Page MenuHomePhabricator

DNS Forwarding server does not allow IPv6 address in name-server
Closed, ResolvedPublic

Description

When setting up the DNS Forwarding service, I was not allowed to put an IPv6 address for the name-server.

I had to work around the problem by dropping back to an IPv4 address for the name-server:

dns {

forwarding {
    cache-size 1000
    domain localdomain {
        server 127.0.0.1
    }
    listen-on lo
    listen-on eth1.5
    listen-on eth1.2
    listen-on eth0
    name-server 8.8.8.8
    name-server 8.8.4.4
}

}

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
dsummers created this task.Apr 8 2017, 4:00 PM
syncer triaged this task as Low priority.Aug 1 2017, 3:11 AM
syncer changed the edit policy from "Task Author" to "Custom Policy".
syncer added a project: VyOS 1.2.x.
syncer set Version to -.
syncer edited subscribers, added: Community, Core Community, Maintainers; removed: dsummers.

Extended IPv6 support will be addressed in 1.2

syncer removed syncer as the assignee of this task.Nov 3 2017, 12:42 PM
syncer added a subscriber: syncer.
c-po added a subscriber: c-po.EditedDec 27 2017, 11:03 PM

DNS forwarding is done via dnsmasq.

The following configuration snipped

dns {
    forwarding {
        listen-on eth0
        name-server 9.9.9.9
        name-server 8.8.8.8
    }
}

will produce:

cpo@CR1# cat /etc/dnsmasq.conf
#
# autogenerated by vyatta-dns-forwarding.pl on Thu Dec 28 00:05:31 CET 2017
#
log-facility=/var/log/dnsmasq.log
no-poll
edns-packet-max=4096
interface=eth0
cache-size=150
server=9.9.9.9  # statically configured
server=8.8.8.8  # statically configured
resolv-file=/etc/resolv.conf
c-po moved this task from Need Triage to In Progress on the VyOS 1.2.x board.Dec 27 2017, 11:09 PM
c-po claimed this task.Dec 27 2017, 11:41 PM
c-po changed the task status from Open to In progress.
c-po added a subscriber: dsummers.Dec 27 2017, 11:43 PM

Implemented in https://github.com/vyos/vyatta-cfg-system/commit/c5e11462769bea9769335944f0f8a8f5411d027e

set service dns forwarding cache-size '150'
set service dns forwarding listen-on 'eth0'
set service dns forwarding name-server '8.8.8.8'
set service dns forwarding name-server '9.9.9.9'
set service dns forwarding name-server '2001:4860:4860::8888'
set service dns forwarding name-server '2001:4860:4860::8844'

Now generates:

#
# autogenerated by vyatta-dns-forwarding.pl on Thu Dec 28 00:38:56 CET 2017
#
log-facility=/var/log/dnsmasq.log
no-poll
edns-packet-max=4096
interface=eth0
cache-size=150
server=8.8.8.8  # statically configured
server=9.9.9.9  # statically configured
server=2001:4860:4860::8888     # statically configured
server=2001:4860:4860::8844     # statically configured
resolv-file=/etc/resolv.conf

@dsummers can you please recheck latest ISO? I don't have IPv6 connectivity yet.

c-po moved this task from In Progress to Finished on the VyOS 1.2.x board.Dec 27 2017, 11:44 PM

Sorry, I just now came across this fixed issue by random chance.

I'll check it out here in the next day or so and report back.

Thanks!

dsummers added a comment.EditedFeb 11 2018, 2:44 AM

I tested with vyos.999.201802100337 and the original problem is solved.....However....

I could put IPv6 IP addresses in to the
service dns forwarding nameserver
option.

However, I also found another similar problem:

I tried putting
service {

 dns {
        forwarding {
                cache-size 1000
                domain localdomain {
                         server ::1  <-- instead of 127.0.0.1
                }
                listen-on lo
                nameserver 1234:1::1
                nameserver 5678:2::2
           }
}

}

It took the nameserver entries but didn't take the ::1 on the "server" entry line.

Might this be considered part of the same bug or should I create another bug for this?

Thanks!

c-po added a comment.Feb 11 2018, 7:46 AM

This is a new bug, please file it and I‘ll try to look into it. Thanks.

c-po added a comment.Feb 25 2018, 11:51 AM

See T546 ("service dns forwarding doman localdomain server" entry doesn't allow IPv6 address). This one is resolved.

c-po closed this task as Resolved.Feb 25 2018, 11:52 AM