diff options
author | Geoff Adams <gadams@avernus.com> | 2018-11-08 11:34:47 -0800 |
---|---|---|
committer | Geoff Adams <gadams@avernus.com> | 2018-11-08 14:44:28 -0800 |
commit | 5d2e36da657fd2e15f9dc8d5588b06478bd3d55c (patch) | |
tree | 0fb4ced50efa485925dd272d451185dbe1b1748d | |
parent | 0ca7de211398fca1b11618585c477233ab716a4f (diff) | |
download | vyos-1x-5d2e36da657fd2e15f9dc8d5588b06478bd3d55c.tar.gz vyos-1x-5d2e36da657fd2e15f9dc8d5588b06478bd3d55c.zip |
T978: Support PowerDNS Recursor outbound queries over IPv6.
This requires adding a query-local-address6 setting to enable outbound
IPv6 queries in general, and also formatting upstream nameserver IPv6
addresses in such a way that Recursor can parse them.
-rwxr-xr-x | src/conf_mode/dns_forwarding.py | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index 17788f12a..c21a91a30 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -39,6 +39,8 @@ threads=1 allow-from=0.0.0.0/0, ::/0 log-common-errors=yes non-local-bind=yes +query-local-address=0.0.0.0 +query-local-address6=:: # cache-size max-cache-entries={{ cache_size }} @@ -114,10 +116,10 @@ def get_config(): if conf.exists('domain'): for node in conf.list_nodes('domain'): - server = conf.return_values("domain {0} server".format(node)) + servers = conf.return_values("domain {0} server".format(node)) domain = { "name": node, - "servers": server + "servers": bracketize_ipv6_addrs(servers) } dns['domains'].append(domain) @@ -138,6 +140,8 @@ def get_config(): dns['name_servers'] = dns['name_servers'] + system_name_servers conf.set_level('service dns forwarding') + dns['name_servers'] = bracketize_ipv6_addrs(dns['name_servers']) + if conf.exists('listen-address'): dns['listen_on'] = conf.return_values('listen-address') @@ -193,6 +197,10 @@ def get_config(): return dns +def bracketize_ipv6_addrs(addrs): + """Wraps each IPv6 addr in addrs in [], leaving IPv4 addrs untouched.""" + return ['[{0}]'.format(a) if a.count(':') > 1 else a for a in addrs] + def verify(dns): # bail out early - looks like removal from running config if dns is None: |