diff options
| -rw-r--r-- | data/templates/dns-forwarding/recursor.conf.tmpl | 4 | ||||
| -rw-r--r-- | interface-definitions/dns-forwarding.xml.in | 21 | ||||
| -rwxr-xr-x | src/conf_mode/dns_forwarding.py | 16 |
3 files changed, 39 insertions, 2 deletions
diff --git a/data/templates/dns-forwarding/recursor.conf.tmpl b/data/templates/dns-forwarding/recursor.conf.tmpl index b0ae3cc61..8799718b0 100644 --- a/data/templates/dns-forwarding/recursor.conf.tmpl +++ b/data/templates/dns-forwarding/recursor.conf.tmpl @@ -10,8 +10,8 @@ threads=1 allow-from={{ allow_from | join(',') }} log-common-errors=yes non-local-bind=yes -query-local-address=0.0.0.0 -query-local-address6=:: +query-local-address={{ source_address_v4 | join(',') }} +query-local-address6={{ source_address_v6 | join(',') }} lua-config-file=recursor.conf.lua # cache-size diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in index 07e63d54a..62fb8b946 100644 --- a/interface-definitions/dns-forwarding.xml.in +++ b/interface-definitions/dns-forwarding.xml.in @@ -177,6 +177,27 @@ </constraint> </properties> </leafNode> + <leafNode name="source-address"> + <properties> + <help>Local addresses from which to send DNS queries. + If unspecified, the querier will use any available address on + the outbound interface.</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address from which to send traffic</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address from which to send traffic</description> + </valueHelp> + <multi/> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + </constraint> + </properties> + <defaultValue>0.0.0.0 ::</defaultValue> + </leafNode> <leafNode name="system"> <properties> <help>Use system name servers</help> diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py index 5101c1e79..2187b3c73 100755 --- a/src/conf_mode/dns_forwarding.py +++ b/src/conf_mode/dns_forwarding.py @@ -26,6 +26,7 @@ from vyos.util import chown from vyos.util import vyos_dict_search from vyos.template import render from vyos.xml import defaults +from vyos.validate import is_ipv6 from vyos import ConfigError from vyos import airbag @@ -65,6 +66,21 @@ def get_config(config=None): if conf.exists(base_nameservers_dhcp): dns.update({'system_name_server_dhcp': conf.return_values(base_nameservers_dhcp)}) + # Split the source_address property into separate IPv4 and IPv6 lists + # NOTE: In future versions of pdns-recursor (> 4.4.0), this logic can be removed + # as both IPv4 and IPv6 addresses can be specified in a single setting. + source_address_v4 = [] + source_address_v6 = [] + + for source_address in dns['source_address']: + if is_ipv6(source_address): + source_address_v6.append(source_address) + else: + source_address_v4.append(source_address) + + dns.update({'source_address_v4': source_address_v4}) + dns.update({'source_address_v6': source_address_v6}) + return dns def verify(dns): |