Change the ECS prefix length from /48 to /56 for IPv6, per RFC 7871

Readme.md

@@ -85,7 +85,7 @@ records.
 ## EDNS0-Client-Subnet (GeoDNS)
 
 DNS-over-HTTPS supports EDNS0-Client-Subnet protocol, which submits part of the
-client's IP address (/24 for IPv4, /48 for IPv6 by default) to the upstream
+client's IP address (/24 for IPv4, /56 for IPv6 by default) to the upstream
 server. This is useful for GeoDNS and CDNs to work, and is exactly the same
 configuration as most public DNS servers.
 
@@ -121,7 +121,7 @@ Currently supported features are:
 
 - [X] IPv4 / IPv6
 - [X] EDNS0 large UDP packet (4 KiB by default)
-- [X] EDNS0-Client-Subnet (/24 for IPv4, /48 for IPv6 by default)
+- [X] EDNS0-Client-Subnet (/24 for IPv4, /56 for IPv6 by default)
 
 ## The name of the project
 

doh-client/client.go

@@ -259,7 +259,7 @@ func (c *Client) tcpHandlerFunc(w dns.ResponseWriter, r *dns.Msg) {
 
 var (
 	ipv4Mask24 = net.IPMask{255, 255, 255, 0}
-	ipv6Mask48 = net.CIDRMask(48, 128)
+	ipv6Mask56 = net.CIDRMask(56, 128)
 )
 
 func (c *Client) findClientIP(w dns.ResponseWriter, r *dns.Msg) (ednsClientAddress net.IP, ednsClientNetmask uint8) {
@@ -286,8 +286,8 @@ func (c *Client) findClientIP(w dns.ResponseWriter, r *dns.Msg) (ednsClientAddre
 			ednsClientAddress = ipv4.Mask(ipv4Mask24)
 			ednsClientNetmask = 24
 		} else {
-			ednsClientAddress = ip.Mask(ipv6Mask48)
-			ednsClientNetmask = 48
+			ednsClientAddress = ip.Mask(ipv6Mask56)
+			ednsClientNetmask = 56
 		}
 	}
 	return

doh-client/doh-client.conf

@@ -72,7 +72,7 @@ no_cookies = true
 # Disable EDNS0-Client-Subnet (ECS)
 #
 # DNS-over-HTTPS supports EDNS0-Client-Subnet protocol, which submits part of
-# the client's IP address (/24 for IPv4, /48 for IPv6 by default) to the
+# the client's IP address (/24 for IPv4, /56 for IPv6 by default) to the
 # upstream server. This is useful for GeoDNS and CDNs to work, and is exactly
 # the same configuration as most public DNS servers.
 no_ecs = false

doh-client/ietf.go

@@ -96,7 +96,7 @@ func (c *Client) generateRequestIETF(w dns.ResponseWriter, r *dns.Msg, isTCP boo
 				ednsClientNetmask = 24
 			} else {
 				ednsClientFamily = 2
-				ednsClientNetmask = 48
+				ednsClientNetmask = 56
 			}
 			edns0Subnet = new(dns.EDNS0_SUBNET)
 			edns0Subnet.Code = dns.EDNS0SUBNET

doh-server/google.go

@@ -104,7 +104,7 @@ func (s *Server) parseRequestGoogle(w http.ResponseWriter, r *http.Request) *DNS
 				ednsClientNetmask = 24
 			} else {
 				ednsClientFamily = 2
-				ednsClientNetmask = 48
+				ednsClientNetmask = 56
 			}
 		} else {
 			ednsClientAddress = net.ParseIP(ednsClientSubnet[:slash])
@@ -139,7 +139,7 @@ func (s *Server) parseRequestGoogle(w http.ResponseWriter, r *http.Request) *DNS
 			ednsClientNetmask = 24
 		} else {
 			ednsClientFamily = 2
-			ednsClientNetmask = 48
+			ednsClientNetmask = 56
 		}
 	}
 

doh-server/ietf.go

@@ -126,7 +126,7 @@ func (s *Server) parseRequestIETF(w http.ResponseWriter, r *http.Request) *DNSRe
 				ednsClientNetmask = 24
 			} else {
 				ednsClientFamily = 2
-				ednsClientNetmask = 48
+				ednsClientNetmask = 56
 			}
 			edns0Subnet = new(dns.EDNS0_SUBNET)
 			edns0Subnet.Code = dns.EDNS0SUBNET

json-dns/unmarshal.go

@@ -119,7 +119,7 @@ func Unmarshal(msg *dns.Msg, resp *Response, udpSize uint16, ednsClientNetmask u
 			if ednsClientFamily == 1 {
 				ednsClientNetmask = 24
 			} else {
-				ednsClientNetmask = 48
+				ednsClientNetmask = 56
 			}
 		}
 		edns0Subnet := new(dns.EDNS0_SUBNET)