summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/templates/dns-forwarding/recursor.conf.tmpl4
-rw-r--r--interface-definitions/dns-forwarding.xml.in21
-rwxr-xr-xsrc/conf_mode/dns_forwarding.py16
3 files changed, 39 insertions, 2 deletions
diff --git a/data/templates/dns-forwarding/recursor.conf.tmpl b/data/templates/dns-forwarding/recursor.conf.tmpl
index b0ae3cc61..8799718b0 100644
--- a/data/templates/dns-forwarding/recursor.conf.tmpl
+++ b/data/templates/dns-forwarding/recursor.conf.tmpl
@@ -10,8 +10,8 @@ threads=1
allow-from={{ allow_from | join(',') }}
log-common-errors=yes
non-local-bind=yes
-query-local-address=0.0.0.0
-query-local-address6=::
+query-local-address={{ source_address_v4 | join(',') }}
+query-local-address6={{ source_address_v6 | join(',') }}
lua-config-file=recursor.conf.lua
# cache-size
diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in
index c519676f3..ad6eb2463 100644
--- a/interface-definitions/dns-forwarding.xml.in
+++ b/interface-definitions/dns-forwarding.xml.in
@@ -160,6 +160,27 @@
</constraint>
</properties>
</leafNode>
+ <leafNode name="source-address">
+ <properties>
+ <help>Local addresses from which to send DNS queries.
+ If unspecified, the querier will use any available address on
+ the outbound interface.</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 address from which to send traffic</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 address from which to send traffic</description>
+ </valueHelp>
+ <multi/>
+ <constraint>
+ <validator name="ipv4-address"/>
+ <validator name="ipv6-address"/>
+ </constraint>
+ </properties>
+ <defaultValue>0.0.0.0 ::</defaultValue>
+ </leafNode>
<leafNode name="system">
<properties>
<help>Use system name servers</help>
diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py
index 5101c1e79..2187b3c73 100755
--- a/src/conf_mode/dns_forwarding.py
+++ b/src/conf_mode/dns_forwarding.py
@@ -26,6 +26,7 @@ from vyos.util import chown
from vyos.util import vyos_dict_search
from vyos.template import render
from vyos.xml import defaults
+from vyos.validate import is_ipv6
from vyos import ConfigError
from vyos import airbag
@@ -65,6 +66,21 @@ def get_config(config=None):
if conf.exists(base_nameservers_dhcp):
dns.update({'system_name_server_dhcp': conf.return_values(base_nameservers_dhcp)})
+ # Split the source_address property into separate IPv4 and IPv6 lists
+ # NOTE: In future versions of pdns-recursor (> 4.4.0), this logic can be removed
+ # as both IPv4 and IPv6 addresses can be specified in a single setting.
+ source_address_v4 = []
+ source_address_v6 = []
+
+ for source_address in dns['source_address']:
+ if is_ipv6(source_address):
+ source_address_v6.append(source_address)
+ else:
+ source_address_v4.append(source_address)
+
+ dns.update({'source_address_v4': source_address_v4})
+ dns.update({'source_address_v6': source_address_v6})
+
return dns
def verify(dns):