
         "//source/common/protobuf",
         "//source/common/protobuf:utility_lib",
         "//source/common/upstream:cluster_factory_lib",
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index d1b051ddf5cd..c25fe8fd3e96 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -17,6 +17,7 @@
 #include "source/common/common/fmt.h"
 #include "source/common/config/utility.h"
 #include "source/common/network/address_impl.h"
+#include "source/common/network/dns_resolver/dns_factory_util.h"
 #include "source/common/network/utility.h"
 #include "source/common/protobuf/protobuf.h"
 #include "source/common/protobuf/utility.h"
@@ -89,6 +90,8 @@ LogicalDnsCluster::LogicalDnsCluster(
       dns_jitter_ms_(
           std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0))),
       respect_dns_ttl_(dns_cluster.respect_dns_ttl()),
+      dns_lookup_family_(
+          Envoy::DnsUtils::getDnsLookupFamilyFromEnum(dns_cluster.dns_lookup_family())),
       resolve_timer_(context.serverFactoryContext().mainThreadDispatcher().createTimer(
           [this]() -> void { startResolve(); })),
       local_info_(context.serverFactoryContext().localInfo()),
@@ -110,7 +113,6 @@ LogicalDnsCluster::LogicalDnsCluster(
   } else {
     hostname_ = lbEndpoint().endpoint().hostname();
   }
-  dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster);
 }
 
 void LogicalDnsCluster::startPreInit() {
@@ -140,8 +142,8 @@ void LogicalDnsCluster::startResolve() {
         std::chrono::milliseconds final_refresh_rate = dns_refresh_rate_ms_;
 
         // If the DNS resolver successfully resolved with an empty response list, the logical DNS
-        // cluster does not update. This ensures that a potentially previously resolved address does
-        // not stabilize back to 0 hosts.
+        // cluster does not update. This ensures that a potentially previously resolved address
+        // does not stabilize back to 0 hosts.
         if (status == Network::DnsResolver::ResolutionStatus::Completed && !response.empty()) {
           info_->configUpdateStats().update_success_.inc();
           const auto addrinfo = response.front().addrInfo();
@@ -204,12 +206,27 @@ void LogicalDnsCluster::startResolve() {
       });
 }
 
+absl::StatusOr<Network::DnsResolverSharedPtr> LogicalDnsClusterFactory::selectDnsResolver(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+    ClusterFactoryContext& context) {
+  if (proto_config.has_typed_dns_resolver_config()) {
+    Network::DnsResolverFactory& dns_resolver_factory =
+        Network::createDnsResolverFactoryFromTypedConfig(proto_config.typed_dns_resolver_config());
+    auto& server_context = context.serverFactoryContext();
+    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
+                                                  server_context.api(),
+                                                  proto_config.typed_dns_resolver_config());
+  }
+  return ClusterFactoryImplBase::selectDnsResolver(cluster, context);
+}
+
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
 LogicalDnsClusterFactory::createClusterWithConfig(
     const envoy::config::cluster::v3::Cluster& cluster,
     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
     ClusterFactoryContext& context) {
-  auto dns_resolver_or_error = selectDnsResolver(cluster, context);
+  auto dns_resolver_or_error = selectDnsResolver(cluster, proto_config, context);
   THROW_IF_NOT_OK(dns_resolver_or_error.status());
 
   absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> cluster_or_error;
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 4c727b121386..1a6bec9a0444 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -48,6 +48,9 @@ class LogicalDnsCluster : public ClusterImplBase {
          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
          ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
 
+
+
+
 protected:
   LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster,
                     const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
@@ -98,6 +101,13 @@ class LogicalDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase
 public:
   LogicalDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.logical_dns") {}
 
+  absl::StatusOr<Network::DnsResolverSharedPtr>
+  selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
+                    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+                    ClusterFactoryContext& context);
+
+
+
 private:
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
diff --git a/source/extensions/clusters/strict_dns/BUILD b/source/extensions/clusters/strict_dns/BUILD
index ca170cb67482..76e7b060aaa1 100644
--- a/source/extensions/clusters/strict_dns/BUILD
+++ b/source/extensions/clusters/strict_dns/BUILD
@@ -15,6 +15,8 @@ envoy_cc_extension(
     # prevously considered core code.
     visibility = ["//visibility:public"],
     deps = [
+        "//source/common/common:dns_utils_lib",
+        "//source/common/network/dns_resolver:dns_factory_util_lib",
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
         "//source/extensions/clusters/common:dns_cluster_backcompat_lib",
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index 64181bfbdd12..b1971eec3060 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -8,6 +8,8 @@
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
+#include "source/common/common/dns_utils.h"
+#include "source/common/network/dns_resolver/dns_factory_util.h"
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 
 namespace Envoy {
@@ -36,7 +38,8 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(
       dns_refresh_rate_ms_(std::chrono::milliseconds(
           PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
       dns_jitter_ms_(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0)),
-      respect_dns_ttl_(dns_cluster.respect_dns_ttl()) {
+      respect_dns_ttl_(dns_cluster.respect_dns_ttl()),
+      dns_lookup_family_(Envoy::DnsUtils::getDnsLookupFamilyFromEnum(dns_cluster.dns_lookup_family())) {
   failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy(
       dns_cluster, dns_refresh_rate_ms_.count(),
       context.serverFactoryContext().api().randomGenerator());
@@ -58,7 +61,6 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(
     }
   }
   resolve_targets_ = std::move(resolve_targets);
-  dns_lookup_family_ = getDnsLookupFamilyFromCluster(cluster);
 
   overprovisioning_factor_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(
       load_assignment_.policy(), overprovisioning_factor, kDefaultOverProvisioningFactor);
@@ -224,13 +226,28 @@ void StrictDnsClusterImpl::ResolveTarget::startResolve() {
       });
 }
 
+absl::StatusOr<Network::DnsResolverSharedPtr> StrictDnsClusterFactory::selectDnsResolver(
+    const envoy::config::cluster::v3::Cluster& cluster,
+    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+    ClusterFactoryContext& context) {
+  if (proto_config.has_typed_dns_resolver_config()) {
+    Network::DnsResolverFactory& dns_resolver_factory =
+        Network::createDnsResolverFactoryFromTypedConfig(proto_config.typed_dns_resolver_config());
+    auto& server_context = context.serverFactoryContext();
+    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
+                                                  server_context.api(),
+                                                  proto_config.typed_dns_resolver_config());
+  }
+  return ClusterFactoryImplBase::selectDnsResolver(cluster, context);
+}
+
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
 StrictDnsClusterFactory::createClusterWithConfig(
     const envoy::config::cluster::v3::Cluster& cluster,
     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
     Upstream::ClusterFactoryContext& context) {
   absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>> cluster_or_error;
-  auto dns_resolver_or_error = selectDnsResolver(cluster, context);
+  auto dns_resolver_or_error = selectDnsResolver(cluster, proto_config, context);
   RETURN_IF_NOT_OK(dns_resolver_or_error.status());
 
   if (cluster.has_cluster_type()) {
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index bf2aebb43abe..7531471a7c64 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -90,6 +90,12 @@ class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
 public:
   StrictDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.strict_dns") {}
 
+
+  absl::StatusOr<Network::DnsResolverSharedPtr>
+  selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
+                    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
+                    ClusterFactoryContext& context);
+
 private:
   absl::StatusOr<
       std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index d4e2a84cfa11..3062c99153c2 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -444,11 +444,11 @@ TEST_F(LogicalDnsParamTest, UseNewConfig) {
       "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
       dns_refresh_rate: 4s
       respect_dns_ttl: true
+      dns_lookup_family: V4_ONLY
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
   # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
-  dns_lookup_family: V4_ONLY
   load_assignment:
         endpoints:
           - lb_endpoints:

From 9fe2bb2aa0c2a83e1cebd1c5713e39bf50f0ecfc Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Wed, 13 Nov 2024 16:37:02 -0500
Subject: [PATCH 21/46] Tests

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../clusters/dns/v3/dns_cluster.proto         |   2 +
 .../clusters/common/dns_cluster_backcompat.cc |   3 +-
 source/extensions/clusters/dns/dns_cluster.h  |   3 +
 test/common/upstream/upstream_impl_test.cc    |  93 +++++++++++++-
 test/extensions/clusters/common/BUILD         |   1 +
 .../common/dns_cluster_backcompat_test.cc     |  57 ++++++++-
 test/extensions/clusters/logical_dns/BUILD    |   1 +
 .../logical_dns/logical_dns_cluster_test.cc   | 113 +++++++++++++++---
 8 files changed, 251 insertions(+), 22 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 2456cc77e9d4..a56543c78b8a 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -77,6 +77,8 @@ message DnsCluster {
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsCluster.DnsLookupFamily.AUTO>`.
   envoy.extensions.clusters.common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
+  // Whether to do logical or strict dns resolution.
+  // This field is only considered when the ``name`` field of the ``TypedConfig`` is ``envoy.cluster.dns``.
   DnsDiscoveryType dns_discovery_type = 9;
 
   enum DnsDiscoveryType {
diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.cc b/source/extensions/clusters/common/dns_cluster_backcompat.cc
index c1a430602c3c..c3f4a6fa4941 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.cc
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.cc
@@ -47,8 +47,7 @@ void createDnsClusterFromLegacyFields(
     dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::V6_ONLY);
     break;
   case envoy::config::cluster::v3::Cluster::V4_PREFERRED:
-    dns_cluster.set_dns_lookup_family(
-        envoy::extensions::clusters::common::dns::v3::V4_PREFERRED);
+    dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::V4_PREFERRED);
     break;
   case envoy::config::cluster::v3::Cluster::ALL:
     dns_cluster.set_dns_lookup_family(envoy::extensions::clusters::common::dns::v3::ALL);
diff --git a/source/extensions/clusters/dns/dns_cluster.h b/source/extensions/clusters/dns/dns_cluster.h
index 75de2e02cb10..f198e09cef54 100644
--- a/source/extensions/clusters/dns/dns_cluster.h
+++ b/source/extensions/clusters/dns/dns_cluster.h
@@ -11,6 +11,8 @@
 namespace Envoy {
 namespace Upstream {
 
+class LogicalDnsClusterTest;
+
 /**
  * Factory for DnsClusterImpl
  */
@@ -21,6 +23,7 @@ class DnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
   DnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.dns") {}
 
 private:
+  friend class LogicalDnsClusterTest;
   absl::StatusOr<
       std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
   createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index a694d925cd88..81d88168908f 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -1475,6 +1475,94 @@ TEST_F(StrictDnsClusterImplTest, FailureRefreshRateBackoffResetsWhenSuccessHappe
                          TestUtility::makeDnsResponse({}));
 }
 
+TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig) {
+  ResolverData resolver(*dns_resolver_, server_context_.dispatcher_);
+
+  const std::string yaml = R"EOF(
+    name: name
+    connect_timeout: 0.25s
+    cluster_type:
+      name: envoy.cluster.strict_dns
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_refresh_rate: 4s
+        dns_jitter: 0s
+        respect_dns_ttl: true
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: localhost1
+                    port_value: 11001
+  )EOF";
+
+  envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
+
+  Envoy::Upstream::ClusterFactoryContextImpl factory_context(
+      server_context_, server_context_.cluster_manager_,
+      [dns_resolver = this->dns_resolver_]() { return dns_resolver; }, ssl_context_manager_,
+      nullptr, false);
+
+  auto factory = StrictDnsClusterFactory();
+  auto cluster = factory.create(cluster_config, factory_context);
+  ASSERT_TRUE(cluster.ok());
+
+  cluster->first->initialize([] {});
+
+  EXPECT_CALL(*resolver.timer_, enableTimer(_, _));
+  ON_CALL(random_, random()).WillByDefault(Return(8000));
+  resolver.dns_callback_(
+      Network::DnsResolver::ResolutionStatus::Completed, "",
+      TestUtility::makeDnsResponse({"192.168.1.1", "192.168.1.2"}, std::chrono::seconds(30)));
+}
+
+TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
+  ResolverData resolver(*dns_resolver_, server_context_.dispatcher_);
+
+  const std::string yaml = R"EOF(
+    name: name
+    connect_timeout: 0.25s
+    cluster_type:
+      name: envoy.cluster.dns
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_refresh_rate: 4s
+        dns_jitter: 0s
+        respect_dns_ttl: true
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: localhost1
+                    port_value: 11001
+  )EOF";
+
+  envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
+
+  Envoy::Upstream::ClusterFactoryContextImpl factory_context(
+      server_context_, server_context_.cluster_manager_,
+      [dns_resolver = this->dns_resolver_]() { return dns_resolver; }, ssl_context_manager_,
+      nullptr, false);
+
+  auto factory = StrictDnsClusterFactory();
+  auto cluster = factory.create(cluster_config, factory_context);
+  ASSERT_TRUE(cluster.ok());
+
+  cluster->first->initialize([] {});
+
+  EXPECT_CALL(*resolver.timer_, enableTimer(_, _));
+  ON_CALL(random_, random()).WillByDefault(Return(8000));
+  resolver.dns_callback_(
+      Network::DnsResolver::ResolutionStatus::Completed, "",
+      TestUtility::makeDnsResponse({"192.168.1.1", "192.168.1.2"}, std::chrono::seconds(30)));
+}
+
 TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateNoJitter) {
   ResolverData resolver(*dns_resolver_, server_context_.dispatcher_);
 
@@ -3353,8 +3441,8 @@ TEST_F(StaticClusterImplTest, SourceAddressPriorityWitExtraSourceAddress) {
         ->set_address("1.2.3.6");
 
     Envoy::Upstream::ClusterFactoryContextImpl factory_context(
-        server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
-        false);
+        server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_,
+        nullptr, false);
 
     EXPECT_THROW_WITH_MESSAGE(
         std::shared_ptr<StaticClusterImpl> cluster = createCluster(config, factory_context),
@@ -6329,3 +6417,4 @@ TEST_F(PriorityStateManagerTest, LocalityClusterUpdate) {
 } // namespace
 } // namespace Upstream
 } // namespace Envoy
+
diff --git a/test/extensions/clusters/common/BUILD b/test/extensions/clusters/common/BUILD
index 7cc6284ffcd6..ec0f1d031afa 100644
--- a/test/extensions/clusters/common/BUILD
+++ b/test/extensions/clusters/common/BUILD
@@ -16,6 +16,7 @@ envoy_cc_test(
         "//source/extensions/clusters/common:dns_cluster_backcompat_lib",
         "//test/test_common:utility_lib",
         "@envoy_api//envoy/config/cluster/v3:pkg_cc_proto",
+        "@envoy_api//envoy/extensions/clusters/common/dns/v3:pkg_cc_proto",
         "@envoy_api//envoy/extensions/clusters/dns/v3:pkg_cc_proto",
     ],
 )
diff --git a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
index 7a2a3a464bf4..bd4ad479c24c 100644
--- a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
+++ b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
@@ -1,4 +1,5 @@
 #include "envoy/config/cluster/v3/cluster.pb.h"
+#include "envoy/extensions/clusters/common/dns/v3/dns.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
@@ -20,9 +21,12 @@ TEST_F(DnsClusterBackcompatUtilTest, Empty) {
   ASSERT_FALSE(dns_cluster.has_dns_refresh_rate());
   ASSERT_FALSE(dns_cluster.has_dns_failure_refresh_rate());
   ASSERT_FALSE(dns_cluster.respect_dns_ttl());
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::AUTO);
+  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
 
-TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefresRate) {
+TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefreshRate) {
   envoy::config::cluster::v3::Cluster cluster{};
 
   cluster.mutable_dns_failure_refresh_rate();
@@ -34,6 +38,9 @@ TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefresRate) {
   ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_base_interval());
   ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_max_interval());
   ASSERT_FALSE(dns_cluster.respect_dns_ttl());
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::AUTO);
+  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
 
 TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
@@ -54,6 +61,7 @@ TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
             seconds: 7
             nanos: 8
           respect_dns_ttl: true
+          dns_lookup_family: V6_ONLY
       )EOF");
 
   envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
@@ -67,6 +75,53 @@ TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
   ASSERT_EQ(dns_cluster.dns_refresh_rate().seconds(), 7);
   ASSERT_EQ(dns_cluster.dns_refresh_rate().nanos(), 8);
   ASSERT_TRUE(dns_cluster.respect_dns_ttl());
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::V6_ONLY);
+  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
+
+TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
+  envoy::config::cluster::v3::Cluster cluster =
+      TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_lookup_family: V6_ONLY
+      )EOF");
+  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::V6_ONLY);
+
+  cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_lookup_family: V4_ONLY
+      )EOF");
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::V4_ONLY);
+
+  cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_lookup_family: AUTO
+      )EOF");
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::AUTO);
+
+  cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_lookup_family: V4_PREFERRED
+      )EOF");
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::V4_PREFERRED);
+
+  cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
+          type: STRICT_DNS
+          dns_lookup_family: ALL
+      )EOF");
+  createDnsClusterFromLegacyFields(cluster, dns_cluster);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+              envoy::extensions::clusters::common::dns::v3::ALL);
+}
 } // namespace Upstream
 } // namespace Envoy
diff --git a/test/extensions/clusters/logical_dns/BUILD b/test/extensions/clusters/logical_dns/BUILD
index ed36b316d45e..5c1608f9b9e8 100644
--- a/test/extensions/clusters/logical_dns/BUILD
+++ b/test/extensions/clusters/logical_dns/BUILD
@@ -17,6 +17,7 @@ envoy_cc_test(
         "//source/common/event:dispatcher_lib",
         "//source/common/network:utility_lib",
         "//source/common/upstream:upstream_lib",
+        "//source/extensions/clusters/dns:dns_cluster_lib",
         "//source/extensions/clusters/logical_dns:logical_dns_cluster_lib",
         "//source/extensions/load_balancing_policies/round_robin:config",
         "//source/extensions/transport_sockets/raw_buffer:config",
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 3062c99153c2..fa3575108684 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -14,6 +14,7 @@
 #include "source/common/singleton/manager_impl.h"
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
 #include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
+#include "source/extensions/clusters/dns/dns_cluster.h"
 #include "source/server/transport_socket_config_impl.h"
 
 #include "test/common/upstream/utility.h"
@@ -84,8 +85,10 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
     cluster_->initialize([&]() -> void { initialized_.ready(); });
   }
 
+  template <class Factory = LogicalDnsClusterFactory>
   absl::Status factorySetupFromV3Yaml(const std::string& yaml) {
     ON_CALL(server_context_, api()).WillByDefault(ReturnRef(*api_));
+    resolve_timer_ = new Event::MockTimer(&server_context_.dispatcher_);
     NiceMock<MockClusterManager> cm;
     envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
     ClusterFactoryContextImpl::LazyCreateDnsResolver resolver_fn = [&]() { return dns_resolver_; };
@@ -93,22 +96,24 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
         server_context_, server_context_.cluster_manager_, resolver_fn, ssl_context_manager_,
         nullptr, false);
 
-    LogicalDnsClusterFactory factory;
-    envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
-    if (cluster_config.has_cluster_type()) {
-      ProtobufTypes::MessagePtr dns_cluster_msg =
-          std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
-      Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
-                                             factory_context.messageValidationVisitor(),
-                                             *dns_cluster_msg);
-      dns_cluster =
-          MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
-              *dns_cluster_msg, factory_context.messageValidationVisitor());
+    Factory factory;
+
+    auto status_or_cluster = factory.create(cluster_config, factory_context);
+    if (status_or_cluster.ok()) {
+      cluster_ = std::dynamic_pointer_cast<LogicalDnsCluster>(status_or_cluster->first);
+      priority_update_cb_ = cluster_->prioritySet().addPriorityUpdateCb(
+          [&](uint32_t, const HostVector&, const HostVector&) {
+            membership_updated_.ready();
+            return absl::OkStatus();
+          });
+      cluster_->initialize([&]() -> void { initialized_.ready(); });
     } else {
-      createDnsClusterFromLegacyFields(cluster_config, dns_cluster);
+      // the Event::MockTimer constructor creates EXPECT_CALL for the dispatcher.
+      // If we want cluster creation to fail, there won't be a cluster to create the timer,
+      // so we need to clear the expectation manually.
+      server_context_.dispatcher_.createTimer([]() -> void {});
     }
-
-    return factory.createClusterWithConfig(cluster_config, dns_cluster, factory_context).status();
+    return status_or_cluster.status();
   }
 
   void expectResolve(Network::DnsLookupFamily dns_lookup_family,
@@ -444,11 +449,11 @@ TEST_F(LogicalDnsParamTest, UseNewConfig) {
       "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
       dns_refresh_rate: 4s
       respect_dns_ttl: true
+      # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
+      # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
       dns_lookup_family: V4_ONLY
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
-  # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
-  # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
   load_assignment:
         endpoints:
           - lb_endpoints:
@@ -596,6 +601,80 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
             "LOGICAL_DNS clusters must NOT have a custom resolver name set");
 }
 
+// Test using both types of names in the cluster type.
+TEST_F(LogicalDnsClusterTest, UseDnsFactory2) {
+  const std::string config = R"EOF(
+  name: name
+  cluster_type:
+    name: envoy.cluster.dns
+    typed_config:
+      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+      dns_refresh_rate: 4s
+      dns_lookup_family: V4_ONLY
+      dns_discovery_type: LOGICAL
+  connect_timeout: 0.25s
+  lb_policy: ROUND_ROBIN
+  # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
+  # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
+  wait_for_warm_on_init: false
+  load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: foo.bar.com
+                    port_value: 443
+  )EOF";
+
+  EXPECT_CALL(initialized_, ready());
+  expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
+  ASSERT_TRUE(factorySetupFromV3Yaml<DnsClusterFactory>(config).ok());
+
+  EXPECT_CALL(membership_updated_, ready());
+  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
+
+  dns_callback_(
+      Network::DnsResolver::ResolutionStatus::Completed, "",
+      TestUtility::makeDnsResponse({"127.0.0.1", "127.0.0.2"}, std::chrono::seconds(3000)));
+}
+
+TEST_F(LogicalDnsClusterTest, UseDnsFactory) {
+  const std::string config = R"EOF(
+  name: name
+  cluster_type:
+    name: envoy.cluster.logical_dns
+    typed_config:
+      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+      dns_refresh_rate: 4s
+      dns_lookup_family: V4_ONLY
+  connect_timeout: 0.25s
+  lb_policy: ROUND_ROBIN
+  # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
+  # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
+  wait_for_warm_on_init: false
+  load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: foo.bar.com
+                    port_value: 443
+  )EOF";
+
+  EXPECT_CALL(initialized_, ready());
+  expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
+  ASSERT_TRUE(factorySetupFromV3Yaml<DnsClusterFactory>(config).ok());
+
+  EXPECT_CALL(membership_updated_, ready());
+  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
+
+  dns_callback_(
+      Network::DnsResolver::ResolutionStatus::Completed, "",
+      TestUtility::makeDnsResponse({"127.0.0.1", "127.0.0.2"}, std::chrono::seconds(3000)));
+}
+
 TEST_F(LogicalDnsClusterTest, Basic) {
   const std::string basic_yaml_hosts = R"EOF(
   name: name
@@ -712,7 +791,7 @@ TEST_F(LogicalDnsClusterTest, DNSRefreshHasJitter) {
 
   EXPECT_CALL(initialized_, ready());
   expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
-  setupFromV3Yaml(config);
+  ASSERT_TRUE(factorySetupFromV3Yaml(config).ok());
 
   EXPECT_CALL(membership_updated_, ready());
   EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000 + jitter_ms), _));

From 1c319dc21a9a96e9198a814dcba867789f8c3d8e Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Wed, 13 Nov 2024 16:44:36 -0500
Subject: [PATCH 22/46] lint

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto                  | 7 +++++--
 .../extensions/clusters/logical_dns/logical_dns_cluster.h  | 5 -----
 .../extensions/clusters/strict_dns/strict_dns_cluster.cc   | 3 ++-
 source/extensions/clusters/strict_dns/strict_dns_cluster.h | 1 -
 test/common/upstream/upstream_impl_test.cc                 | 5 ++---
 .../clusters/common/dns_cluster_backcompat_test.cc         | 3 +--
 .../clusters/logical_dns/logical_dns_cluster_test.cc       | 2 +-
 7 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index ecb501021a21..614894246c74 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -972,8 +972,11 @@ message Cluster {
   // this setting is ignored.
   // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
   // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
-  google.protobuf.Duration dns_jitter = 58
-      [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0", (validate.rules).duration = {gte {}}];
+  google.protobuf.Duration dns_jitter = 58 [
+    deprecated = true,
+    (envoy.annotations.deprecated_at_minor_version) = "3.0",
+    (validate.rules).duration = {gte {}}
+  ];
 
   // If the DNS failure refresh rate is specified and the cluster type is either
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 1a6bec9a0444..3838aae2f7d6 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -48,9 +48,6 @@ class LogicalDnsCluster : public ClusterImplBase {
          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
          ClusterFactoryContext& context, Network::DnsResolverSharedPtr dns_resolver);
 
-
-
-
 protected:
   LogicalDnsCluster(const envoy::config::cluster::v3::Cluster& cluster,
                     const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
@@ -106,8 +103,6 @@ class LogicalDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase
                     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
                     ClusterFactoryContext& context);
 
-
-
 private:
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index c5f9ad83c08c..e735828ad2a3 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -39,7 +39,8 @@ StrictDnsClusterImpl::StrictDnsClusterImpl(
           PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_refresh_rate, 5000))),
       dns_jitter_ms_(PROTOBUF_GET_MS_OR_DEFAULT(dns_cluster, dns_jitter, 0)),
       respect_dns_ttl_(dns_cluster.respect_dns_ttl()),
-      dns_lookup_family_(Envoy::DnsUtils::getDnsLookupFamilyFromEnum(dns_cluster.dns_lookup_family())) {
+      dns_lookup_family_(
+          Envoy::DnsUtils::getDnsLookupFamilyFromEnum(dns_cluster.dns_lookup_family())) {
   failure_backoff_strategy_ = Config::Utility::prepareDnsRefreshStrategy(
       dns_cluster, dns_refresh_rate_ms_.count(),
       context.serverFactoryContext().api().randomGenerator());
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 7531471a7c64..9f1f0e944c6d 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -90,7 +90,6 @@ class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
 public:
   StrictDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.strict_dns") {}
 
-
   absl::StatusOr<Network::DnsResolverSharedPtr>
   selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
                     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index cc06eaf86ac4..003b35101443 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -3500,8 +3500,8 @@ TEST_F(StaticClusterImplTest, SourceAddressPriorityWitExtraSourceAddress) {
         ->set_address("1.2.3.6");
 
     Envoy::Upstream::ClusterFactoryContextImpl factory_context(
-        server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_,
-        nullptr, false);
+        server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
+        false);
 
     EXPECT_THROW_WITH_MESSAGE(
         std::shared_ptr<StaticClusterImpl> cluster = createCluster(config, factory_context),
@@ -6476,4 +6476,3 @@ TEST_F(PriorityStateManagerTest, LocalityClusterUpdate) {
 } // namespace
 } // namespace Upstream
 } // namespace Envoy
-
diff --git a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
index bd4ad479c24c..54b35790402f 100644
--- a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
+++ b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
@@ -120,8 +120,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
           dns_lookup_family: ALL
       )EOF");
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
-              envoy::extensions::clusters::common::dns::v3::ALL);
+  ASSERT_TRUE(dns_cluster.dns_lookup_family() == envoy::extensions::clusters::common::dns::v3::ALL);
 }
 } // namespace Upstream
 } // namespace Envoy
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index ed18c7d0a710..47ad8e8e9119 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -14,8 +14,8 @@
 #include "source/common/network/utility.h"
 #include "source/common/singleton/manager_impl.h"
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
-#include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
 #include "source/extensions/clusters/dns/dns_cluster.h"
+#include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
 #include "source/server/transport_socket_config_impl.h"
 
 #include "test/common/upstream/utility.h"

From 2e7d6e5c6f70dfa57ed38b2483a84461a9ce4705 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Wed, 13 Nov 2024 16:49:42 -0500
Subject: [PATCH 23/46] Change visibility

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 tools/code_format/config.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/code_format/config.yaml b/tools/code_format/config.yaml
index f79c2b091069..982385b72618 100644
--- a/tools/code_format/config.yaml
+++ b/tools/code_format/config.yaml
@@ -456,6 +456,7 @@ visibility_excludes:
 - source/extensions/clusters/static/
 - source/extensions/clusters/original_dst/
 - source/extensions/clusters/logical_dns/
+- source/extensions/clusters/dns/
 - source/extensions/early_data/BUILD
 - source/extensions/filters/http/buffer/BUILD
 - source/extensions/filters/network/common/BUILD

From c22edc141d5322c53390aa68794cf20af5b1edf3 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 14 Nov 2024 09:17:10 -0500
Subject: [PATCH 24/46] lint

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 CODEOWNERS                                       |  1 +
 api/BUILD                                        |  1 +
 api/envoy/config/cluster/v3/cluster.proto        |  4 ++--
 .../extensions/clusters/common/dns/v3/BUILD      |  4 +---
 .../extensions/clusters/common/dns/v3/dns.proto  |  3 ++-
 .../extensions/clusters/dns/v3/dns_cluster.proto | 16 ++++++++--------
 api/versioning/BUILD                             |  1 +
 7 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/CODEOWNERS b/CODEOWNERS
index 6e71707d69eb..b5e7fb288764 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -377,6 +377,7 @@ extensions/filters/http/oauth2 @derekargueta @mattklein123
 /*/extensions/clusters/logical_dns/ @UNOWNED @UNOWNED
 /*/extensions/clusters/common/ @UNOWNED @UNOWNED
 /*/extensions/clusters/eds/ @UNOWNED @UNOWNED
+/*/extensions/clusters/dns @UNOWNED @UNOWNED
 /*/source/extensions/listener_managers/listener_manager @alyssawilk @ggreenway
 /*/source/extensions/listener_managers/validation_listener_manager @alyssawilk @ggreenway
 /*/source/extensions/config_subscription/ @adisuissa @UNOWNED
diff --git a/api/BUILD b/api/BUILD
index 3faec1900e6e..4c7eb13b7780 100644
--- a/api/BUILD
+++ b/api/BUILD
@@ -137,6 +137,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/common/dns/v3:pkg",
         "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",
diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 614894246c74..19d03920a776 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -974,8 +974,8 @@ message Cluster {
   // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_jitter = 58 [
     deprecated = true,
-    (envoy.annotations.deprecated_at_minor_version) = "3.0",
-    (validate.rules).duration = {gte {}}
+    (validate.rules).duration = {gte {}},
+    (envoy.annotations.deprecated_at_minor_version) = "3.0"
   ];
 
   // If the DNS failure refresh rate is specified and the cluster type is either
diff --git a/api/envoy/extensions/clusters/common/dns/v3/BUILD b/api/envoy/extensions/clusters/common/dns/v3/BUILD
index b514f18ab81a..29ebf0741406 100644
--- a/api/envoy/extensions/clusters/common/dns/v3/BUILD
+++ b/api/envoy/extensions/clusters/common/dns/v3/BUILD
@@ -5,7 +5,5 @@ load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
 licenses(["notice"])  # Apache 2
 
 api_proto_package(
-    deps = [
-        "@com_github_cncf_xds//udpa/annotations:pkg",
-    ],
+    deps = ["@com_github_cncf_xds//udpa/annotations:pkg"],
 )
diff --git a/api/envoy/extensions/clusters/common/dns/v3/dns.proto b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
index 05333236d9f8..9e3692c0c499 100644
--- a/api/envoy/extensions/clusters/common/dns/v3/dns.proto
+++ b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
@@ -4,7 +4,8 @@ package envoy.extensions.clusters.common.dns.v3;
 
 import "udpa/annotations/status.proto";
 
-option java_package = "io.envoyproxy.envoy.extensions.clusters.dns.v3";
+option java_package = "io.envoyproxy.envoy.extensions.clusters.common.dns.v3";
+option java_outer_classname = "DnsProto";
 option java_multiple_files = true;
 option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/common/dns/v3;dnsv3";
 option (udpa.annotations.file_status).package_version_status = ACTIVE;
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 83f2f98699b3..e102b8ec3854 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -22,8 +22,13 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 // [#extension: envoy.clusters.strict_dns]
 // [#extension: envoy.clusters.logical_dns]
 
-// [#next-free-field: 7]
+// [#next-free-field: 10]
 message DnsCluster {
+  enum DnsDiscoveryType {
+    LOGICAL = 0;
+    STRICT = 1;
+  }
+
   message RefreshRate {
     // Specifies the base interval between refreshes. This parameter is required and must be greater
     // than zero and less than
@@ -70,19 +75,14 @@ message DnsCluster {
   // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
   // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.
   // [#extension-category: envoy.network.dns_resolver]
-  envoy.config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 7;
+  config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 7;
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsCluster.DnsLookupFamily.AUTO>`.
-  envoy.extensions.clusters.common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
+  common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
   // Whether to do logical or strict dns resolution.
   // This field is only considered when the ``name`` field of the ``TypedConfig`` is ``envoy.cluster.dns``.
   DnsDiscoveryType dns_discovery_type = 9;
-
-  enum DnsDiscoveryType {
-    LOGICAL = 0;
-    STRICT = 1;
-  }
 }
diff --git a/api/versioning/BUILD b/api/versioning/BUILD
index c55908d31234..10da2a642148 100644
--- a/api/versioning/BUILD
+++ b/api/versioning/BUILD
@@ -75,6 +75,7 @@ proto_library(
         "//envoy/extensions/access_loggers/wasm/v3:pkg",
         "//envoy/extensions/bootstrap/internal_listener/v3:pkg",
         "//envoy/extensions/clusters/aggregate/v3:pkg",
+        "//envoy/extensions/clusters/common/dns/v3:pkg",
         "//envoy/extensions/clusters/dns/v3:pkg",
         "//envoy/extensions/clusters/dynamic_forward_proxy/v3:pkg",
         "//envoy/extensions/clusters/redis/v3:pkg",

From 31b9024d8a43397104eff729159c11e5f7ceaaf1 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 14 Nov 2024 09:27:16 -0500
Subject: [PATCH 25/46] extension registration

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/extensions_metadata.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source/extensions/extensions_metadata.yaml b/source/extensions/extensions_metadata.yaml
index af8263b0c62d..032535d1fd54 100644
--- a/source/extensions/extensions_metadata.yaml
+++ b/source/extensions/extensions_metadata.yaml
@@ -109,6 +109,11 @@ envoy.clusters.strict_dns:
   - envoy.clusters
   security_posture: robust_to_untrusted_downstream_and_upstream
   status: stable
+envoy.clusters.dns:
+  categories:
+  - envoy.clusters
+  security_posture: robust_to_untrusted_downstream_and_upstream
+  status: wip
 envoy.clusters.original_dst:
   categories:
   - envoy.clusters

From c348f708c19b4299c37834c88a08eb438e3eb945 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 14 Nov 2024 09:45:45 -0500
Subject: [PATCH 26/46] Lints and delete extra diffs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto      | 1 +
 source/extensions/clusters/common/dns_cluster_backcompat.h  | 6 +++++-
 source/extensions/clusters/dns/BUILD                        | 2 --
 source/extensions/clusters/dns/dns_cluster.cc               | 2 +-
 .../extensions/clusters/logical_dns/logical_dns_cluster.cc  | 4 ++--
 source/extensions/clusters/strict_dns/strict_dns_cluster.cc | 3 ++-
 source/extensions/clusters/strict_dns/strict_dns_cluster.h  | 4 +---
 .../clusters/logical_dns/logical_dns_cluster_test.cc        | 2 +-
 8 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index e102b8ec3854..f6510360b2dd 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -21,6 +21,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 // Configuration for strict and logical DNS clusters.
 // [#extension: envoy.clusters.strict_dns]
 // [#extension: envoy.clusters.logical_dns]
+// [#extension: envoy.clusters.dns]
 
 // [#next-free-field: 10]
 message DnsCluster {
diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.h b/source/extensions/clusters/common/dns_cluster_backcompat.h
index 4dfa23ddf90c..2e7785ae69b8 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.h
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.h
@@ -6,9 +6,13 @@
 namespace Envoy {
 namespace Upstream {
 
+/**
+* create a DnsCluster from the legacy Cluster options so that we only have to worry about one API.
+* NOTE: this does not consider the `typed_dns_resolver_config` field.
+*/
 void createDnsClusterFromLegacyFields(
     const envoy::config::cluster::v3::Cluster& cluster,
     envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
 
-}
+} // namespace Upstream
 } // namespace Envoy
diff --git a/source/extensions/clusters/dns/BUILD b/source/extensions/clusters/dns/BUILD
index 6fbd134cc764..f269498f08d4 100644
--- a/source/extensions/clusters/dns/BUILD
+++ b/source/extensions/clusters/dns/BUILD
@@ -12,8 +12,6 @@ envoy_cc_extension(
     name = "dns_cluster_lib",
     srcs = ["dns_cluster.cc"],
     hdrs = ["dns_cluster.h"],
-    # prevously considered core code.
-    visibility = ["//visibility:public"],
     deps = [
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
index cd022f896a4b..86864bd0c2f8 100644
--- a/source/extensions/clusters/dns/dns_cluster.cc
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -46,7 +46,7 @@ DnsClusterFactory::createClusterWithConfig(
 }
 
 /**
- * Static registration for the strict dns cluster factory. @see RegisterFactory.
+ * Static registration for the dns cluster factory. @see RegisterFactory.
  */
 REGISTER_FACTORY(DnsClusterFactory, Upstream::ClusterFactory);
 
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index 932779e72483..c6c3d9c3cfa0 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -142,8 +142,8 @@ void LogicalDnsCluster::startResolve() {
         std::chrono::milliseconds final_refresh_rate = dns_refresh_rate_ms_;
 
         // If the DNS resolver successfully resolved with an empty response list, the logical DNS
-        // cluster does not update. This ensures that a potentially previously resolved address
-        // does not stabilize back to 0 hosts.
+        // cluster does not update. This ensures that a potentially previously resolved address does
+        // not stabilize back to 0 hosts.
         if (status == Network::DnsResolver::ResolutionStatus::Completed && !response.empty()) {
           info_->configUpdateStats().update_success_.inc();
           const auto addrinfo = response.front().addrInfo();
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index e735828ad2a3..d30e22795836 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -23,6 +23,7 @@ StrictDnsClusterImpl::create(const envoy::config::cluster::v3::Cluster& cluster,
   absl::Status creation_status = absl::OkStatus();
   auto ret = std::unique_ptr<StrictDnsClusterImpl>(new StrictDnsClusterImpl(
       cluster, dns_cluster, context, std::move(dns_resolver), creation_status));
+
   RETURN_IF_NOT_OK(creation_status);
   return ret;
 }
@@ -275,7 +276,7 @@ StrictDnsClusterFactory::createClusterWithConfig(
 /**
  * Static registration for the strict dns cluster factory. @see RegisterFactory.
  */
-REGISTER_FACTORY(StrictDnsClusterFactory, Upstream::ClusterFactory);
+REGISTER_FACTORY(StrictDnsClusterFactory, ClusterFactory);
 
 } // namespace Upstream
 } // namespace Envoy
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 9f1f0e944c6d..222563d59f08 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -19,7 +19,6 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 public:
   // Upstream::Cluster
   InitializePhase initializePhase() const override { return InitializePhase::Primary; }
-
   static absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
   create(const envoy::config::cluster::v3::Cluster& cluster,
          const envoy::extensions::clusters::dns::v3::DnsCluster& dns_cluster,
@@ -96,8 +95,7 @@ class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
                     ClusterFactoryContext& context);
 
 private:
-  absl::StatusOr<
-      std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
+  absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
   createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
                           const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
                           Upstream::ClusterFactoryContext& context) override;
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 47ad8e8e9119..fadd426395b6 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -794,7 +794,7 @@ TEST_F(LogicalDnsClusterTest, DNSRefreshHasJitter) {
 
   EXPECT_CALL(initialized_, ready());
   expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
-  ASSERT_TRUE(factorySetupFromV3Yaml(config).ok());
+  setupFromV3Yaml(config);
 
   EXPECT_CALL(membership_updated_, ready());
   EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000 + jitter_ms), _));

From cea08c97e9beee1e86ed064dea5b0924bd6a8b73 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 14 Nov 2024 10:39:24 -0500
Subject: [PATCH 27/46] more lint and tests

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto            | 12 +++++-------
 .../clusters/common/dns_cluster_backcompat.h         |  6 +++---
 test/common/upstream/upstream_impl_test.cc           |  5 +++--
 3 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 19d03920a776..ed666419efbb 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -1005,9 +1005,9 @@ message Cluster {
   // Note that this field is deprecated for cluster types
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
-  // and will be ignored if ``config_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
+  // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
   // ``envoy.cluster.strict_dns``.
-  // Use :ref:`config_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.config_type>` instead.
+  // Use :ref:`cluster_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.cluster_type>` instead.
   DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
 
   // If DNS resolvers are specified and the cluster type is either
@@ -1047,12 +1047,10 @@ message Cluster {
   // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
-  // Also note that this field is deprecated for cluster types
-  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
-  // and will be ignored if ``config_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
+  // Also note that this field is deprecated for logical dns and strict dns clusters,
+  // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
   // ``envoy.cluster.strict_dns``.
-  // Use :ref:`config_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.config_type>` instead.
+  // Use :ref:`cluster_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.cluster_type>` instead.
   // [#extension-category: envoy.network.dns_resolver]
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.h b/source/extensions/clusters/common/dns_cluster_backcompat.h
index 2e7785ae69b8..b4ffe639b63c 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.h
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.h
@@ -7,9 +7,9 @@ namespace Envoy {
 namespace Upstream {
 
 /**
-* create a DnsCluster from the legacy Cluster options so that we only have to worry about one API.
-* NOTE: this does not consider the `typed_dns_resolver_config` field.
-*/
+ * create a DnsCluster from the legacy Cluster options so that we only have to worry about one API.
+ * NOTE: this does not consider the `typed_dns_resolver_config` field.
+ */
 void createDnsClusterFromLegacyFields(
     const envoy::config::cluster::v3::Cluster& cluster,
     envoy::extensions::clusters::dns::v3::DnsCluster& new_proto_config);
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 003b35101443..e8ba12222830 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -1642,7 +1642,7 @@ TEST_F(StrictDnsClusterImplTest, NegativeDnsJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
   EXPECT_THROW_WITH_MESSAGE(
-      auto x = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_),
+      auto x = *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
       EnvoyException, "Invalid duration: Expected positive duration: seconds: -1\n");
 }
 TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateYesJitter) {
@@ -1713,7 +1713,8 @@ TEST_F(StrictDnsClusterImplTest, ExtremeJitter) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster = *StrictDnsClusterImpl::create(cluster_config, factory_context, dns_resolver_);
+  auto cluster =
+      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
   cluster->initialize([] {});
 
   EXPECT_CALL(*resolver.timer_, enableTimer(testing::Ge(std::chrono::milliseconds(1000)), _));

From cb2d8fb7cc8bcaf5dd775fcf554216179b73ca50 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 14 Nov 2024 15:36:35 -0500
Subject: [PATCH 28/46] proto docs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/common/dns/v3/dns.proto | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/envoy/extensions/clusters/common/dns/v3/dns.proto b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
index 9e3692c0c499..db4e31fb4d98 100644
--- a/api/envoy/extensions/clusters/common/dns/v3/dns.proto
+++ b/api/envoy/extensions/clusters/common/dns/v3/dns.proto
@@ -10,6 +10,8 @@ option java_multiple_files = true;
 option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/clusters/common/dns/v3;dnsv3";
 option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
+// [#protodoc-title: DNS configuration for clusters]
+
 enum DnsLookupFamily {
   UNSPECIFIED = 0;
   AUTO = 1;

From 199bbb1d97144cb659a9f94dbcad510b9f64e366 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 15 Nov 2024 10:48:49 -0500
Subject: [PATCH 29/46] fix tests

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto              |  4 ++--
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 10 +++++-----
 docs/root/api-v3/config/cluster/cluster.rst            |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index ed666419efbb..9df9fb1fc902 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -1007,7 +1007,7 @@ message Cluster {
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
   // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
   // ``envoy.cluster.strict_dns``.
-  // Use :ref:`cluster_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.cluster_type>` instead.
+  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead.
   DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
 
   // If DNS resolvers are specified and the cluster type is either
@@ -1050,7 +1050,7 @@ message Cluster {
   // Also note that this field is deprecated for logical dns and strict dns clusters,
   // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
   // ``envoy.cluster.strict_dns``.
-  // Use :ref:`cluster_type<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.cluster_type>` instead.
+  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead.
   // [#extension-category: envoy.network.dns_resolver]
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index f6510360b2dd..2d085f402497 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -68,11 +68,11 @@ message DnsCluster {
   // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
   // or any other DNS resolver types and the related parameters.
   // For example, an object of
-  // :ref:`CaresDnsResolverConfig <envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
+  // :ref:`CaresDnsResolverConfig<envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
-  // :ref:`Cluster.dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolution_config>`
-  // configuration which replaces `Cluster.dns_resolution_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`.
-  // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolution_config``, and
+  // :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
+  // configuration which replaces `Cluster.dns_resolver_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
+  // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolver_config``, and
   // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
   // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.
   // [#extension-category: envoy.network.dns_resolver]
@@ -80,7 +80,7 @@ message DnsCluster {
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
-  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.dns.v3.DnsCluster.DnsLookupFamily.AUTO>`.
+  // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.common.dns.v3.DnsLookupFamily.AUTO>`.
   common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
   // Whether to do logical or strict dns resolution.
diff --git a/docs/root/api-v3/config/cluster/cluster.rst b/docs/root/api-v3/config/cluster/cluster.rst
index f31111382c6c..53209c2677e4 100644
--- a/docs/root/api-v3/config/cluster/cluster.rst
+++ b/docs/root/api-v3/config/cluster/cluster.rst
@@ -5,4 +5,4 @@ Cluster
   :glob:
   :maxdepth: 2
 
-  ../../extensions/clusters/*/v3/*
+  ../../extensions/clusters/**/v3/*

From c0607d335c462aab4c727ce215a7934759a37458 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 15 Nov 2024 12:39:29 -0500
Subject: [PATCH 30/46] Mikhail review

* add use expect instead of assert
* lint

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/clusters/dns/dns_cluster.cc |  1 -
 .../common/dns_cluster_backcompat_test.cc     | 60 +++++++++----------
 2 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
index 86864bd0c2f8..087a6c0b9f08 100644
--- a/source/extensions/clusters/dns/dns_cluster.cc
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -14,7 +14,6 @@ namespace Envoy {
 namespace Upstream {
 
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-
 DnsClusterFactory::createClusterWithConfig(
     const envoy::config::cluster::v3::Cluster& cluster,
     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
diff --git a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
index 54b35790402f..e86d2bf45443 100644
--- a/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
+++ b/test/extensions/clusters/common/dns_cluster_backcompat_test.cc
@@ -17,13 +17,13 @@ TEST_F(DnsClusterBackcompatUtilTest, Empty) {
   envoy::config::cluster::v3::Cluster cluster{};
   envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_FALSE(dns_cluster.has_dns_jitter());
-  ASSERT_FALSE(dns_cluster.has_dns_refresh_rate());
-  ASSERT_FALSE(dns_cluster.has_dns_failure_refresh_rate());
-  ASSERT_FALSE(dns_cluster.respect_dns_ttl());
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_FALSE(dns_cluster.has_dns_jitter());
+  EXPECT_FALSE(dns_cluster.has_dns_refresh_rate());
+  EXPECT_FALSE(dns_cluster.has_dns_failure_refresh_rate());
+  EXPECT_FALSE(dns_cluster.respect_dns_ttl());
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::AUTO);
-  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
+  EXPECT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
 
 TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefreshRate) {
@@ -32,15 +32,15 @@ TEST_F(DnsClusterBackcompatUtilTest, EmptyButSetFailureRefreshRate) {
   cluster.mutable_dns_failure_refresh_rate();
   envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_FALSE(dns_cluster.has_dns_jitter());
-  ASSERT_FALSE(dns_cluster.has_dns_refresh_rate());
-  ASSERT_TRUE(dns_cluster.has_dns_failure_refresh_rate());
-  ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_base_interval());
-  ASSERT_FALSE(dns_cluster.dns_failure_refresh_rate().has_max_interval());
-  ASSERT_FALSE(dns_cluster.respect_dns_ttl());
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_FALSE(dns_cluster.has_dns_jitter());
+  EXPECT_FALSE(dns_cluster.has_dns_refresh_rate());
+  EXPECT_TRUE(dns_cluster.has_dns_failure_refresh_rate());
+  EXPECT_FALSE(dns_cluster.dns_failure_refresh_rate().has_base_interval());
+  EXPECT_FALSE(dns_cluster.dns_failure_refresh_rate().has_max_interval());
+  EXPECT_FALSE(dns_cluster.respect_dns_ttl());
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::AUTO);
-  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
+  EXPECT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
 
 TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
@@ -66,18 +66,18 @@ TEST_F(DnsClusterBackcompatUtilTest, FullClusterConfig) {
 
   envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_EQ(dns_cluster.dns_jitter().seconds(), 1);
-  ASSERT_EQ(dns_cluster.dns_jitter().nanos(), 2);
-  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().seconds(), 3);
-  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().nanos(), 4);
-  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().seconds(), 5);
-  ASSERT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().nanos(), 6);
-  ASSERT_EQ(dns_cluster.dns_refresh_rate().seconds(), 7);
-  ASSERT_EQ(dns_cluster.dns_refresh_rate().nanos(), 8);
-  ASSERT_TRUE(dns_cluster.respect_dns_ttl());
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_EQ(dns_cluster.dns_jitter().seconds(), 1);
+  EXPECT_EQ(dns_cluster.dns_jitter().nanos(), 2);
+  EXPECT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().seconds(), 3);
+  EXPECT_EQ(dns_cluster.dns_failure_refresh_rate().base_interval().nanos(), 4);
+  EXPECT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().seconds(), 5);
+  EXPECT_EQ(dns_cluster.dns_failure_refresh_rate().max_interval().nanos(), 6);
+  EXPECT_EQ(dns_cluster.dns_refresh_rate().seconds(), 7);
+  EXPECT_EQ(dns_cluster.dns_refresh_rate().nanos(), 8);
+  EXPECT_TRUE(dns_cluster.respect_dns_ttl());
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::V6_ONLY);
-  ASSERT_FALSE(dns_cluster.has_typed_dns_resolver_config());
+  EXPECT_FALSE(dns_cluster.has_typed_dns_resolver_config());
 };
 
 TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
@@ -88,7 +88,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
       )EOF");
   envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::V6_ONLY);
 
   cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
@@ -96,7 +96,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
           dns_lookup_family: V4_ONLY
       )EOF");
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::V4_ONLY);
 
   cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
@@ -104,7 +104,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
           dns_lookup_family: AUTO
       )EOF");
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::AUTO);
 
   cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
@@ -112,7 +112,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
           dns_lookup_family: V4_PREFERRED
       )EOF");
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() ==
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() ==
               envoy::extensions::clusters::common::dns::v3::V4_PREFERRED);
 
   cluster = TestUtility::parseYaml<envoy::config::cluster::v3::Cluster>(R"EOF(
@@ -120,7 +120,7 @@ TEST_F(DnsClusterBackcompatUtilTest, LookupFamilyTranslation) {
           dns_lookup_family: ALL
       )EOF");
   createDnsClusterFromLegacyFields(cluster, dns_cluster);
-  ASSERT_TRUE(dns_cluster.dns_lookup_family() == envoy::extensions::clusters::common::dns::v3::ALL);
+  EXPECT_TRUE(dns_cluster.dns_lookup_family() == envoy::extensions::clusters::common::dns::v3::ALL);
 }
 } // namespace Upstream
 } // namespace Envoy

From 05fd07888e6e27b3637e246e15ceb53554d42e36 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 15 Nov 2024 13:05:43 -0500
Subject: [PATCH 31/46] rst error

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 2d085f402497..5c283f12496e 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -71,7 +71,7 @@ message DnsCluster {
   // :ref:`CaresDnsResolverConfig<envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
   // :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
-  // configuration which replaces `Cluster.dns_resolver_config <envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
+  // configuration which replaces `Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
   // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolver_config``, and
   // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
   // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.

From 684ca7a80fb5bc48a30552cee433b8af08b2281e Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 15 Nov 2024 13:32:58 -0500
Subject: [PATCH 32/46] rst error and add more coverage

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../extensions/clusters/dns/v3/dns_cluster.proto      |  2 +-
 test/common/upstream/upstream_impl_test.cc            |  1 +
 .../clusters/logical_dns/logical_dns_cluster_test.cc  | 11 +++++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 5c283f12496e..b8bdc4b78220 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -71,7 +71,7 @@ message DnsCluster {
   // :ref:`CaresDnsResolverConfig<envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
   // :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
-  // configuration which replaces `Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
+  // configuration which replaces :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
   // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolver_config``, and
   // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
   // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index e8ba12222830..401ad2c9c5ce 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -1533,6 +1533,7 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
         dns_refresh_rate: 4s
         dns_jitter: 0s
         respect_dns_ttl: true
+        dns_discovery_type: STRICT
     lb_policy: ROUND_ROBIN
     load_assignment:
         endpoints:
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index fadd426395b6..1de4fa1b8bf4 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -514,6 +514,9 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
   EXPECT_EQ(
       factorySetupFromV3Yaml(multiple_hosts_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+  EXPECT_EQ(
+      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_hosts_yaml).message(),
+      "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string multiple_lb_endpoints_yaml = R"EOF(
   name: name
@@ -545,6 +548,9 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
   EXPECT_EQ(
       factorySetupFromV3Yaml(multiple_lb_endpoints_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+  EXPECT_EQ(
+      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_lb_endpoints_yaml).message(),
+      "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string multiple_endpoints_yaml = R"EOF(
   name: name
@@ -578,6 +584,9 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
   EXPECT_EQ(
       factorySetupFromV3Yaml(multiple_endpoints_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+  EXPECT_EQ(
+      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_endpoints_yaml).message(),
+      "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string custom_resolver_yaml = R"EOF(
   name: name
@@ -602,6 +611,8 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
 
   EXPECT_EQ(factorySetupFromV3Yaml(custom_resolver_yaml).message(),
             "LOGICAL_DNS clusters must NOT have a custom resolver name set");
+  EXPECT_EQ(factorySetupFromV3Yaml<DnsClusterFactory>(custom_resolver_yaml).message(),
+            "LOGICAL_DNS clusters must NOT have a custom resolver name set");
 }
 
 // Test using both types of names in the cluster type.

From 6c36802130d4e61a37b805feb2881b8bbbea5e5f Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 15 Nov 2024 15:45:20 -0500
Subject: [PATCH 33/46] docs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index b8bdc4b78220..62b1c8fecd7c 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -71,7 +71,7 @@ message DnsCluster {
   // :ref:`CaresDnsResolverConfig<envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
   // :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
-  // configuration which replaces :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolver_config>`.
+  // configuration which replaces :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`.
   // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolver_config``, and
   // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
   // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.

From 0463313c4911f0f6457439f95fa3c3d4fec38435 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 18 Nov 2024 12:38:29 -0500
Subject: [PATCH 34/46] docs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto     | 33 ++++++++++++-------
 .../clusters/dns/v3/dns_cluster.proto         |  4 +--
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 9df9fb1fc902..1a99734fbb1a 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -953,8 +953,11 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
+  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_refresh_rate = 16 [
     deprecated = true,
     (validate.rules).duration = {gt {nanos: 1000000}},
@@ -970,8 +973,11 @@ message Cluster {
   // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
+  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   google.protobuf.Duration dns_jitter = 58 [
     deprecated = true,
     (validate.rules).duration = {gte {}},
@@ -986,16 +992,22 @@ message Cluster {
   // other than :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>` and
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
+  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // Optional configuration for setting cluster's DNS refresh rate. If the value is set to true,
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
-  // This field is deprecated in favor of :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` and
-  // will be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
+  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
   bool respect_dns_ttl = 39
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -1048,9 +1060,8 @@ message Cluster {
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
   // Also note that this field is deprecated for logical dns and strict dns clusters,
-  // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
-  // ``envoy.cluster.strict_dns``.
-  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead.
+  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead and see those docs
+  // for how Envoy will parse the configuration.
   // [#extension-category: envoy.network.dns_resolver]
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 62b1c8fecd7c..9cef89084bba 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -19,8 +19,6 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 // [#protodoc-title: DNS cluster configuration]
 
 // Configuration for strict and logical DNS clusters.
-// [#extension: envoy.clusters.strict_dns]
-// [#extension: envoy.clusters.logical_dns]
 // [#extension: envoy.clusters.dns]
 
 // [#next-free-field: 10]
@@ -83,7 +81,7 @@ message DnsCluster {
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.common.dns.v3.DnsLookupFamily.AUTO>`.
   common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
-  // Whether to do logical or strict dns resolution.
+  // Required. Whether to do logical or strict dns resolution.
   // This field is only considered when the ``name`` field of the ``TypedConfig`` is ``envoy.cluster.dns``.
   DnsDiscoveryType dns_discovery_type = 9;
 }

From 39545a4b268bb76b4d88ef11b9839daee8fc96a1 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 18 Nov 2024 12:51:28 -0500
Subject: [PATCH 35/46] Update extensions status

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/extensions_metadata.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/extensions/extensions_metadata.yaml b/source/extensions/extensions_metadata.yaml
index 032535d1fd54..fe1c78236882 100644
--- a/source/extensions/extensions_metadata.yaml
+++ b/source/extensions/extensions_metadata.yaml
@@ -113,7 +113,7 @@ envoy.clusters.dns:
   categories:
   - envoy.clusters
   security_posture: robust_to_untrusted_downstream_and_upstream
-  status: wip
+  status: stable
 envoy.clusters.original_dst:
   categories:
   - envoy.clusters

From 727cf77584bd0223f4a26b6e4eb40853a80789ba Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 18 Nov 2024 13:28:00 -0500
Subject: [PATCH 36/46] release notes

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 changelogs/current.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/changelogs/current.yaml b/changelogs/current.yaml
index a2ac97220500..e75a2e0f2c56 100644
--- a/changelogs/current.yaml
+++ b/changelogs/current.yaml
@@ -217,3 +217,11 @@ deprecated:
   change: |
     metadata :ref:`metadata <envoy_v3_api_field_config.rbac.v3.Permission.metadata>` is now deprecated in the
     favor of :ref:`sourced_metadata <envoy_v3_api_field_config.rbac.v3.Permission.sourced_metadata>`.
+- area: dns
+  change: |
+    `DNS-related fields in :ref:`Cluster <envoy_v3_api_msg_config.cluster.v3.Cluster> are deprecated when using
+    strict and logical dns clusters. Instead, use the :ref:`cluster_type <envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type`
+    extension point with
+    with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
+    and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+    :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.

From df92eefbdbd84052ac6c90e67f53cb58bf5fbc0b Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Fri, 22 Nov 2024 12:42:37 -0500
Subject: [PATCH 37/46] Register cluster extensions by type

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/config/cluster/v3/cluster.proto     |  45 +--
 .../clusters/dns/v3/dns_cluster.proto         |  28 +-
 changelogs/current.yaml                       |  19 +-
 .../common/upstream/cluster_factory_impl.cc   |  72 ++--
 source/common/upstream/cluster_factory_impl.h |   7 +
 .../clusters/common/dns_cluster_backcompat.h  |   1 +
 source/extensions/clusters/dns/dns_cluster.cc |  45 +--
 .../logical_dns/logical_dns_cluster.cc        |  38 +-
 .../logical_dns/logical_dns_cluster.h         |  15 +-
 .../clusters/strict_dns/strict_dns_cluster.cc |  36 +-
 .../clusters/strict_dns/strict_dns_cluster.h  |  15 +-
 source/extensions/extensions_build_config.bzl |   2 +-
 source/extensions/extensions_metadata.yaml    |   8 +
 test/common/upstream/BUILD                    |   1 +
 .../upstream/cluster_factory_impl_test.cc     |  40 +-
 test/common/upstream/upstream_impl_test.cc    | 154 +++-----
 test/extensions/clusters/common/BUILD         |   1 +
 .../common/logical_host_integration_test.cc   |   1 +
 .../logical_dns/logical_dns_cluster_test.cc   | 348 +++++++++++-------
 .../clusters/cluster_factory_config.proto     |   8 +-
 .../clusters/custom_static_cluster.h          |  24 +-
 .../custom_cluster_integration_test.cc        |  18 +-
 22 files changed, 498 insertions(+), 428 deletions(-)

diff --git a/api/envoy/config/cluster/v3/cluster.proto b/api/envoy/config/cluster/v3/cluster.proto
index 1a99734fbb1a..f4c8e4b6c957 100644
--- a/api/envoy/config/cluster/v3/cluster.proto
+++ b/api/envoy/config/cluster/v3/cluster.proto
@@ -954,10 +954,9 @@ message Cluster {
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
   // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
-  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
-  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
-  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
-  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // extension point and configuring it with :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // If :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`, this field will be ignored.
   google.protobuf.Duration dns_refresh_rate = 16 [
     deprecated = true,
     (validate.rules).duration = {gt {nanos: 1000000}},
@@ -974,10 +973,9 @@ message Cluster {
   // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>`
   // this setting is ignored.
   // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
-  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
-  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
-  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
-  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // extension point and configuring it with :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // If :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`, this field will be ignored.
   google.protobuf.Duration dns_jitter = 58 [
     deprecated = true,
     (validate.rules).duration = {gte {}},
@@ -993,10 +991,9 @@ message Cluster {
   // :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` this setting is
   // ignored.
   // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
-  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
-  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
-  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
-  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // extension point and configuring it with :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // If :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`, this field will be ignored.
   RefreshRate dns_failure_refresh_rate = 44
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
@@ -1004,22 +1001,20 @@ message Cluster {
   // cluster's DNS refresh rate will be set to resource record's TTL which comes from DNS
   // resolution.
   // This field is deprecated in favor of using the :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
-  // extension point and configuring it with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
-  // and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
-  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
-  // It will also be ignored if :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is set.
+  // extension point and configuring it with :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // If :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`, this field will be ignored.
   bool respect_dns_ttl = 39
       [deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
 
   // The DNS IP address resolution policy. If this setting is not specified, the
   // value defaults to
   // :ref:`AUTO<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DnsLookupFamily.AUTO>`.
-  // Note that this field is deprecated for cluster types
-  // :ref:`STRICT_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.STRICT_DNS>`,
-  // and :ref:`LOGICAL_DNS<envoy_v3_api_enum_value_config.cluster.v3.Cluster.DiscoveryType.LOGICAL_DNS>` cluster.
-  // and will be ignored if ``cluster_type.name`` is ``envoy.cluster.dns``, ``envoy.cluster.logical_dns``, or
-  // ``envoy.cluster.strict_dns``.
-  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead.
+  // For logical and strict dns cluster, this field is deprecated in favor of using the
+  // :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+  // extension point and configuring it with :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+  // If :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`, this field will be ignored.
   DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum = {defined_only: true}];
 
   // If DNS resolvers are specified and the cluster type is either
@@ -1059,9 +1054,9 @@ message Cluster {
   // During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
   // when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
   // When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
-  // Also note that this field is deprecated for logical dns and strict dns clusters,
-  // Use :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` instead and see those docs
-  // for how Envoy will parse the configuration.
+  // Also note that this field is deprecated for logical dns and strict dns clusters and will be ignored when
+  // :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` is configured with
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
   // [#extension-category: envoy.network.dns_resolver]
   core.v3.TypedExtensionConfig typed_dns_resolver_config = 55;
 
diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 9cef89084bba..92c5f1ed8fae 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -23,11 +23,6 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // [#next-free-field: 10]
 message DnsCluster {
-  enum DnsDiscoveryType {
-    LOGICAL = 0;
-    STRICT = 1;
-  }
-
   message RefreshRate {
     // Specifies the base interval between refreshes. This parameter is required and must be greater
     // than zero and less than
@@ -68,11 +63,19 @@ message DnsCluster {
   // For example, an object of
   // :ref:`CaresDnsResolverConfig<envoy_v3_api_msg_extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig>`
   // can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
-  // :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
-  // configuration which replaces :ref:`Cluster.dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`.
-  // During the transition period when ``DnsCluster.typed_dns_resolver_config``, ``Cluster.dns_resolver_config``, and
-  // ``Cluster.typed_dns_resolver_config`` exists, Envoy will prefer, ``DnsCluster.typed_dns_resolver_config`` over
-  // ``Cluster.typed_dns_resolver_config`` over ``cluster.dns_resolver_config``.
+  // :ref:`Cluster.typed_dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`
+  // configuration which replaces :ref:`Cluster.dns_resolution_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`.
+  // During the transition period when
+  // :ref:`DnsCluster.typed_dns_resolver_config<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.typed_dns_resolver_config>`,
+  // :ref:`Cluster.typed_dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`,
+  // and :ref:`Cluster.dns_resolution_config<envoy_v3_api_field_config.cluster.v3.Cluster.dns_resolution_config>`
+  // exist, Envoy will use
+  // :ref:`DnsCluster.typed_dns_resolver_config<envoy_v3_api_field_extensions.clusters.dns.v3.DnsCluster.typed_dns_resolver_config>`
+  // and ignore
+  // DNS resolver-related fields in :ref:`Cluster<envoy_v3_api_msg_config.cluster.v3.Cluster>` if the cluster is configured via the
+  // :ref:`Cluster.cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>` extension point with the
+  // :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>` extension type.
+  // Otherwise, see  :ref:`Cluster.typed_dns_resolver_config<envoy_v3_api_field_config.cluster.v3.Cluster.typed_dns_resolver_config>`.
   // [#extension-category: envoy.network.dns_resolver]
   config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 7;
 
@@ -81,7 +84,6 @@ message DnsCluster {
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.common.dns.v3.DnsLookupFamily.AUTO>`.
   common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
-  // Required. Whether to do logical or strict dns resolution.
-  // This field is only considered when the ``name`` field of the ``TypedConfig`` is ``envoy.cluster.dns``.
-  DnsDiscoveryType dns_discovery_type = 9;
+  // If true, perform logical DNS resolution. Otherwise, perform strict DNS resolution.
+  bool logical = 9;
 }
diff --git a/changelogs/current.yaml b/changelogs/current.yaml
index ca1fb6500126..88c3dd361813 100644
--- a/changelogs/current.yaml
+++ b/changelogs/current.yaml
@@ -19,6 +19,7 @@ behavior_changes:
     This change can be temporarily reverted by setting runtime guard
     ``envoy.reloadable_features.explicit_internal_address_config`` to ``false``.
 
+
 minor_behavior_changes:
 # *Changes that may cause incompatibilities for some users, but should not for most*
 - area: access_log
@@ -72,7 +73,15 @@ minor_behavior_changes:
   change: |
     Local replies now traverse the filter chain if 1xx headers have been sent to the client. This change can be reverted
     by setting the runtime guard ``envoy.reloadable_features.local_reply_traverses_filter_chain_after_1xx`` to false.
-
+- area: cluster
+  change: |
+      Clusters can no longer use unregistered extension types in
+      :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`.
+- area: cluster
+  change: |
+      Clusters factories are registered by configurtion type for
+      :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
+      and will use configuration type to lookup the corresponding factory when available.
 bug_fixes:
 # *Changes expected to improve the state of the world and are unlikely to have negative effects*
 - area: lrs
@@ -260,11 +269,9 @@ deprecated:
   change: |
     metadata :ref:`metadata <envoy_v3_api_field_config.rbac.v3.Permission.metadata>` is now deprecated in the
     favor of :ref:`sourced_metadata <envoy_v3_api_field_config.rbac.v3.Permission.sourced_metadata>`.
-- area: dns
+- area: cluster
   change: |
     `DNS-related fields in :ref:`Cluster <envoy_v3_api_msg_config.cluster.v3.Cluster> are deprecated when using
     strict and logical dns clusters. Instead, use the :ref:`cluster_type <envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type`
-    extension point with
-    with :ref:`name=envoy.cluster.dns<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.name>`
-    and :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
-    :ref:`DnsCluster<envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
+    extension point with :ref:`typed_config<envoy_v3_api_field_config.cluster.v3.Cluster.CustomClusterType.typed_config>` of type
+    :ref:`DnsCluster <envoy_v3_api_msg_extensions.clusters.dns.v3.DnsCluster>`.
diff --git a/source/common/upstream/cluster_factory_impl.cc b/source/common/upstream/cluster_factory_impl.cc
index a4324b8d472d..2d1754d7e6de 100644
--- a/source/common/upstream/cluster_factory_impl.cc
+++ b/source/common/upstream/cluster_factory_impl.cc
@@ -8,6 +8,7 @@
 #include "source/common/network/dns_resolver/dns_factory_util.h"
 #include "source/common/network/resolver_impl.h"
 #include "source/common/network/socket_option_factory.h"
+#include "source/common/protobuf/protobuf.h"
 #include "source/common/upstream/health_checker_impl.h"
 #include "source/server/transport_socket_config_impl.h"
 
@@ -21,29 +22,50 @@ ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluste
                                Ssl::ContextManager& ssl_context_manager,
                                Outlier::EventLoggerSharedPtr outlier_event_logger,
                                bool added_via_api) {
-  std::string cluster_type;
-
-  if (!cluster.has_cluster_type()) {
-    switch (cluster.type()) {
-      PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
-    case envoy::config::cluster::v3::Cluster::STATIC:
-      cluster_type = "envoy.cluster.static";
-      break;
-    case envoy::config::cluster::v3::Cluster::STRICT_DNS:
-      cluster_type = "envoy.cluster.strict_dns";
-      break;
-    case envoy::config::cluster::v3::Cluster::LOGICAL_DNS:
-      cluster_type = "envoy.cluster.logical_dns";
-      break;
-    case envoy::config::cluster::v3::Cluster::ORIGINAL_DST:
-      cluster_type = "envoy.cluster.original_dst";
-      break;
-    case envoy::config::cluster::v3::Cluster::EDS:
-      cluster_type = "envoy.cluster.eds";
-      break;
+  std::string cluster_name;
+  std::string cluster_config_type_name;
+
+  ClusterFactory* factory;
+  // try to look up by typed_config
+  if (cluster.has_cluster_type() && cluster.cluster_type().has_typed_config() &&
+      (TypeUtil::typeUrlToDescriptorFullName(cluster.cluster_type().typed_config().type_url()) !=
+       ProtobufWkt::Struct::GetDescriptor()->full_name())) {
+    cluster_config_type_name =
+        TypeUtil::typeUrlToDescriptorFullName(cluster.cluster_type().typed_config().type_url());
+    factory = Registry::FactoryRegistry<ClusterFactory>::getFactoryByType(cluster_config_type_name);
+    if (factory == nullptr) {
+      return absl::InvalidArgumentError(
+          fmt::format("Didn't find a registered cluster factory implementation for type: '{}'",
+                      cluster_config_type_name));
     }
   } else {
-    cluster_type = cluster.cluster_type().name();
+    if (!cluster.has_cluster_type()) {
+      switch (cluster.type()) {
+        PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
+      case envoy::config::cluster::v3::Cluster::STATIC:
+        cluster_name = "envoy.cluster.static";
+        break;
+      case envoy::config::cluster::v3::Cluster::STRICT_DNS:
+        cluster_name = "envoy.cluster.strict_dns";
+        break;
+      case envoy::config::cluster::v3::Cluster::LOGICAL_DNS:
+        cluster_name = "envoy.cluster.logical_dns";
+        break;
+      case envoy::config::cluster::v3::Cluster::ORIGINAL_DST:
+        cluster_name = "envoy.cluster.original_dst";
+        break;
+      case envoy::config::cluster::v3::Cluster::EDS:
+        cluster_name = "envoy.cluster.eds";
+        break;
+      }
+    } else {
+      cluster_name = cluster.cluster_type().name();
+    }
+    factory = Registry::FactoryRegistry<ClusterFactory>::getFactory(cluster_name);
+    if (factory == nullptr) {
+      return absl::InvalidArgumentError(fmt::format(
+          "Didn't find a registered cluster factory implementation for name: '{}'", cluster_name));
+    }
   }
 
   if (cluster.common_lb_config().has_consistent_hashing_lb_config() &&
@@ -51,13 +73,7 @@ ClusterFactoryImplBase::create(const envoy::config::cluster::v3::Cluster& cluste
       cluster.type() != envoy::config::cluster::v3::Cluster::STRICT_DNS) {
     return absl::InvalidArgumentError(fmt::format(
         "Cannot use hostname for consistent hashing loadbalancing for cluster of type: '{}'",
-        cluster_type));
-  }
-  ClusterFactory* factory = Registry::FactoryRegistry<ClusterFactory>::getFactory(cluster_type);
-
-  if (factory == nullptr) {
-    return absl::InvalidArgumentError(fmt::format(
-        "Didn't find a registered cluster factory implementation for name: '{}'", cluster_type));
+        cluster_name));
   }
 
   ClusterFactoryContextImpl context(server_context, cm, dns_resolver_fn, ssl_context_manager,
diff --git a/source/common/upstream/cluster_factory_impl.h b/source/common/upstream/cluster_factory_impl.h
index 8844dc629a3d..fe7da2846eb2 100644
--- a/source/common/upstream/cluster_factory_impl.h
+++ b/source/common/upstream/cluster_factory_impl.h
@@ -149,6 +149,13 @@ template <class ConfigProto> class ConfigurableClusterFactoryBase : public Clust
     return std::make_unique<ConfigProto>();
   }
 
+  std::set<std::string> configTypes() override {
+    auto ptr = createEmptyConfigProto();
+    ASSERT(ptr != nullptr);
+    Protobuf::ReflectableMessage reflectable_message = createReflectableMessage(*ptr);
+    return {std::string(reflectable_message->GetDescriptor()->full_name())};
+  }
+
 protected:
   ConfigurableClusterFactoryBase(const std::string& name) : ClusterFactoryImplBase(name) {}
 
diff --git a/source/extensions/clusters/common/dns_cluster_backcompat.h b/source/extensions/clusters/common/dns_cluster_backcompat.h
index b4ffe639b63c..d274dd737cc8 100644
--- a/source/extensions/clusters/common/dns_cluster_backcompat.h
+++ b/source/extensions/clusters/common/dns_cluster_backcompat.h
@@ -9,6 +9,7 @@ namespace Upstream {
 /**
  * create a DnsCluster from the legacy Cluster options so that we only have to worry about one API.
  * NOTE: this does not consider the `typed_dns_resolver_config` field.
+ * because choosing the dns resolver is done by the factory.
  */
 void createDnsClusterFromLegacyFields(
     const envoy::config::cluster::v3::Cluster& cluster,
diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
index 087a6c0b9f08..101befe9fcaa 100644
--- a/source/extensions/clusters/dns/dns_cluster.cc
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -8,7 +8,10 @@
 #include "envoy/config/endpoint/v3/endpoint_components.pb.h"
 #include "envoy/extensions/clusters/dns/v3/dns_cluster.pb.h"
 
+#include "source/common/network/dns_resolver/dns_factory_util.h"
 #include "source/extensions/clusters/common/dns_cluster_backcompat.h"
+#include "source/extensions/clusters/logical_dns/logical_dns_cluster.h"
+#include "source/extensions/clusters/strict_dns/strict_dns_cluster.h"
 
 namespace Envoy {
 namespace Upstream {
@@ -18,30 +21,30 @@ DnsClusterFactory::createClusterWithConfig(
     const envoy::config::cluster::v3::Cluster& cluster,
     const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
     Upstream::ClusterFactoryContext& context) {
-  std::string cluster_type_name = "";
-  switch (proto_config.dns_discovery_type()) {
-    PANIC_ON_PROTO_ENUM_SENTINEL_VALUES;
-  case envoy::extensions::clusters::dns::v3::DnsCluster::STRICT:
-    cluster_type_name = "envoy.cluster.strict_dns";
-    break;
-  case envoy::extensions::clusters::dns::v3::DnsCluster::LOGICAL:
-    cluster_type_name = "envoy.cluster.logical_dns";
-    break;
-  }
-  ClusterFactory* factory =
-      Registry::FactoryRegistry<ClusterFactory>::getFactory(cluster_type_name);
 
-  if (factory == nullptr) {
-    return absl::InvalidArgumentError(
-        fmt::format("Didn't find a registered cluster factory implementation for name: '{}'",
-                    cluster_type_name));
+  absl::StatusOr<Network::DnsResolverSharedPtr> dns_resolver_or_error;
+  if (proto_config.has_typed_dns_resolver_config()) {
+    Network::DnsResolverFactory& dns_resolver_factory =
+        Network::createDnsResolverFactoryFromTypedConfig(proto_config.typed_dns_resolver_config());
+    auto& server_context = context.serverFactoryContext();
+    dns_resolver_or_error = dns_resolver_factory.createDnsResolver(
+        server_context.mainThreadDispatcher(), server_context.api(),
+        proto_config.typed_dns_resolver_config());
+  } else {
+    dns_resolver_or_error = context.dnsResolver();
   }
-  auto dns_cluster = factory->create(cluster, context);
-  if (!dns_cluster.ok()) {
-    return dns_cluster.status();
+  RETURN_IF_NOT_OK(dns_resolver_or_error.status());
+  absl::StatusOr<std::unique_ptr<ClusterImplBase>> cluster_or_error;
+  if (proto_config.logical()) {
+    cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
+                                                 std::move(*dns_resolver_or_error));
+  } else {
+    cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config, context,
+                                                    std::move(*dns_resolver_or_error));
   }
-  return std::make_pair(std::dynamic_pointer_cast<ClusterImplBase>(dns_cluster->first),
-                        std::move(dns_cluster->second));
+
+  RETURN_IF_NOT_OK(cluster_or_error.status());
+  return std::make_pair(std::shared_ptr<ClusterImplBase>(std::move(*cluster_or_error)), nullptr);
 }
 
 /**
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
index c6c3d9c3cfa0..dab8e011e05a 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.cc
@@ -213,39 +213,17 @@ void LogicalDnsCluster::startResolve() {
       });
 }
 
-absl::StatusOr<Network::DnsResolverSharedPtr> LogicalDnsClusterFactory::selectDnsResolver(
-    const envoy::config::cluster::v3::Cluster& cluster,
-    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-    ClusterFactoryContext& context) {
-  if (proto_config.has_typed_dns_resolver_config()) {
-    Network::DnsResolverFactory& dns_resolver_factory =
-        Network::createDnsResolverFactoryFromTypedConfig(proto_config.typed_dns_resolver_config());
-    auto& server_context = context.serverFactoryContext();
-    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
-                                                  server_context.api(),
-                                                  proto_config.typed_dns_resolver_config());
-  }
-  return ClusterFactoryImplBase::selectDnsResolver(cluster, context);
-}
-
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-LogicalDnsClusterFactory::createClusterWithConfig(
-    const envoy::config::cluster::v3::Cluster& cluster,
-    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-    ClusterFactoryContext& context) {
-  auto dns_resolver_or_error = selectDnsResolver(cluster, proto_config, context);
-  THROW_IF_NOT_OK(dns_resolver_or_error.status());
+LogicalDnsClusterFactory::createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
+                                            ClusterFactoryContext& context) {
+  auto dns_resolver_or_error = selectDnsResolver(cluster, context);
+  THROW_IF_NOT_OK_REF(dns_resolver_or_error.status());
 
   absl::StatusOr<std::unique_ptr<LogicalDnsCluster>> cluster_or_error;
-  if (cluster.has_cluster_type()) {
-    cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
-                                                 std::move(*dns_resolver_or_error));
-  } else {
-    envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
-    createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
-    cluster_or_error = LogicalDnsCluster::create(cluster, proto_config_legacy, context,
-                                                 std::move(*dns_resolver_or_error));
-  }
+  envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
+  createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
+  cluster_or_error = LogicalDnsCluster::create(cluster, proto_config_legacy, context,
+                                               std::move(*dns_resolver_or_error));
 
   RETURN_IF_NOT_OK(cluster_or_error.status());
   return std::make_pair(std::shared_ptr<LogicalDnsCluster>(std::move(*cluster_or_error)), nullptr);
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 3838aae2f7d6..81c7977ddc8d 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -93,22 +93,15 @@ class LogicalDnsCluster : public ClusterImplBase {
   const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_;
 };
 
-class LogicalDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
-                                     envoy::extensions::clusters::dns::v3::DnsCluster> {
+class LogicalDnsClusterFactory : public Upstream::ClusterFactoryImplBase {
 public:
-  LogicalDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.logical_dns") {}
-
-  absl::StatusOr<Network::DnsResolverSharedPtr>
-  selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
-                    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-                    ClusterFactoryContext& context);
+  LogicalDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.logical_dns") {}
 
 private:
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-  createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
-                          const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-                          Upstream::ClusterFactoryContext& context) override;
+  createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
+                    Upstream::ClusterFactoryContext& context) override;
 };
 
 DECLARE_FACTORY(LogicalDnsClusterFactory);
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
index d30e22795836..b8fe1315516f 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.cc
@@ -234,39 +234,17 @@ void StrictDnsClusterImpl::ResolveTarget::startResolve() {
       });
 }
 
-absl::StatusOr<Network::DnsResolverSharedPtr> StrictDnsClusterFactory::selectDnsResolver(
-    const envoy::config::cluster::v3::Cluster& cluster,
-    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-    ClusterFactoryContext& context) {
-  if (proto_config.has_typed_dns_resolver_config()) {
-    Network::DnsResolverFactory& dns_resolver_factory =
-        Network::createDnsResolverFactoryFromTypedConfig(proto_config.typed_dns_resolver_config());
-    auto& server_context = context.serverFactoryContext();
-    return dns_resolver_factory.createDnsResolver(server_context.mainThreadDispatcher(),
-                                                  server_context.api(),
-                                                  proto_config.typed_dns_resolver_config());
-  }
-  return ClusterFactoryImplBase::selectDnsResolver(cluster, context);
-}
-
 absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-StrictDnsClusterFactory::createClusterWithConfig(
-    const envoy::config::cluster::v3::Cluster& cluster,
-    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-    Upstream::ClusterFactoryContext& context) {
+StrictDnsClusterFactory::createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
+                                           Upstream::ClusterFactoryContext& context) {
   absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>> cluster_or_error;
-  auto dns_resolver_or_error = selectDnsResolver(cluster, proto_config, context);
+  auto dns_resolver_or_error = selectDnsResolver(cluster, context);
   RETURN_IF_NOT_OK(dns_resolver_or_error.status());
 
-  if (cluster.has_cluster_type()) {
-    cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config, context,
-                                                    std::move(*dns_resolver_or_error));
-  } else {
-    envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
-    createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
-    cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config_legacy, context,
-                                                    std::move(*dns_resolver_or_error));
-  }
+  envoy::extensions::clusters::dns::v3::DnsCluster proto_config_legacy{};
+  createDnsClusterFromLegacyFields(cluster, proto_config_legacy);
+  cluster_or_error = StrictDnsClusterImpl::create(cluster, proto_config_legacy, context,
+                                                  std::move(*dns_resolver_or_error));
 
   RETURN_IF_NOT_OK(cluster_or_error.status());
   return std::make_pair(std::shared_ptr<StrictDnsClusterImpl>(std::move(*cluster_or_error)),
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 222563d59f08..5201452cc69b 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -84,21 +84,14 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 /**
  * Factory for StrictDnsClusterImpl
  */
-class StrictDnsClusterFactory : public Upstream::ConfigurableClusterFactoryBase<
-                                    envoy::extensions::clusters::dns::v3::DnsCluster> {
+class StrictDnsClusterFactory : public Upstream::ClusterFactoryImplBase {
 public:
-  StrictDnsClusterFactory() : ConfigurableClusterFactoryBase("envoy.cluster.strict_dns") {}
-
-  absl::StatusOr<Network::DnsResolverSharedPtr>
-  selectDnsResolver(const envoy::config::cluster::v3::Cluster& cluster,
-                    const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-                    ClusterFactoryContext& context);
+  StrictDnsClusterFactory() : Upstream::ClusterFactoryImplBase("envoy.cluster.strict_dns") {}
 
 private:
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
-  createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
-                          const envoy::extensions::clusters::dns::v3::DnsCluster& proto_config,
-                          Upstream::ClusterFactoryContext& context) override;
+  createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
+                    ClusterFactoryContext& context) override;
 };
 
 DECLARE_FACTORY(StrictDnsClusterFactory);
diff --git a/source/extensions/extensions_build_config.bzl b/source/extensions/extensions_build_config.bzl
index 5c6eb8e54b4d..b7143d92c446 100644
--- a/source/extensions/extensions_build_config.bzl
+++ b/source/extensions/extensions_build_config.bzl
@@ -19,6 +19,7 @@ EXTENSIONS = {
     #
 
     "envoy.clusters.aggregate":                         "//source/extensions/clusters/aggregate:cluster",
+    "envoy.clusters.dns":                               "//source/extensions/clusters/dns:dns_cluster_lib",
     "envoy.clusters.dynamic_forward_proxy":             "//source/extensions/clusters/dynamic_forward_proxy:cluster",
     "envoy.clusters.eds":                               "//source/extensions/clusters/eds:eds_lib",
     "envoy.clusters.redis":                             "//source/extensions/clusters/redis:redis_cluster",
@@ -26,7 +27,6 @@ EXTENSIONS = {
     "envoy.clusters.strict_dns":                        "//source/extensions/clusters/strict_dns:strict_dns_cluster_lib",
     "envoy.clusters.original_dst":                      "//source/extensions/clusters/original_dst:original_dst_cluster_lib",
     "envoy.clusters.logical_dns":                       "//source/extensions/clusters/logical_dns:logical_dns_cluster_lib",
-    "envoy.clusters.dns":                               "//source/extensions/clusters/dns:dns_cluster_lib",
 
     #
     # Compression
diff --git a/source/extensions/extensions_metadata.yaml b/source/extensions/extensions_metadata.yaml
index fe1c78236882..690d045f7c63 100644
--- a/source/extensions/extensions_metadata.yaml
+++ b/source/extensions/extensions_metadata.yaml
@@ -94,11 +94,15 @@ envoy.clusters.aggregate:
   - envoy.clusters
   security_posture: requires_trusted_downstream_and_upstream
   status: stable
+  type_urls:
+  - envoy.extensions.clusters.aggregate.v3.ClusterConfig
 envoy.clusters.dynamic_forward_proxy:
   categories:
   - envoy.clusters
   security_posture: robust_to_untrusted_downstream
   status: stable
+  type_urls:
+  - envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
 envoy.clusters.static:
   categories:
   - envoy.clusters
@@ -114,6 +118,8 @@ envoy.clusters.dns:
   - envoy.clusters
   security_posture: robust_to_untrusted_downstream_and_upstream
   status: stable
+  type_urls:
+  - envoy.extensions.clusters.dns.v3.DnsCluster
 envoy.clusters.original_dst:
   categories:
   - envoy.clusters
@@ -129,6 +135,8 @@ envoy.clusters.redis:
   - envoy.clusters
   security_posture: requires_trusted_downstream_and_upstream
   status: stable
+  type_urls:
+  - envoy.extensions.clusters.redis.v3.RedisClusterConfig
 envoy.clusters.logical_dns:
   categories:
   - envoy.clusters
diff --git a/test/common/upstream/BUILD b/test/common/upstream/BUILD
index 9798e6630fd6..dabd4a527bab 100644
--- a/test/common/upstream/BUILD
+++ b/test/common/upstream/BUILD
@@ -459,6 +459,7 @@ envoy_cc_test(
         "//source/common/network:address_lib",
         "//source/common/network:resolver_lib",
         "//source/common/network:utility_lib",
+        "//source/extensions/clusters/eds:eds_lib",
         # TODO(mattklein123): Split this into 2 tests for each cluster.
         "//source/extensions/clusters/static:static_cluster_lib",
         "//source/extensions/clusters/strict_dns:strict_dns_cluster_lib",
diff --git a/test/common/upstream/cluster_factory_impl_test.cc b/test/common/upstream/cluster_factory_impl_test.cc
index 5a1f1afd11c1..5e53a1c240f7 100644
--- a/test/common/upstream/cluster_factory_impl_test.cc
+++ b/test/common/upstream/cluster_factory_impl_test.cc
@@ -168,7 +168,7 @@ TEST_F(TestStaticClusterImplTest, CreateWithTypedConfig) {
       cluster_type:
           name: envoy.clusters.custom_static
           typed_config:
-            "@type": type.googleapis.com/test.integration.clusters.CustomStaticConfig
+            "@type": type.googleapis.com/test.integration.clusters.CustomStaticConfig1
             priority: 10
             address: 127.0.0.1
             port_value: 80
@@ -194,7 +194,7 @@ TEST_F(TestStaticClusterImplTest, CreateWithTypedConfig) {
   EXPECT_FALSE(cluster->info()->addedViaApi());
 }
 
-TEST_F(TestStaticClusterImplTest, UnsupportedClusterType) {
+TEST_F(TestStaticClusterImplTest, UnsupportedClusterName) {
   const std::string yaml = R"EOF(
     name: staticcluster
     connect_timeout: 0.25s
@@ -209,9 +209,6 @@ TEST_F(TestStaticClusterImplTest, UnsupportedClusterType) {
                     port_value: 443
     cluster_type:
         name: envoy.clusters.bad_cluster_name
-        typed_config:
-          "@type": type.googleapis.com/test.integration.clusters.CustomStaticConfig
-          priority: 10
   )EOF";
   // the factory is not registered, expect to fail
   const envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
@@ -224,6 +221,35 @@ TEST_F(TestStaticClusterImplTest, UnsupportedClusterType) {
             "'envoy.clusters.bad_cluster_name'");
 }
 
+TEST_F(TestStaticClusterImplTest, UnsupportedClusterType) {
+  std::string yaml = R"EOF(
+    name: staticcluster
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: 10.0.0.1
+                    port_value: 443
+    cluster_type:
+        name: envoy.clusters.logical_dns
+        typed_config:
+          "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster
+  )EOF";
+  // the factory is not registered, expect to fail
+  const envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
+  auto create_result =
+      ClusterFactoryImplBase::create(cluster_config, server_context_, cm_, dns_resolver_fn_,
+                                     ssl_context_manager_, std::move(outlier_event_logger_), false);
+  EXPECT_FALSE(create_result.ok());
+  EXPECT_EQ(create_result.status().message(),
+            "Didn't find a registered cluster factory implementation for type: "
+            "'envoy.config.cluster.v3.Cluster'");
+}
+
 TEST_F(TestStaticClusterImplTest, HostnameWithoutDNS) {
   const std::string yaml = R"EOF(
       name: staticcluster
@@ -241,7 +267,7 @@ TEST_F(TestStaticClusterImplTest, HostnameWithoutDNS) {
                     address: 10.0.0.1
                     port_value: 443
       cluster_type:
-        name: envoy.clusters.test_static
+        name: envoy.clusters.custom_static
     )EOF";
 
   const envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
@@ -251,7 +277,7 @@ TEST_F(TestStaticClusterImplTest, HostnameWithoutDNS) {
   EXPECT_FALSE(create_result.ok());
   EXPECT_EQ(create_result.status().message(),
             "Cannot use hostname for consistent hashing loadbalancing for cluster of type: "
-            "'envoy.clusters.test_static'");
+            "'envoy.clusters.custom_static'");
 }
 
 } // namespace
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 401ad2c9c5ce..86625351f32d 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -82,6 +82,24 @@ class UpstreamImplTestBase {
     return std::dynamic_pointer_cast<StaticClusterImpl>(status_or_cluster->first);
   }
 
+  absl::StatusOr<std::shared_ptr<StrictDnsClusterImpl>>
+  createStrictDnsCluster(const envoy::config::cluster::v3::Cluster& cluster_config,
+                         ClusterFactoryContext& factory_context,
+                         std::shared_ptr<Network::DnsResolver> dns_resolver) {
+    envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
+
+    ClusterFactoryContextImpl::LazyCreateDnsResolver resolver_fn = [&]() { return dns_resolver; };
+    auto status_or_cluster = ClusterFactoryImplBase::create(
+        cluster_config, factory_context.serverFactoryContext(),
+        factory_context.serverFactoryContext().clusterManager(), resolver_fn,
+        factory_context.sslContextManager(), nullptr, factory_context.addedViaApi());
+
+    if (!status_or_cluster.ok()) {
+      return status_or_cluster.status();
+    }
+    return (std::dynamic_pointer_cast<StrictDnsClusterImpl>(status_or_cluster->first));
+  }
+
   NiceMock<Server::Configuration::MockServerFactoryContext> server_context_;
   Stats::TestUtil::TestStore& stats_ = server_context_.store_;
   NiceMock<Random::MockRandomGenerator> random_;
@@ -93,30 +111,6 @@ class UpstreamImplTestBase {
 
 namespace {
 
-// Usually, the factory is in charge of parsing the cluster config and creating the DNS cluster,
-// but we can't use a factory to create because we need to inject our mock DNS resolver.
-absl::StatusOr<std::unique_ptr<StrictDnsClusterImpl>>
-makeStrictDnsClusterFromDnsResolver(const envoy::config::cluster::v3::Cluster& cluster_config,
-                                    ClusterFactoryContext& factory_context,
-                                    std::shared_ptr<Network::DnsResolver> dns_resolver) {
-  envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
-
-  if (cluster_config.has_cluster_type()) {
-    ProtobufTypes::MessagePtr dns_cluster_msg =
-        std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
-    Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
-                                           factory_context.messageValidationVisitor(),
-                                           *dns_cluster_msg);
-    dns_cluster =
-        MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
-            *dns_cluster_msg, factory_context.messageValidationVisitor());
-
-  } else {
-    createDnsClusterFromLegacyFields(cluster_config, dns_cluster);
-  }
-  return StrictDnsClusterImpl::create(cluster_config, dns_cluster, factory_context, dns_resolver);
-}
-
 std::list<std::string> hostListToAddresses(const HostVector& hosts) {
   std::list<std::string> addresses;
   for (const HostSharedPtr& host : hosts) {
@@ -223,14 +217,11 @@ class StrictDnsParamTest : public testing::TestWithParam<StrictDnsConfigTuple>,
         server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
         false);
     if (numerator <= 100) {
-      auto cluster =
-          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
+      auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver);
       EXPECT_EQ(drop_ratio, cluster->dropOverload().value());
     } else {
       EXPECT_EQ(
-          makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
-              .status()
-              .message(),
+          createStrictDnsCluster(cluster_config, factory_context, dns_resolver).status().message(),
           fmt::format("load_balancing_policy.drop_overload_limit runtime key config {} is invalid. "
                       "The valid range is 0~100",
                       numerator));
@@ -273,8 +264,8 @@ TEST_P(StrictDnsParamTest, ImmediateResolve) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver);
+
   cluster->initialize([&]() -> void { initialized.ready(); });
   EXPECT_EQ(2UL, cluster->prioritySet().hostSetsPerPriority()[0]->hosts().size());
   EXPECT_EQ(2UL, cluster->prioritySet().hostSetsPerPriority()[0]->healthyHosts().size());
@@ -302,8 +293,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBasicMillion) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver);
   EXPECT_EQ(0.000035f, cluster->dropOverload().value());
   EXPECT_EQ("test", cluster->dropCategory());
 }
@@ -330,8 +320,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBasicTenThousand) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver);
   EXPECT_EQ(0.1f, cluster->dropOverload().value());
   EXPECT_EQ("foo", cluster->dropCategory());
 }
@@ -359,10 +348,9 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBadDenominator) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  EXPECT_EQ(makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
-                .status()
-                .message(),
-            "Cluster drop_overloads config denominator setting is invalid : 4. Valid range 0~2.");
+  EXPECT_EQ(
+      createStrictDnsCluster(cluster_config, factory_context, dns_resolver).status().message(),
+      "Cluster drop_overloads config denominator setting is invalid : 4. Valid range 0~2.");
 }
 
 TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBadNumerator) {
@@ -389,9 +377,7 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestBadNumerator) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
   EXPECT_EQ(
-      makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
-          .status()
-          .message(),
+      createStrictDnsCluster(cluster_config, factory_context, dns_resolver).status().message(),
       "Cluster drop_overloads config is invalid. drop_ratio=2(Numerator 200 / Denominator 100). "
       "The valid range is 0~1.");
 }
@@ -421,10 +407,9 @@ TEST_P(StrictDnsParamTest, DropOverLoadConfigTestMultipleCategory) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  EXPECT_EQ(makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver)
-                .status()
-                .message(),
-            "Cluster drop_overloads config has 2 categories. Envoy only support one.");
+  EXPECT_EQ(
+      createStrictDnsCluster(cluster_config, factory_context, dns_resolver).status().message(),
+      "Cluster drop_overloads config has 2 categories. Envoy only support one.");
 }
 
 // Drop overload runtime key configuration test
@@ -468,8 +453,7 @@ TEST_F(StrictDnsClusterImplTest, ZeroHostsIsInializedImmediately) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
   EXPECT_CALL(initialized, ready());
   cluster->initialize([&]() -> void { initialized.ready(); });
   EXPECT_EQ(0UL, cluster->prioritySet().hostSetsPerPriority()[0]->hosts().size());
@@ -502,8 +486,7 @@ TEST_F(StrictDnsClusterImplTest, ZeroHostsHealthChecker) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
   EXPECT_CALL(*health_checker, addHostCheckCompleteCb(_));
@@ -547,8 +530,7 @@ TEST_F(StrictDnsClusterImplTest, DontWaitForDNSOnInit) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher initialized;
 
@@ -629,8 +611,7 @@ TEST_F(StrictDnsClusterImplTest, Basic) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   EXPECT_CALL(runtime_.snapshot_, getInteger("circuit_breakers.name.default.max_connections", 43))
       .Times(AnyNumber());
@@ -799,8 +780,7 @@ TEST_F(StrictDnsClusterImplTest, HostRemovalActiveHealthSkipped) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -860,8 +840,7 @@ TEST_F(StrictDnsClusterImplTest, HostRemovalAfterHcFail) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -940,8 +919,7 @@ TEST_F(StrictDnsClusterImplTest, HostUpdateWithDisabledACEndpoint) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   std::shared_ptr<MockHealthChecker> health_checker(new MockHealthChecker());
   EXPECT_CALL(*health_checker, start());
@@ -1055,8 +1033,7 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasic) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   EXPECT_CALL(runtime_.snapshot_, getInteger("circuit_breakers.name.default.max_connections", 43));
   EXPECT_EQ(43U, cluster->info()->resourceManager(ResourcePriority::Default).connections().max());
@@ -1300,8 +1277,7 @@ TEST_F(StrictDnsClusterImplTest, LoadAssignmentBasicMultiplePriorities) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher membership_updated;
   auto priority_update_cb = cluster->prioritySet().addPriorityUpdateCb(
@@ -1420,8 +1396,7 @@ TEST_F(StrictDnsClusterImplTest, CustomResolverFails) {
       false);
 
   EXPECT_THROW_WITH_MESSAGE(
-      auto cluster =
-          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
+      auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_),
       EnvoyException, "STRICT_DNS clusters must NOT have a custom resolver name set");
 }
 
@@ -1453,8 +1428,7 @@ TEST_F(StrictDnsClusterImplTest, FailureRefreshRateBackoffResetsWhenSuccessHappe
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   cluster->initialize([] {});
 
@@ -1484,11 +1458,9 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig) {
     connect_timeout: 0.25s
     cluster_type:
       name: envoy.cluster.strict_dns
-      typed_config:
-        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
-        dns_refresh_rate: 4s
-        dns_jitter: 0s
-        respect_dns_ttl: true
+    dns_refresh_rate: 4s
+    dns_jitter: 0s
+    respect_dns_ttl: true
     lb_policy: ROUND_ROBIN
     load_assignment:
         endpoints:
@@ -1533,7 +1505,7 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
         dns_refresh_rate: 4s
         dns_jitter: 0s
         respect_dns_ttl: true
-        dns_discovery_type: STRICT
+        logical: false
     lb_policy: ROUND_ROBIN
     load_assignment:
         endpoints:
@@ -1591,8 +1563,7 @@ TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateNoJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   ReadyWatcher membership_updated;
   auto priority_update_cb = cluster->prioritySet().addPriorityUpdateCb(
@@ -1643,7 +1614,7 @@ TEST_F(StrictDnsClusterImplTest, NegativeDnsJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
   EXPECT_THROW_WITH_MESSAGE(
-      auto x = *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
+      auto x = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_),
       EnvoyException, "Invalid duration: Expected positive duration: seconds: -1\n");
 }
 TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateYesJitter) {
@@ -1673,8 +1644,7 @@ TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateYesJitter) {
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
 
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
   cluster->initialize([] {});
 
@@ -1714,8 +1684,7 @@ TEST_F(StrictDnsClusterImplTest, ExtremeJitter) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
   cluster->initialize([] {});
 
   EXPECT_CALL(*resolver.timer_, enableTimer(testing::Ge(std::chrono::milliseconds(1000)), _));
@@ -1778,8 +1747,7 @@ TEST_F(StrictDnsClusterImplTest, Http2UserDefinedSettingsParametersValidation) {
       false);
 
   EXPECT_THROW_WITH_REGEX(
-      auto cluster =
-          *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver_),
+      auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_),
       EnvoyException,
       R"(the \{hpack_table_size\} HTTP/2 SETTINGS parameter\(s\) can not be configured through)"
       " both");
@@ -3994,8 +3962,7 @@ TEST_F(ClusterImplTest, CloseConnectionsOnHostHealthFailure) {
   Envoy::Upstream::ClusterFactoryContextImpl factory_context(
       server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
       false);
-  auto cluster =
-      *makeStrictDnsClusterFromDnsResolver(cluster_config, factory_context, dns_resolver);
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver);
 
   EXPECT_TRUE(cluster->info()->features() &
               ClusterInfo::Features::CLOSE_CONNECTIONS_ON_HOST_HEALTH_FAILURE);
@@ -4194,20 +4161,21 @@ TEST(PrioritySet, MainPrioritySetTest) {
   EXPECT_EQ(nullptr, priority_set.mutableHostMapForTest().get());
 }
 
-class ClusterInfoImplTest : public testing::Test {
+class ClusterInfoImplTest : public testing::Test, public UpstreamImplTestBase {
 public:
   ClusterInfoImplTest() { ON_CALL(server_context_, api()).WillByDefault(ReturnRef(*api_)); }
 
-  std::unique_ptr<StrictDnsClusterImpl> makeCluster(const std::string& yaml) {
+  std::shared_ptr<StrictDnsClusterImpl> makeCluster(const std::string& yaml) {
     cluster_config_ = parseClusterFromV3Yaml(yaml);
 
     Envoy::Upstream::ClusterFactoryContextImpl factory_context(
-        server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
-        false);
+        server_context_, server_context_.cluster_manager_, [&]() { return dns_resolver_; },
+        ssl_context_manager_, nullptr, false);
 
-    return THROW_OR_RETURN_VALUE(
-        makeStrictDnsClusterFromDnsResolver(cluster_config_, factory_context, dns_resolver_),
-        std::unique_ptr<StrictDnsClusterImpl>);
+    StrictDnsClusterFactory factory{};
+    auto status_or_cluster = factory.create(cluster_config_, factory_context);
+    THROW_IF_NOT_OK_REF(status_or_cluster.status());
+    return std::dynamic_pointer_cast<StrictDnsClusterImpl>(status_or_cluster->first);
   }
 
   class RetryBudgetTestClusterInfo : public ClusterInfoImpl {
@@ -5110,7 +5078,7 @@ TEST_F(ClusterInfoImplTest, ExtensionProtocolOptionsForFilterWithOptions) {
 
   // This vector is used to gather clusters with extension_protocol_options from the different
   // types of extension factories (network, http).
-  std::vector<std::unique_ptr<StrictDnsClusterImpl>> clusters;
+  std::vector<std::shared_ptr<StrictDnsClusterImpl>> clusters;
 
   {
     // Get the cluster with extension_protocol_options for a network filter factory.
diff --git a/test/extensions/clusters/common/BUILD b/test/extensions/clusters/common/BUILD
index ec0f1d031afa..82b2239190f6 100644
--- a/test/extensions/clusters/common/BUILD
+++ b/test/extensions/clusters/common/BUILD
@@ -39,6 +39,7 @@ envoy_cc_test(
     deps = [
         "//source/common/config:utility_lib",
         "//source/extensions/clusters/common:logical_host_lib",
+        "//source/extensions/clusters/dns:dns_cluster_lib",
         "//source/extensions/clusters/logical_dns:logical_dns_cluster_lib",
         "//test/integration:http_integration_lib",
         "//test/mocks/network:network_mocks",
diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index 30eb3edfb537..1154aa620488 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -91,6 +91,7 @@ TEST_P(LogicalHostIntegrationTest, LogicalDNSRaceCrashTest) {
     envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
     // Make the refresh rate fast to hit the R/W race.
     dns_cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
+    dns_cluster.set_logical(true);
     cluster.mutable_cluster_type()->mutable_typed_config()->PackFrom(dns_cluster);
   });
   config_helper_.addConfigModifier(
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 1de4fa1b8bf4..43461d5b6ce0 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -66,9 +66,10 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
     if (cluster_config.has_cluster_type()) {
       ProtobufTypes::MessagePtr dns_cluster_msg =
           std::make_unique<envoy::extensions::clusters::dns::v3::DnsCluster>();
-      Config::Utility::translateOpaqueConfig(cluster_config.cluster_type().typed_config(),
-                                             factory_context.messageValidationVisitor(),
-                                             *dns_cluster_msg);
+      ASSERT_TRUE(Config::Utility::translateOpaqueConfig(
+                      cluster_config.cluster_type().typed_config(),
+                      factory_context.messageValidationVisitor(), *dns_cluster_msg)
+                      .ok());
       dns_cluster =
           MessageUtil::downcastAndValidate<const envoy::extensions::clusters::dns::v3::DnsCluster&>(
               *dns_cluster_msg, factory_context.messageValidationVisitor());
@@ -78,7 +79,7 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
 
     status_or_cluster =
         LogicalDnsCluster::create(cluster_config, dns_cluster, factory_context, dns_resolver_);
-    THROW_IF_NOT_OK(status_or_cluster.status());
+    THROW_IF_NOT_OK_REF(status_or_cluster.status());
     cluster_ = std::move(*status_or_cluster);
     priority_update_cb_ = cluster_->prioritySet().addPriorityUpdateCb(
         [&](uint32_t, const HostVector&, const HostVector&) {
@@ -88,20 +89,15 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
     cluster_->initialize([&]() -> void { initialized_.ready(); });
   }
 
-  template <class Factory = LogicalDnsClusterFactory>
   absl::Status factorySetupFromV3Yaml(const std::string& yaml) {
     ON_CALL(server_context_, api()).WillByDefault(ReturnRef(*api_));
     resolve_timer_ = new Event::MockTimer(&server_context_.dispatcher_);
     NiceMock<MockClusterManager> cm;
     envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
     ClusterFactoryContextImpl::LazyCreateDnsResolver resolver_fn = [&]() { return dns_resolver_; };
-    Envoy::Upstream::ClusterFactoryContextImpl factory_context(
-        server_context_, server_context_.cluster_manager_, resolver_fn, ssl_context_manager_,
-        nullptr, false);
-
-    Factory factory;
-
-    auto status_or_cluster = factory.create(cluster_config, factory_context);
+    auto status_or_cluster = ClusterFactoryImplBase::create(
+        cluster_config, server_context_, server_context_.cluster_manager_, resolver_fn,
+        ssl_context_manager_, nullptr, false);
     if (status_or_cluster.ok()) {
       cluster_ = std::dynamic_pointer_cast<LogicalDnsCluster>(status_or_cluster->first);
       priority_update_cb_ = cluster_->prioritySet().addPriorityUpdateCb(
@@ -443,56 +439,42 @@ TEST_F(LogicalDnsParamTest, TtlAsDnsRefreshRate) {
                 TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
 }
 
-TEST_F(LogicalDnsParamTest, UseNewConfig) {
-  const std::string yaml = R"EOF(
+TEST_F(LogicalDnsClusterTest, BadConfig) {
+  const std::string multiple_hosts_yaml = R"EOF(
   name: name
-  cluster_type:
-    name: envoy.cluster.logical_dns
-    typed_config:
-      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
-      dns_refresh_rate: 4s
-      respect_dns_ttl: true
-      # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
-      # dns_lookup_family to V4_ONLY explicitly for v2 .yaml config.
-      dns_lookup_family: V4_ONLY
+  type: LOGICAL_DNS
+  dns_refresh_rate: 4s
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   load_assignment:
+        cluster_name: name
         endpoints:
           - lb_endpoints:
             - endpoint:
                 address:
                   socket_address:
-                     address: foo.bar.com
-                     port_value: 443
+                    address: foo.bar.com
+                    port_value: 443
+            - endpoint:
+                address:
+                  socket_address:
+                    address: foo2.bar.com
+                    port_value: 443
   )EOF";
 
-  expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
-  setupFromV3Yaml(yaml);
-
-  // TTL is recorded when the DNS response is successful and not empty
-  EXPECT_CALL(membership_updated_, ready());
-  EXPECT_CALL(initialized_, ready());
-  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(5000), _));
-  dns_callback_(Network::DnsResolver::ResolutionStatus::Completed, "",
-                TestUtility::makeDnsResponse({"127.0.0.1", "127.0.0.2"}, std::chrono::seconds(5)));
-
-  // If the response is successful but empty, the cluster uses the cluster configured refresh rate.
-  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
-  dns_callback_(Network::DnsResolver::ResolutionStatus::Completed, "",
-                TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
-
-  // On failure, the cluster uses the cluster configured refresh rate.
-  EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
-  dns_callback_(Network::DnsResolver::ResolutionStatus::Failure, "",
-                TestUtility::makeDnsResponse({}, std::chrono::seconds(5)));
-}
+  EXPECT_EQ(
+      factorySetupFromV3Yaml(multiple_hosts_yaml).message(),
+      "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
-TEST_F(LogicalDnsClusterTest, BadConfig) {
-  const std::string multiple_hosts_yaml = R"EOF(
+  const std::string multiple_hosts_cluster_type_yaml = R"EOF(
   name: name
-  type: LOGICAL_DNS
-  dns_refresh_rate: 4s
+  cluster_type:
+    name: envoy.cluster.strict_dns # (this is right, name shouldnt matter)
+    typed_config:
+      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+      dns_refresh_rate: 4s
+      logical: true
+      dns_lookup_family: V4_ONLY
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   load_assignment:
@@ -504,128 +486,220 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
                   socket_address:
                     address: foo.bar.com
                     port_value: 443
+                health_check_config:
+                  port_value: 8000
             - endpoint:
                 address:
                   socket_address:
-                    address: foo2.bar.com
+                    address: hello.world.com
                     port_value: 443
+                health_check_config:
+                  port_value: 8000
   )EOF";
 
   EXPECT_EQ(
-      factorySetupFromV3Yaml(multiple_hosts_yaml).message(),
-      "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
-  EXPECT_EQ(
-      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_hosts_yaml).message(),
+      factorySetupFromV3Yaml(multiple_hosts_cluster_type_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string multiple_lb_endpoints_yaml = R"EOF(
-  name: name
-  type: LOGICAL_DNS
-  dns_refresh_rate: 4s
-  connect_timeout: 0.25s
-  lb_policy: ROUND_ROBIN
-  dns_lookup_family: V4_ONLY
-  load_assignment:
-    cluster_name: name
-    endpoints:
-      - lb_endpoints:
-        - endpoint:
-            address:
-              socket_address:
-                address: foo.bar.com
-                port_value: 443
-            health_check_config:
-              port_value: 8000
-        - endpoint:
-            address:
-              socket_address:
-                address: hello.world.com
-                port_value: 443
-            health_check_config:
-              port_value: 8000
-  )EOF";
+    name: name
+    type: LOGICAL_DNS
+    dns_refresh_rate: 4s
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    dns_lookup_family: V4_ONLY
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: foo.bar.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+    )EOF";
 
   EXPECT_EQ(
       factorySetupFromV3Yaml(multiple_lb_endpoints_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+
+  const std::string multiple_lb_endpoints_cluster_type_yaml = R"EOF(
+    name: name
+    cluster_type:
+      name: envoy.cluster.logical_dns
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_refresh_rate: 4s
+        logical: true
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    dns_lookup_family: V4_ONLY
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: foo.bar.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+    )EOF";
+
   EXPECT_EQ(
-      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_lb_endpoints_yaml).message(),
+      factorySetupFromV3Yaml(multiple_lb_endpoints_cluster_type_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string multiple_endpoints_yaml = R"EOF(
-  name: name
-  type: LOGICAL_DNS
-  dns_refresh_rate: 4s
-  connect_timeout: 0.25s
-  lb_policy: ROUND_ROBIN
-  dns_lookup_family: V4_ONLY
-  load_assignment:
-    cluster_name: name
-    endpoints:
-      - lb_endpoints:
-        - endpoint:
-            address:
-              socket_address:
-                address: foo.bar.com
-                port_value: 443
-            health_check_config:
-              port_value: 8000
-
-      - lb_endpoints:
-        - endpoint:
-            address:
-              socket_address:
-                address: hello.world.com
-                port_value: 443
-            health_check_config:
-              port_value: 8000
-  )EOF";
+    name: name
+    type: LOGICAL_DNS
+    dns_refresh_rate: 4s
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    dns_lookup_family: V4_ONLY
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: foo.bar.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+    )EOF";
 
   EXPECT_EQ(
       factorySetupFromV3Yaml(multiple_endpoints_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
+
+  const std::string multiple_endpoints_cluster_type_yaml = R"EOF(
+    name: name
+    cluster_type:
+      name: abc
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_lookup_family: V4_ONLY
+        dns_refresh_rate: 4s
+        logical: true
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: foo.bar.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+              health_check_config:
+                port_value: 8000
+    )EOF";
+
   EXPECT_EQ(
-      factorySetupFromV3Yaml<DnsClusterFactory>(multiple_endpoints_yaml).message(),
+      factorySetupFromV3Yaml(multiple_endpoints_cluster_type_yaml).message(),
       "LOGICAL_DNS clusters must have a single locality_lb_endpoint and a single lb_endpoint");
 
   const std::string custom_resolver_yaml = R"EOF(
-  name: name
-  type: LOGICAL_DNS
-  dns_refresh_rate: 4s
-  connect_timeout: 0.25s
-  lb_policy: ROUND_ROBIN
-  dns_lookup_family: V4_ONLY
-  load_assignment:
-    cluster_name: name
-    endpoints:
-      - lb_endpoints:
-        - endpoint:
-            address:
-              socket_address:
-                address: hello.world.com
-                port_value: 443
-                resolver_name: customresolver
-            health_check_config:
-              port_value: 8000
-  )EOF";
+    name: name
+    type: LOGICAL_DNS
+    dns_refresh_rate: 4s
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    dns_lookup_family: V4_ONLY
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+                  resolver_name: customresolver
+              health_check_config:
+                port_value: 8000
+    )EOF";
 
   EXPECT_EQ(factorySetupFromV3Yaml(custom_resolver_yaml).message(),
             "LOGICAL_DNS clusters must NOT have a custom resolver name set");
-  EXPECT_EQ(factorySetupFromV3Yaml<DnsClusterFactory>(custom_resolver_yaml).message(),
+
+  const std::string custom_resolver_cluster_type_yaml = R"EOF(
+    name: name
+    cluster_type:
+      name: abc
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_lookup_family: V4_ONLY
+        dns_refresh_rate: 4s
+        logical: true
+    connect_timeout: 0.25s
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+      cluster_name: name
+      endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: hello.world.com
+                  port_value: 443
+                  resolver_name: customresolver
+              health_check_config:
+                port_value: 8000
+    )EOF";
+
+  EXPECT_EQ(factorySetupFromV3Yaml(custom_resolver_cluster_type_yaml).message(),
             "LOGICAL_DNS clusters must NOT have a custom resolver name set");
 }
 
 // Test using both types of names in the cluster type.
-TEST_F(LogicalDnsClusterTest, UseDnsFactory2) {
+TEST_F(LogicalDnsClusterTest, UseDnsExtension) {
   const std::string config = R"EOF(
   name: name
   cluster_type:
-    name: envoy.cluster.dns
+    name: arglegarble
     typed_config:
       "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
       dns_refresh_rate: 4s
       dns_lookup_family: V4_ONLY
-      dns_discovery_type: LOGICAL
+      logical: true
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
@@ -643,7 +717,7 @@ TEST_F(LogicalDnsClusterTest, UseDnsFactory2) {
 
   EXPECT_CALL(initialized_, ready());
   expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
-  ASSERT_TRUE(factorySetupFromV3Yaml<DnsClusterFactory>(config).ok());
+  ASSERT_TRUE(factorySetupFromV3Yaml(config).ok());
 
   EXPECT_CALL(membership_updated_, ready());
   EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
@@ -653,15 +727,13 @@ TEST_F(LogicalDnsClusterTest, UseDnsFactory2) {
       TestUtility::makeDnsResponse({"127.0.0.1", "127.0.0.2"}, std::chrono::seconds(3000)));
 }
 
-TEST_F(LogicalDnsClusterTest, UseDnsFactory) {
+TEST_F(LogicalDnsClusterTest, TypedConfigBackcompat) {
   const std::string config = R"EOF(
   name: name
   cluster_type:
     name: envoy.cluster.logical_dns
-    typed_config:
-      "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
-      dns_refresh_rate: 4s
-      dns_lookup_family: V4_ONLY
+  dns_refresh_rate: 4s
+  dns_lookup_family: V4_ONLY
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set
@@ -679,7 +751,7 @@ TEST_F(LogicalDnsClusterTest, UseDnsFactory) {
 
   EXPECT_CALL(initialized_, ready());
   expectResolve(Network::DnsLookupFamily::V4Only, "foo.bar.com");
-  ASSERT_TRUE(factorySetupFromV3Yaml<DnsClusterFactory>(config).ok());
+  ASSERT_TRUE(factorySetupFromV3Yaml(config).ok());
 
   EXPECT_CALL(membership_updated_, ready());
   EXPECT_CALL(*resolve_timer_, enableTimer(std::chrono::milliseconds(4000), _));
diff --git a/test/integration/clusters/cluster_factory_config.proto b/test/integration/clusters/cluster_factory_config.proto
index 160e4ae5eb7d..a90ce520db99 100644
--- a/test/integration/clusters/cluster_factory_config.proto
+++ b/test/integration/clusters/cluster_factory_config.proto
@@ -2,7 +2,13 @@ syntax = "proto3";
 
 package test.integration.clusters;
 
-message CustomStaticConfig {
+message CustomStaticConfig1 {
+  uint32 priority = 1;
+  string address = 2;
+  uint32 port_value = 3;
+}
+
+message CustomStaticConfig2 {
   uint32 priority = 1;
   string address = 2;
   uint32 port_value = 3;
diff --git a/test/integration/clusters/custom_static_cluster.h b/test/integration/clusters/custom_static_cluster.h
index b540fba2b6e5..35655b7bf1eb 100644
--- a/test/integration/clusters/custom_static_cluster.h
+++ b/test/integration/clusters/custom_static_cluster.h
@@ -22,6 +22,8 @@
 
 namespace Envoy {
 
+template <class ConfigType> class CustomStaticClusterFactoryBase;
+
 class CustomStaticCluster : public Upstream::ClusterImplBase {
 public:
   CustomStaticCluster(const envoy::config::cluster::v3::Cluster& cluster,
@@ -47,39 +49,43 @@ class CustomStaticCluster : public Upstream::ClusterImplBase {
   const uint32_t port_;
   const Upstream::HostSharedPtr host_;
 
-  friend class CustomStaticClusterFactoryBase;
+  friend class CustomStaticClusterFactoryBase<test::integration::clusters::CustomStaticConfig1>;
+  friend class CustomStaticClusterFactoryBase<test::integration::clusters::CustomStaticConfig2>;
 };
 
-class CustomStaticClusterFactoryBase : public Upstream::ConfigurableClusterFactoryBase<
-                                           test::integration::clusters::CustomStaticConfig> {
+template <class ConfigProto>
+class CustomStaticClusterFactoryBase
+    : public Upstream::ConfigurableClusterFactoryBase<ConfigProto> {
 protected:
   CustomStaticClusterFactoryBase(const std::string& name, bool create_lb)
-      : ConfigurableClusterFactoryBase(name), create_lb_(create_lb) {}
+      : Upstream::ConfigurableClusterFactoryBase<ConfigProto>(name), create_lb_(create_lb) {}
 
 private:
   absl::StatusOr<
       std::pair<Upstream::ClusterImplBaseSharedPtr, Upstream::ThreadAwareLoadBalancerPtr>>
   createClusterWithConfig(const envoy::config::cluster::v3::Cluster& cluster,
-                          const test::integration::clusters::CustomStaticConfig& proto_config,
+                          const ConfigProto& proto_config,
                           Upstream::ClusterFactoryContext& context) override {
     absl::Status creation_status = absl::OkStatus();
     auto new_cluster = std::make_shared<CustomStaticCluster>(
         cluster, context, proto_config.priority(), proto_config.address(),
         proto_config.port_value(), creation_status);
-    THROW_IF_NOT_OK(creation_status);
+    THROW_IF_NOT_OK_REF(creation_status);
     return std::make_pair(new_cluster, create_lb_ ? new_cluster->threadAwareLb() : nullptr);
   }
 
   const bool create_lb_;
 };
 
-class CustomStaticClusterFactoryNoLb : public CustomStaticClusterFactoryBase {
+class CustomStaticClusterFactoryNoLb
+    : public CustomStaticClusterFactoryBase<test::integration::clusters::CustomStaticConfig1> {
 public:
   CustomStaticClusterFactoryNoLb()
-      : CustomStaticClusterFactoryBase("envoy.clusters.custom_static", false) {}
+      : CustomStaticClusterFactoryBase("envoy.clusters.custom_static", false){};
 };
 
-class CustomStaticClusterFactoryWithLb : public CustomStaticClusterFactoryBase {
+class CustomStaticClusterFactoryWithLb
+    : public CustomStaticClusterFactoryBase<test::integration::clusters::CustomStaticConfig2> {
 public:
   CustomStaticClusterFactoryWithLb()
       : CustomStaticClusterFactoryBase("envoy.clusters.custom_static_with_lb", true) {}
diff --git a/test/integration/custom_cluster_integration_test.cc b/test/integration/custom_cluster_integration_test.cc
index 0ba7910e1a2c..1ba5c02c5b07 100644
--- a/test/integration/custom_cluster_integration_test.cc
+++ b/test/integration/custom_cluster_integration_test.cc
@@ -33,11 +33,19 @@ class CustomClusterIntegrationTest : public testing::TestWithParam<Network::Addr
       envoy::config::cluster::v3::Cluster::CustomClusterType cluster_type;
       cluster_type.set_name(cluster_provided_lb_ ? "envoy.clusters.custom_static_with_lb"
                                                  : "envoy.clusters.custom_static");
-      test::integration::clusters::CustomStaticConfig config;
-      config.set_priority(10);
-      config.set_address(Network::Test::getLoopbackAddressString(ipVersion()));
-      config.set_port_value(fake_upstreams_[UpstreamIndex]->localAddress()->ip()->port());
-      cluster_type.mutable_typed_config()->PackFrom(config);
+      if (!cluster_provided_lb_) {
+        test::integration::clusters::CustomStaticConfig1 config;
+        config.set_priority(10);
+        config.set_address(Network::Test::getLoopbackAddressString(ipVersion()));
+        config.set_port_value(fake_upstreams_[UpstreamIndex]->localAddress()->ip()->port());
+        cluster_type.mutable_typed_config()->PackFrom(config);
+      } else {
+        test::integration::clusters::CustomStaticConfig2 config;
+        config.set_priority(10);
+        config.set_address(Network::Test::getLoopbackAddressString(ipVersion()));
+        config.set_port_value(fake_upstreams_[UpstreamIndex]->localAddress()->ip()->port());
+        cluster_type.mutable_typed_config()->PackFrom(config);
+      }
 
       cluster_0->mutable_cluster_type()->CopyFrom(cluster_type);
     });

From 82ae4ce1cc75b914a9fead04a535151f3855781e Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 25 Nov 2024 11:02:12 -0500
Subject: [PATCH 38/46] Better coverage

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 source/extensions/clusters/dns/BUILD          |  1 +
 .../logical_dns/logical_dns_cluster.h         |  4 +-
 .../clusters/strict_dns/strict_dns_cluster.h  |  4 +-
 test/common/upstream/BUILD                    |  1 +
 test/common/upstream/upstream_impl_test.cc    | 53 ++++++++++++++++---
 .../logical_dns/logical_dns_cluster_test.cc   | 34 ++++++------
 6 files changed, 68 insertions(+), 29 deletions(-)

diff --git a/source/extensions/clusters/dns/BUILD b/source/extensions/clusters/dns/BUILD
index f269498f08d4..29df85897b31 100644
--- a/source/extensions/clusters/dns/BUILD
+++ b/source/extensions/clusters/dns/BUILD
@@ -12,6 +12,7 @@ envoy_cc_extension(
     name = "dns_cluster_lib",
     srcs = ["dns_cluster.cc"],
     hdrs = ["dns_cluster.h"],
+    visibility = ["//visibility:public"],
     deps = [
         "//source/common/upstream:cluster_factory_includes",
         "//source/common/upstream:upstream_includes",
diff --git a/source/extensions/clusters/logical_dns/logical_dns_cluster.h b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
index 81c7977ddc8d..975a494ca94a 100644
--- a/source/extensions/clusters/logical_dns/logical_dns_cluster.h
+++ b/source/extensions/clusters/logical_dns/logical_dns_cluster.h
@@ -93,7 +93,7 @@ class LogicalDnsCluster : public ClusterImplBase {
   const envoy::config::endpoint::v3::ClusterLoadAssignment load_assignment_;
 };
 
-class LogicalDnsClusterFactory : public Upstream::ClusterFactoryImplBase {
+class LogicalDnsClusterFactory : public ClusterFactoryImplBase {
 public:
   LogicalDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.logical_dns") {}
 
@@ -101,7 +101,7 @@ class LogicalDnsClusterFactory : public Upstream::ClusterFactoryImplBase {
   friend class LogicalDnsClusterTest;
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
   createClusterImpl(const envoy::config::cluster::v3::Cluster& cluster,
-                    Upstream::ClusterFactoryContext& context) override;
+                    ClusterFactoryContext& context) override;
 };
 
 DECLARE_FACTORY(LogicalDnsClusterFactory);
diff --git a/source/extensions/clusters/strict_dns/strict_dns_cluster.h b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
index 5201452cc69b..0f15b399b794 100644
--- a/source/extensions/clusters/strict_dns/strict_dns_cluster.h
+++ b/source/extensions/clusters/strict_dns/strict_dns_cluster.h
@@ -84,9 +84,9 @@ class StrictDnsClusterImpl : public BaseDynamicClusterImpl {
 /**
  * Factory for StrictDnsClusterImpl
  */
-class StrictDnsClusterFactory : public Upstream::ClusterFactoryImplBase {
+class StrictDnsClusterFactory : public ClusterFactoryImplBase {
 public:
-  StrictDnsClusterFactory() : Upstream::ClusterFactoryImplBase("envoy.cluster.strict_dns") {}
+  StrictDnsClusterFactory() : ClusterFactoryImplBase("envoy.cluster.strict_dns") {}
 
 private:
   absl::StatusOr<std::pair<ClusterImplBaseSharedPtr, ThreadAwareLoadBalancerPtr>>
diff --git a/test/common/upstream/BUILD b/test/common/upstream/BUILD
index dabd4a527bab..b105fa7ca8ff 100644
--- a/test/common/upstream/BUILD
+++ b/test/common/upstream/BUILD
@@ -459,6 +459,7 @@ envoy_cc_test(
         "//source/common/network:address_lib",
         "//source/common/network:resolver_lib",
         "//source/common/network:utility_lib",
+        "//source/extensions/clusters/dns:dns_cluster_lib",
         "//source/extensions/clusters/eds:eds_lib",
         # TODO(mattklein123): Split this into 2 tests for each cluster.
         "//source/extensions/clusters/static:static_cluster_lib",
diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 86625351f32d..d0dff130d3d6 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -1479,11 +1479,9 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig) {
       [dns_resolver = this->dns_resolver_]() { return dns_resolver; }, ssl_context_manager_,
       nullptr, false);
 
-  auto factory = StrictDnsClusterFactory();
-  auto cluster = factory.create(cluster_config, factory_context);
-  ASSERT_TRUE(cluster.ok());
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
-  cluster->first->initialize([] {});
+  cluster->initialize([] {});
 
   EXPECT_CALL(*resolver.timer_, enableTimer(_, _));
   ON_CALL(random_, random()).WillByDefault(Return(8000));
@@ -1524,11 +1522,9 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
       [dns_resolver = this->dns_resolver_]() { return dns_resolver; }, ssl_context_manager_,
       nullptr, false);
 
-  auto factory = StrictDnsClusterFactory();
-  auto cluster = factory.create(cluster_config, factory_context);
-  ASSERT_TRUE(cluster.ok());
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, dns_resolver_);
 
-  cluster->first->initialize([] {});
+  cluster->initialize([] {});
 
   EXPECT_CALL(*resolver.timer_, enableTimer(_, _));
   ON_CALL(random_, random()).WillByDefault(Return(8000));
@@ -1537,6 +1533,47 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
       TestUtility::makeDnsResponse({"192.168.1.1", "192.168.1.2"}, std::chrono::seconds(30)));
 }
 
+TEST_F(StrictDnsClusterImplTest, ClusterTypeConfigTypedDnsResolverConfig) {
+  NiceMock<Network::MockDnsResolverFactory> dns_resolver_factory;
+  Registry::InjectFactory<Network::DnsResolverFactory> registered_dns_factory(dns_resolver_factory);
+  EXPECT_CALL(dns_resolver_factory, createDnsResolver(_, _, _)).WillOnce(Return(dns_resolver_));
+  const std::string yaml = R"EOF(
+    name: name
+    connect_timeout: 0.25s
+    cluster_type:
+      name: envoy.cluster.dns
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
+        dns_refresh_rate: 4s
+        dns_jitter: 0s
+        respect_dns_ttl: true
+        logical: false
+        typed_dns_resolver_config:
+          name: envoy.network.dns_resolver.cares
+          typed_config:
+            "@type": type.googleapis.com/envoy.extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig
+    lb_policy: ROUND_ROBIN
+    load_assignment:
+        endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: localhost1
+                    port_value: 11001
+  )EOF";
+
+  envoy::config::cluster::v3::Cluster cluster_config = parseClusterFromV3Yaml(yaml);
+
+  // No `dns_resolver_fn` so test segfaults if trying to use default Dns resolver rather than
+  // creating one from the function>
+  Envoy::Upstream::ClusterFactoryContextImpl factory_context(
+      server_context_, server_context_.cluster_manager_, nullptr, ssl_context_manager_, nullptr,
+      false);
+
+  auto cluster = *createStrictDnsCluster(cluster_config, factory_context, nullptr);
+}
+
 TEST_F(StrictDnsClusterImplTest, TtlAsDnsRefreshRateNoJitter) {
   ResolverData resolver(*dns_resolver_, server_context_.dispatcher_);
 
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 43461d5b6ce0..0dd945484967 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -478,23 +478,23 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   load_assignment:
-        cluster_name: name
-        endpoints:
-          - lb_endpoints:
-            - endpoint:
-                address:
-                  socket_address:
-                    address: foo.bar.com
-                    port_value: 443
-                health_check_config:
-                  port_value: 8000
-            - endpoint:
-                address:
-                  socket_address:
-                    address: hello.world.com
-                    port_value: 443
-                health_check_config:
-                  port_value: 8000
+    cluster_name: name
+    endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: foo.bar.com
+                port_value: 443
+            health_check_config:
+              port_value: 8000
+        - endpoint:
+            address:
+              socket_address:
+                address: hello.world.com
+                port_value: 443
+            health_check_config:
+              port_value: 8000
   )EOF";
 
   EXPECT_EQ(

From e8bd59a7d8c38bede515e9dac2702e0913c504aa Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 25 Nov 2024 12:08:32 -0500
Subject: [PATCH 39/46] Typo

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 changelogs/current.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/current.yaml b/changelogs/current.yaml
index 88c3dd361813..e990d79fd9cb 100644
--- a/changelogs/current.yaml
+++ b/changelogs/current.yaml
@@ -79,7 +79,7 @@ minor_behavior_changes:
       :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`.
 - area: cluster
   change: |
-      Clusters factories are registered by configurtion type for
+      Clusters factories are registered by configuration type for
       :ref:`cluster_type<envoy_v3_api_field_config.cluster.v3.Cluster.cluster_type>`
       and will use configuration type to lookup the corresponding factory when available.
 bug_fixes:

From bd0ae97cf52b8677238638a35708a2797b103bdc Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Thu, 12 Dec 2024 14:17:33 -0500
Subject: [PATCH 40/46] Better docs

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 92c5f1ed8fae..92be4350865c 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -18,7 +18,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 
 // [#protodoc-title: DNS cluster configuration]
 
-// Configuration for strict and logical DNS clusters.
+// Configuration for DNS discovery clusters.
 // [#extension: envoy.clusters.dns]
 
 // [#next-free-field: 10]
@@ -84,6 +84,7 @@ message DnsCluster {
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.common.dns.v3.DnsLookupFamily.AUTO>`.
   common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
-  // If true, perform logical DNS resolution. Otherwise, perform strict DNS resolution.
+  // If true, perform :ref:`logical DNS discovery <arch_overview_service_discovery_types_logical_dns>`.
+  // Otherwise, :ref:`strict DNS discovery <arch_overview_service_discovery_types_strict_dns>`
   bool logical = 9;
 }

From aeb3302318f6e0e500b5398098caef243f2d91ea Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Mon, 16 Dec 2024 16:54:25 -0500
Subject: [PATCH 41/46] second merge

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../clusters/logical_dns/logical_dns_cluster_test.cc         | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index f58695155308..cc6992abdb21 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -108,7 +108,10 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
             membership_updated_.ready();
             return absl::OkStatus();
           });
-      cluster_->initialize([&]() -> void { initialized_.ready(); });
+      cluster_->initialize([&]() -> void {
+        initialized_.ready();
+        return absl::OkStatus();
+      });
     } else {
       // the Event::MockTimer constructor creates EXPECT_CALL for the dispatcher.
       // If we want cluster creation to fail, there won't be a cluster to create the timer,

From 0b816c6e5c4c9176b31721bf1e9e3ac4dc31c842 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 17 Dec 2024 10:51:13 -0500
Subject: [PATCH 42/46] third merge

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../extensions/clusters/logical_dns/logical_dns_cluster_test.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index cc6992abdb21..818380bdd31e 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -108,7 +108,7 @@ class LogicalDnsClusterTest : public Event::TestUsingSimulatedTime, public testi
             membership_updated_.ready();
             return absl::OkStatus();
           });
-      cluster_->initialize([&]() -> void {
+      cluster_->initialize([&]() {
         initialized_.ready();
         return absl::OkStatus();
       });

From 2a7832ff2ef7344874e9aa2e7dc43ca802b3d5c6 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 17 Dec 2024 17:56:06 -0500
Subject: [PATCH 43/46] update logical dns api

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto |  2 +-
 source/extensions/clusters/dns/dns_cluster.cc          |  2 +-
 .../clusters/logical_dns/logical_dns_cluster_test.cc   | 10 +++++-----
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index 92be4350865c..f08e7a368395 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -86,5 +86,5 @@ message DnsCluster {
 
   // If true, perform :ref:`logical DNS discovery <arch_overview_service_discovery_types_logical_dns>`.
   // Otherwise, :ref:`strict DNS discovery <arch_overview_service_discovery_types_strict_dns>`
-  bool logical = 9;
+  bool all_addresses_in_single_endpoint = 9;
 }
diff --git a/source/extensions/clusters/dns/dns_cluster.cc b/source/extensions/clusters/dns/dns_cluster.cc
index 101befe9fcaa..7aa22aa3a464 100644
--- a/source/extensions/clusters/dns/dns_cluster.cc
+++ b/source/extensions/clusters/dns/dns_cluster.cc
@@ -35,7 +35,7 @@ DnsClusterFactory::createClusterWithConfig(
   }
   RETURN_IF_NOT_OK(dns_resolver_or_error.status());
   absl::StatusOr<std::unique_ptr<ClusterImplBase>> cluster_or_error;
-  if (proto_config.logical()) {
+  if (proto_config.all_addresses_in_single_endpoint()) {
     cluster_or_error = LogicalDnsCluster::create(cluster, proto_config, context,
                                                  std::move(*dns_resolver_or_error));
   } else {
diff --git a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
index 818380bdd31e..3fe6aa112d41 100644
--- a/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
+++ b/test/extensions/clusters/logical_dns/logical_dns_cluster_test.cc
@@ -479,7 +479,7 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
     typed_config:
       "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
       dns_refresh_rate: 4s
-      logical: true
+      all_addresses_in_single_endpoint: true
       dns_lookup_family: V4_ONLY
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
@@ -545,7 +545,7 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
       typed_config:
         "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
         dns_refresh_rate: 4s
-        logical: true
+        all_addresses_in_single_endpoint: true
     connect_timeout: 0.25s
     lb_policy: ROUND_ROBIN
     dns_lookup_family: V4_ONLY
@@ -614,7 +614,7 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
         "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
         dns_lookup_family: V4_ONLY
         dns_refresh_rate: 4s
-        logical: true
+        all_addresses_in_single_endpoint: true
     connect_timeout: 0.25s
     lb_policy: ROUND_ROBIN
     load_assignment:
@@ -674,7 +674,7 @@ TEST_F(LogicalDnsClusterTest, BadConfig) {
         "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
         dns_lookup_family: V4_ONLY
         dns_refresh_rate: 4s
-        logical: true
+        all_addresses_in_single_endpoint: true
     connect_timeout: 0.25s
     lb_policy: ROUND_ROBIN
     load_assignment:
@@ -705,7 +705,7 @@ TEST_F(LogicalDnsClusterTest, UseDnsExtension) {
       "@type": type.googleapis.com/envoy.extensions.clusters.dns.v3.DnsCluster
       dns_refresh_rate: 4s
       dns_lookup_family: V4_ONLY
-      logical: true
+      all_addresses_in_single_endpoint: true
   connect_timeout: 0.25s
   lb_policy: ROUND_ROBIN
   # Since the following expectResolve() requires Network::DnsLookupFamily::V4Only we need to set

From 9b7927c9eaf8a85b43b02970210041c7acad3f7e Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 17 Dec 2024 19:25:17 -0500
Subject: [PATCH 44/46] forgot one!

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 .../extensions/clusters/common/logical_host_integration_test.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/extensions/clusters/common/logical_host_integration_test.cc b/test/extensions/clusters/common/logical_host_integration_test.cc
index 1154aa620488..003c8a17fb3b 100644
--- a/test/extensions/clusters/common/logical_host_integration_test.cc
+++ b/test/extensions/clusters/common/logical_host_integration_test.cc
@@ -91,7 +91,7 @@ TEST_P(LogicalHostIntegrationTest, LogicalDNSRaceCrashTest) {
     envoy::extensions::clusters::dns::v3::DnsCluster dns_cluster{};
     // Make the refresh rate fast to hit the R/W race.
     dns_cluster.mutable_dns_refresh_rate()->set_nanos(1000001);
-    dns_cluster.set_logical(true);
+    dns_cluster.set_all_addresses_in_single_endpoint(true);
     cluster.mutable_cluster_type()->mutable_typed_config()->PackFrom(dns_cluster);
   });
   config_helper_.addConfigModifier(

From 3078d7c6cc32fbb775764986c2987b0e58af5338 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Tue, 17 Dec 2024 20:03:10 -0500
Subject: [PATCH 45/46] last one please

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 test/common/upstream/upstream_impl_test.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/common/upstream/upstream_impl_test.cc b/test/common/upstream/upstream_impl_test.cc
index 277aa3edf853..d0afc6a2334f 100644
--- a/test/common/upstream/upstream_impl_test.cc
+++ b/test/common/upstream/upstream_impl_test.cc
@@ -1521,7 +1521,7 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfig2) {
         dns_refresh_rate: 4s
         dns_jitter: 0s
         respect_dns_ttl: true
-        logical: false
+        all_addresses_in_single_endpoint: false
     lb_policy: ROUND_ROBIN
     load_assignment:
         endpoints:
@@ -1565,7 +1565,7 @@ TEST_F(StrictDnsClusterImplTest, ClusterTypeConfigTypedDnsResolverConfig) {
         dns_refresh_rate: 4s
         dns_jitter: 0s
         respect_dns_ttl: true
-        logical: false
+        all_addresses_in_single_endpoint: false
         typed_dns_resolver_config:
           name: envoy.network.dns_resolver.cares
           typed_config:

From e31a09b063bcc368c3baf5dc9ca85ef7c9be6a58 Mon Sep 17 00:00:00 2001
From: Steven Jin Xuan <sjinxuan@microsoft.com>
Date: Wed, 18 Dec 2024 14:12:12 -0500
Subject: [PATCH 46/46] API docs clarification

Signed-off-by: Steven Jin Xuan <sjinxuan@microsoft.com>
---
 api/envoy/extensions/clusters/dns/v3/dns_cluster.proto | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
index f08e7a368395..4266541e67b8 100644
--- a/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
+++ b/api/envoy/extensions/clusters/dns/v3/dns_cluster.proto
@@ -84,7 +84,9 @@ message DnsCluster {
   // :ref:`AUTO<envoy_v3_api_enum_value_extensions.clusters.common.dns.v3.DnsLookupFamily.AUTO>`.
   common.dns.v3.DnsLookupFamily dns_lookup_family = 8;
 
-  // If true, perform :ref:`logical DNS discovery <arch_overview_service_discovery_types_logical_dns>`.
-  // Otherwise, :ref:`strict DNS discovery <arch_overview_service_discovery_types_strict_dns>`
+  // If true, all returned addresses are considered to be associated with a single endpoint,
+  // which maps to :ref:`logical DNS discovery <arch_overview_service_discovery_types_logical_dns>`
+  // semantics. Otherwise, each address is considered to be a separate endpoint, which maps to
+  // :ref:`strict DNS discovery <arch_overview_service_discovery_types_strict_dns>` semantics.
   bool all_addresses_in_single_endpoint = 9;
 }