Skip to content

Commit

Permalink
Add opts to services_dhcpv6.php and services_router_advertisements.php
Browse files Browse the repository at this point in the history 
Adds config options to disable pushing DNS server options to dhcp6
clients via dhcpd or radvd. Fixes an issue when using split-horizon
DNS with dnsmasq via `localise-queries` option since that supports
IPv4 only.

Somewhat related discussion:
https://redmine.pfsense.org/issues/9302
  • Loading branch information
@luckman212
luckman212 committed Dec 13, 2019
1 parent b16c3a1 commit e26ad76
Show file tree
Hide file tree
Showing 3 changed files with 89 additions and 63 deletions.
132 changes: 70 additions & 62 deletions src/etc/inc/services.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,51 +249,53 @@ function services_radvd_configure($blacklist = array()) {
$radvdconf .= "\t};\n";

/* add DNS servers */
$dnslist = array();
if (isset($dhcpv6ifconf['rasamednsasdhcp6']) && is_array($dhcpv6ifconf['dnsserver']) && !empty($dhcpv6ifconf['dnsserver'])) {
foreach ($dhcpv6ifconf['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
if (!isset($dhcpv6ifconf['disable-radvd-dns'])) {
$dnslist = array();
if (isset($dhcpv6ifconf['rasamednsasdhcp6']) && is_array($dhcpv6ifconf['dnsserver']) && !empty($dhcpv6ifconf['dnsserver'])) {
foreach ($dhcpv6ifconf['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
}
}
} elseif (!isset($dhcpv6ifconf['rasamednsasdhcp6']) && isset($dhcpv6ifconf['radnsserver']) && is_array($dhcpv6ifconf['radnsserver'])) {
foreach ($dhcpv6ifconf['radnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
}
}
} elseif (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
$dnslist[] = get_interface_ipv6($realif);
} elseif (is_array($config['system']['dnsserver']) && !empty($config['system']['dnsserver'])) {
foreach ($config['system']['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
}
}
}
} elseif (!isset($dhcpv6ifconf['rasamednsasdhcp6']) && isset($dhcpv6ifconf['radnsserver']) && is_array($dhcpv6ifconf['radnsserver'])) {
foreach ($dhcpv6ifconf['radnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
if (count($dnslist) > 0) {
$dnsstring = implode(" ", $dnslist);
if ($dnsstring <> "") {
$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
}
}
} elseif (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
$dnslist[] = get_interface_ipv6($realif);
} elseif (is_array($config['system']['dnsserver']) && !empty($config['system']['dnsserver'])) {
foreach ($config['system']['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;

$searchlist = array();
$domainsearchlist = explode(';', $dhcpv6ifconf['radomainsearchlist']);
foreach ($domainsearchlist as $sd) {
$sd = trim($sd);
if (is_hostname($sd)) {
$searchlist[] = $sd;
}
}
}
if (count($dnslist) > 0) {
$dnsstring = implode(" ", $dnslist);
if ($dnsstring <> "") {
$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
if (count($searchlist) > 0) {
$searchliststring = trim(implode(" ", $searchlist));
}
}

$searchlist = array();
$domainsearchlist = explode(';', $dhcpv6ifconf['radomainsearchlist']);
foreach ($domainsearchlist as $sd) {
$sd = trim($sd);
if (is_hostname($sd)) {
$searchlist[] = $sd;
if (!empty($dhcpv6ifconf['domain'])) {
$radvdconf .= "\tDNSSL {$dhcpv6ifconf['domain']} {$searchliststring} { };\n";
} elseif (!empty($config['system']['domain'])) {
$radvdconf .= "\tDNSSL {$config['system']['domain']} {$searchliststring} { };\n";
}
}
if (count($searchlist) > 0) {
$searchliststring = trim(implode(" ", $searchlist));
}
if (!empty($dhcpv6ifconf['domain'])) {
$radvdconf .= "\tDNSSL {$dhcpv6ifconf['domain']} {$searchliststring} { };\n";
} elseif (!empty($config['system']['domain'])) {
$radvdconf .= "\tDNSSL {$config['system']['domain']} {$searchliststring} { };\n";
}
$radvdconf .= "};\n";
}

Expand Down Expand Up @@ -369,24 +371,26 @@ function services_radvd_configure($blacklist = array()) {
$radvdconf .= "\t};\n";

/* add DNS servers */
$dnslist = array();
if (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
$dnslist[] = $ifcfgipv6;
} elseif (is_array($config['system']['dnsserver']) && !empty($config['system']['dnsserver'])) {
foreach ($config['system']['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
if (!isset($dhcpv6ifconf['disable-radvd-dns'])) {
$dnslist = array();
if (isset($config['dnsmasq']['enable']) || isset($config['unbound']['enable'])) {
$dnslist[] = $ifcfgipv6;
} elseif (is_array($config['system']['dnsserver']) && !empty($config['system']['dnsserver'])) {
foreach ($config['system']['dnsserver'] as $server) {
if (is_ipaddrv6($server)) {
$dnslist[] = $server;
}
}
}
}
if (count($dnslist) > 0) {
$dnsstring = implode(" ", $dnslist);
if (!empty($dnsstring)) {
$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
if (count($dnslist) > 0) {
$dnsstring = implode(" ", $dnslist);
if (!empty($dnsstring)) {
$radvdconf .= "\tRDNSS {$dnsstring} { };\n";
}
}
if (!empty($config['system']['domain'])) {
$radvdconf .= "\tDNSSL {$config['system']['domain']} { };\n";
}
}
if (!empty($config['system']['domain'])) {
$radvdconf .= "\tDNSSL {$config['system']['domain']} { };\n";
}
$radvdconf .= "};\n";
}
Expand Down Expand Up @@ -1434,20 +1438,24 @@ EOD;
$dnscfgv6 .= " do-forward-updates false;\n";
}

if (is_array($dhcpv6ifconf['dnsserver']) && ($dhcpv6ifconf['dnsserver'][0])) {
$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dhcpv6ifconf['dnsserver']) . ";";
} else if (((isset($config['dnsmasq']['enable'])) || isset($config['unbound']['enable'])) && (is_ipaddrv6($ifcfgipv6))) {
$dnscfgv6 .= " option dhcp6.name-servers {$ifcfgipv6};";
} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
$dns_arrv6 = array();
if (!isset($dhcpv6ifconf['disable-dhcp6c-dns'])) {
if (is_array($dhcpv6ifconf['dnsserver']) && ($dhcpv6ifconf['dnsserver'][0])) {
$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dhcpv6ifconf['dnsserver']) . ";";
} else if (((isset($config['dnsmasq']['enable'])) || isset($config['unbound']['enable'])) && (is_ipaddrv6($ifcfgipv6))) {
$dnscfgv6 .= " option dhcp6.name-servers {$ifcfgipv6};";
} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
$dns_arrv6 = array();
foreach ($syscfg['dnsserver'] as $dnsserver) {
if (is_ipaddrv6($dnsserver)) {
$dns_arrv6[] = $dnsserver;
if (is_ipaddrv6($dnsserver)) {
$dns_arrv6[] = $dnsserver;
}
}
if (!empty($dns_arrv6)) {
$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dns_arrv6) . ";";
}
}
if (!empty($dns_arrv6)) {
$dnscfgv6 .= " option dhcp6.name-servers " . join(",", $dns_arrv6) . ";";
}
} else {
$dnscfgv6 .= " #option dhcp6.name-servers --;";
}

if (!is_ipaddrv6($ifcfgipv6)) {
Expand Down
10 changes: 9 additions & 1 deletion src/usr/local/www/services_dhcpv6.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,7 @@ function dhcpv6_apply_changes($dhcpdv6_enable_changed) {
$pconfig['domainsearchlist'] = $config['dhcpdv6'][$if]['domainsearchlist'];
list($pconfig['wins1'], $pconfig['wins2']) = $config['dhcpdv6'][$if]['winsserver'];
list($pconfig['dns1'], $pconfig['dns2'], $pconfig['dns3'], $pconfig['dns4']) = $config['dhcpdv6'][$if]['dnsserver'];
$pconfig['disable-dhcp6c-dns'] = $config['dhcpdv6'][$if]['disable-dhcp6c-dns'];
$pconfig['enable'] = isset($config['dhcpdv6'][$if]['enable']);
$pconfig['ddnsdomain'] = $config['dhcpdv6'][$if]['ddnsdomain'];
$pconfig['ddnsdomainprimary'] = $config['dhcpdv6'][$if]['ddnsdomainprimary'];
Expand Down Expand Up @@ -441,7 +442,7 @@ function dhcpv6_apply_changes($dhcpdv6_enable_changed) {
if ($_POST['dns4']) {
$config['dhcpdv6'][$if]['dnsserver'][] = $_POST['dns4'];
}

$config['dhcpdv6'][$if]['disable-dhcp6c-dns'] = ($_POST['disable-dhcp6c-dns']) ? true : false;
$config['dhcpdv6'][$if]['domain'] = $_POST['domain'];
$config['dhcpdv6'][$if]['domainsearchlist'] = $_POST['domainsearchlist'];
$config['dhcpdv6'][$if]['enable'] = ($_POST['enable']) ? true : false;
Expand Down Expand Up @@ -707,6 +708,13 @@ function dhcpv6_apply_changes($dhcpdv6_enable_changed) {

$group->setHelp('Leave blank to use the system default DNS servers, this interface\'s IP if DNS forwarder is enabled, or the servers configured on the "General" page.');
$section->add($group);
$section->addInput(new Form_Checkbox(
'disable-dhcp6c-dns',
null,
'Do NOT provide DNS servers to DHCPv6 clients',
$pconfig['disable-dhcp6c-dns']
))->setHelp('Checking this box disables the dhcp6.name-servers option in /var/dhcpd/etc/dhcpdv6.conf. ' .
'Use with caution, as the resulting behavior may violate some RFCs.');

$section->addInput(new Form_Input(
'domain',
Expand Down
10 changes: 10 additions & 0 deletions src/usr/local/www/services_router_advertisements.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@

$pconfig['radomainsearchlist'] = $config['dhcpdv6'][$if]['radomainsearchlist'];
list($pconfig['radns1'], $pconfig['radns2'], $pconfig['radns3']) = $config['dhcpdv6'][$if]['radnsserver'];
$pconfig['disable-radvd-dns'] = isset($config['dhcpdv6'][$if]['disable-radvd-dns']);
$pconfig['rasamednsasdhcp6'] = isset($config['dhcpdv6'][$if]['rasamednsasdhcp6']);

$pconfig['subnets'] = $config['dhcpdv6'][$if]['subnets']['item'];
Expand Down Expand Up @@ -227,6 +228,7 @@
$config['dhcpdv6'][$if]['radnsserver'][] = $_POST['radns3'];
}

$config['dhcpdv6'][$if]['disable-radvd-dns'] = ($_POST['disable-radvd-dns']) ? true : false;
$config['dhcpdv6'][$if]['rasamednsasdhcp6'] = ($_POST['rasamednsasdhcp6']) ? true : false;

if (count($pconfig['subnets'])) {
Expand Down Expand Up @@ -453,6 +455,14 @@
$pconfig['radomainsearchlist']
))->setHelp('The RA server can optionally provide a domain search list. Use the semicolon character as separator.');

$section->addInput(new Form_Checkbox(
'disable-radvd-dns',
null,
'Do NOT provide DNS configuration via radvd',
$pconfig['disable-radvd-dns']
))->setHelp('Checking this box disables the RDNSS/DNSSL options in /usr/local/etc/radvd.conf. ' .
'Use with caution, as the resulting behavior may violate some RFCs.');

$section->addInput(new Form_Checkbox(
'rasamednsasdhcp6',
'Settings',
Expand Down

0 comments on commit e26ad76

Please sign in to comment.