summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2018-04-13 20:38:03 +0200
committerChristian Poessinger <christian@poessinger.com>2018-04-15 17:50:57 +0200
commit25a57a9f727f908e0027a598d56eaa6375ac5c25 (patch)
tree47c6b30eeaac4737575c098fee96b611768563f6
parenta03d1ee54e09983fa08e5b685eae26b895de16e3 (diff)
downloadvyos-1x-25a57a9f727f908e0027a598d56eaa6375ac5c25.tar.gz
vyos-1x-25a57a9f727f908e0027a598d56eaa6375ac5c25.zip
T560: dns-forwarding: replace dnsmasq with pdns-recursor
-rw-r--r--interface-definitions/dns-forwarding.xml9
-rwxr-xr-xsrc/conf-mode/vyos-config-dns-forwarding.py84
2 files changed, 58 insertions, 35 deletions
diff --git a/interface-definitions/dns-forwarding.xml b/interface-definitions/dns-forwarding.xml
index f1edec414..d56911c60 100644
--- a/interface-definitions/dns-forwarding.xml
+++ b/interface-definitions/dns-forwarding.xml
@@ -32,7 +32,6 @@
<tagNode name="domain">
<properties>
<help>DNS domain to forward to a local server</help>
- <type>txt</type>
</properties>
<children>
<leafNode name="server">
@@ -77,12 +76,8 @@
<format>ipv6</format>
<description>Domain Name Server (DNS) IPv6 address</description>
</valueHelp>
- <multi/>
- </properties>
- </leafNode>
- <leafNode name="query-all-servers">
- <properties>
- <help>Query all DNS servers, respond and cache fastest result</help>
+ <multi/>
+ <type>ipv4,ipv6</type>
</properties>
</leafNode>
<leafNode name="system">
diff --git a/src/conf-mode/vyos-config-dns-forwarding.py b/src/conf-mode/vyos-config-dns-forwarding.py
index 742e111cb..7a8aed75d 100755
--- a/src/conf-mode/vyos-config-dns-forwarding.py
+++ b/src/conf-mode/vyos-config-dns-forwarding.py
@@ -19,11 +19,12 @@
import sys
import os
import time
+import netifaces
from vyos.config import Config
from vyos.util import ConfigError
-config_file = r'/etc/dnsmasq.d/vyos.conf'
+config_file = r'/etc/powerdns/recursor.conf'
# borrowed from: https://github.com/donjajo/py-world/blob/master/resolvconfReader.py, THX!
def get_resolvers(file):
@@ -65,7 +66,7 @@ def get_config():
if conf.exists('domain'):
dns.setdefault('domain', [])
for node in conf.list_nodes('domain'):
- server = conf.return_value("domain {0} server".format(node))
+ server = conf.return_values("domain {0} server".format(node))
domain = {
"name": node,
"server": server
@@ -85,75 +86,102 @@ def get_config():
nameservers = conf.return_values('name-server')
dns.setdefault('name-server', nameservers)
- if conf.exists('query-all-servers'):
- dns.setdefault('query-all-servers', True)
-
if conf.exists('system'):
conf.set_level('system')
nameservers = []
nameservers = conf.return_values('name-server')
if len(nameservers) == 0:
print("DNS forwarding warning: No name-servers set under 'system name-server'\n")
- dns.setdefault('system-name-server', True)
+ else:
+ dns.setdefault('system-name-server', nameservers)
return dns
def verify(dns):
if len(dns) > 0:
if 'listen-on' not in dns.keys():
- raise ConfigError("Error: DNS forwarding requires a configured listen interface!")
+ raise ConfigError('Error: DNS forwarding requires a configured listen interface!')
+
+ for interface in dns['listen-on']:
+ try:
+ netifaces.ifaddresses(interface)[netifaces.AF_INET]
+ except KeyError as e:
+ raise ConfigError('Error: Interface {0} has no IP address assigned'.format(interface))
+
+ if 'domain' in dns.keys():
+ for domain in dns['domain']:
+ if len(domain['server']) == 0:
+ raise ConfigError('Error: No server configured for domain {0}'.format(domain['name']))
return None
def generate(dns):
config_header = '### Autogenerated by vyos-config-dns-forwarding.py on {tm} ###\n'.format(tm=time.strftime("%a, %d %b %Y %H:%M:%S", time.localtime()))
+ fwds = []
+ fwds_src = []
+
# write new configuration file
f = open(config_file, 'w')
f.write(config_header)
- f.write("log-facility=/var/log/dnsmasq.log\n")
- f.write("no-poll\n")
- f.write("edns-packet-max=4096\n")
- f.write("bind-interfaces\n")
+ f.write('daemon=yes\n')
+ f.write('threads=1\n')
+ f.write('allow-from=0.0.0.0/0\n')
+ f.write('log-common-errors=yes\n')
if 'listen-on' in dns.keys():
+ listen4 = []
+ listen6 = []
for interface in dns['listen-on']:
- f.write("interface={0}\n".format(interface))
+ addrs = netifaces.ifaddresses(interface)
+ for ip4 in addrs[netifaces.AF_INET]:
+ listen4.append(ip4['addr'])
+
+ for ip6 in addrs[netifaces.AF_INET6]:
+ listen6.append(ip6['addr'])
+
+ # build local-address string, example:
+ # local-address=172.16.37.240, 127.0.0.1, 172.16.254.35, 172.16.77.1, 2001:DB8::1:25, ::1
+ f.write('local-address=' + ', '.join(listen4) + ', ' + ', '.join(listen6) + '\n')
+
+ if 'cache-size' in dns.keys():
+ f.write("max-cache-entries={0}\n".format(dns['cache-size']))
if 'dhcp' in dns.keys():
for dhcp in dns['dhcp']:
- for resolver in dhcp['resolvers']:
- f.write("server={0}\t# dhcp {1}\n".format(resolver, dhcp['interface']))
+ fwds_src.append('DHCP: {0} ({1})'.format(dhcp['interface'], ', '.join(str(ns) for ns in dhcp['resolvers'])))
+ fwds.append(', '.join(str(ns) for ns in dhcp['resolvers']))
if 'domain' in dns.keys():
+ zones = []
for domain in dns['domain']:
- f.write("server=/{0}/{1}\t# domain-override\n".format(domain['name'], domain['server']))
-
- if 'cache-size' in dns.keys():
- f.write("cache-size={0}\n".format(dns['cache-size']))
+ zones.append('{0}={1}'.format(domain['name'], ';'.join(str(ns) for ns in domain['server'])))
+ f.write('forward-zones=' + ', '.join(zones) + '\n')
if 'ignore-hosts-file' in dns.keys():
- f.write("no-hosts\n")
+ f.write("export-etc-hosts=no\n")
if 'name-server' in dns.keys():
- for nameserver in dns['name-server']:
- f.write("server={0}\t# statically configured\n".format(nameserver))
-
- if 'query-all-servers' in dns.keys():
- f.write("all-servers\n")
+ fwds_src.append('statically configured: {0}'.format(', '.join(str(ns) for ns in dns['name-server'])))
+ fwds.append(', '.join(str(ns) for ns in dns['name-server']))
if 'system-name-server' in dns.keys():
- # Read the IP addresses of the upstream nameservers from /etc/resolv.conf
- f.write("resolv-file=/etc/resolv.conf\n")
+ fwds_src.append('system: {0}'.format(', '.join(str(ns) for ns in dns['system-name-server'])))
+ fwds.append(', '.join(str(ns) for ns in dns['system-name-server']))
+
+ if len(fwds) > 0:
+ f.write('\n')
+ f.write('# ' + '\n# '.join(fwds_src) + '\n')
+ f.write('forward-zones-recurse=.=' + '; '.join(fwds) + '\n')
f.close()
return None
def apply(dns):
if len(dns) == 0:
- cmd = "sudo systemctl stop dnsmasq"
+ cmd = "sudo systemctl stop pdns-recursor"
else:
- cmd = "sudo systemctl restart dnsmasq"
+ cmd = "sudo systemctl restart pdns-recursor"
os.system(cmd)
return None