From 199ceb1f0a820c838dea6862371a3121b3d9f3a9 Mon Sep 17 00:00:00 2001
From: fvlaicu <19238716+fvlaicu@users.noreply.github.com>
Date: Sat, 6 Jan 2024 14:02:11 +0200
Subject: dns: T5900: add dont-throttle-netmasks and serve-stale-extensions
powerdns features
---
data/templates/dns-forwarding/recursor.conf.j2 | 10 ++++++
.../service_dns_forwarding.xml.in | 41 ++++++++++++++++++++++
.../scripts/cli/test_service_dns_forwarding.py | 38 ++++++++++++++++++++
3 files changed, 89 insertions(+)
diff --git a/data/templates/dns-forwarding/recursor.conf.j2 b/data/templates/dns-forwarding/recursor.conf.j2
index ea700406c..deeb250f0 100644
--- a/data/templates/dns-forwarding/recursor.conf.j2
+++ b/data/templates/dns-forwarding/recursor.conf.j2
@@ -40,6 +40,16 @@ dnssec={{ dnssec }}
dns64-prefix={{ dns64_prefix }}
{% endif %}
+{% if dont_throttle_netmasks is vyos_defined %}
+# dont-throttle-netmasks
+dont-throttle-netmasks={{ exclude_throttle_address | join(',') }}
+{% endif %}
+
+{% if serve_stale_extensions is vyos_defined %}
+# serve-stale-extensions
+serve-stale-extensions={{ serve_stale_extension }}
+{% endif %}
+
# serve rfc1918 records
serve-rfc1918={{ 'no' if no_serve_rfc1918 is vyos_defined else 'yes' }}
diff --git a/interface-definitions/service_dns_forwarding.xml.in b/interface-definitions/service_dns_forwarding.xml.in
index 7dce9b548..0f8863438 100644
--- a/interface-definitions/service_dns_forwarding.xml.in
+++ b/interface-definitions/service_dns_forwarding.xml.in
@@ -670,6 +670,19 @@
3600
+
+
+ Number of times the expired TTL of a record is extended by 30 seconds when serving stale
+
+ u32:0-65535
+ Number of times to extend the TTL
+
+
+
+
+
+ 0
+
Number of milliseconds to wait for a remote authoritative server to respond
@@ -694,6 +707,34 @@
+
+
+ IP address or subnet
+
+ ipv4
+ IPv4 address to match
+
+
+ ipv4net
+ IPv4 prefix to match
+
+
+ ipv6
+ IPv6 address
+
+
+ ipv6net
+ IPv6 address
+
+
+
+
+
+
+
+
+
+
diff --git a/smoketest/scripts/cli/test_service_dns_forwarding.py b/smoketest/scripts/cli/test_service_dns_forwarding.py
index bc50a4ffe..4f2f182e5 100755
--- a/smoketest/scripts/cli/test_service_dns_forwarding.py
+++ b/smoketest/scripts/cli/test_service_dns_forwarding.py
@@ -239,6 +239,44 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase):
tmp = get_config_value('dns64-prefix')
self.assertEqual(tmp, dns_prefix)
+ def test_exclude_throttle_adress(self):
+ exclude_throttle_adress_examples = [
+ '192.168.128.255',
+ '10.0.0.0/25',
+ '2001:db8:85a3:8d3:1319:8a2e:370:7348',
+ '64:ff9b::/96'
+ ]
+
+ for network in allow_from:
+ self.cli_set(base_path + ['allow-from', network])
+ for address in listen_adress:
+ self.cli_set(base_path + ['listen-address', address])
+
+ for exclude_throttle_adress in exclude_throttle_adress_examples:
+ self.cli_set(base_path + ['exclude-throttle-address', exclude_throttle_adress])
+
+ # commit changes
+ self.cli_commit()
+
+ # verify dont-throttle-netmasks configuration
+ tmp = get_config_value('exclude-throttle-address')
+ self.assertEqual(tmp, ','.join(exclude_throttle_adress_examples))
+
+ def test_serve_stale_extension(self):
+ for network in allow_from:
+ self.cli_set(base_path + ['allow-from', network])
+ for address in listen_adress:
+ self.cli_set(base_path + ['listen-address', address])
+
+ self.cli_set(base_path + ['serve-stale-extension', '20'])
+
+ # commit changes
+ self.cli_commit()
+
+ # verify configuration
+ tmp = get_config_value('serve-stale-extension')
+ self.assertEqual(tmp, '20')
+
def test_listening_port(self):
# We can listen on a different port compared to '53' but only one at a time
for port in ['1053', '5353']:
--
cgit v1.2.3