From 1577dc53f144d8a7c4438ca98a574102bea14c6b Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Mon, 4 Jul 2022 18:16:06 +0000
Subject: dns: T4509: Add dns64-prefix option

rfc6147: DNS Extensions for Network Address Translation
         from IPv6 Clients to IPv4 Servers

set service dns forwarding dns64-prefix 2001:db8:aabb::/96

(cherry picked from commit 2bdf4798570222b57af2de2f0b443529abdc3feb)
---
 src/conf_mode/dns_forwarding.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/conf_mode/dns_forwarding.py')

diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py
index bc3821f61..997f839b2 100755
--- a/src/conf_mode/dns_forwarding.py
+++ b/src/conf_mode/dns_forwarding.py
@@ -83,6 +83,12 @@ def verify(dns):
             if 'server' not in dns['domain'][domain]:
                 raise ConfigError(f'No server configured for domain {domain}!')
 
+    if 'dns64_prefix' in dns:
+        dns_prefix = dns['dns64_prefix'].split('/')[1]
+        # RFC 6147 requires prefix /96
+        if int(dns_prefix) != 96:
+            raise ConfigError('DNS forwarding "dns64-prefix" must be /96')
+
     if 'system' in dns:
         if not 'system_name_server' in dns:
             print('Warning: No "system name-server" configured')
-- 
cgit v1.2.3


From 483389af5db8a2ac4d258280ba132240c6df19d4 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Thu, 7 Jul 2022 12:36:34 +0200
Subject: dns: T4509: improve 6to4 error message

(cherry picked from commit ee603b3a0f9f3add72c1e5ac2277c013d40cf5a4)
---
 src/conf_mode/dns_forwarding.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/conf_mode/dns_forwarding.py')

diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py
index 997f839b2..3f3a2e232 100755
--- a/src/conf_mode/dns_forwarding.py
+++ b/src/conf_mode/dns_forwarding.py
@@ -87,7 +87,7 @@ def verify(dns):
         dns_prefix = dns['dns64_prefix'].split('/')[1]
         # RFC 6147 requires prefix /96
         if int(dns_prefix) != 96:
-            raise ConfigError('DNS forwarding "dns64-prefix" must be /96')
+            raise ConfigError('DNS 6to4 prefix must be of length /96')
 
     if 'system' in dns:
         if not 'system_name_server' in dns:
-- 
cgit v1.2.3