From ffe55735522fceae542f79a70c3dbd191930092e Mon Sep 17 00:00:00 2001 From: Star Brilliant Date: Tue, 14 Aug 2018 09:06:13 +0800 Subject: [PATCH] Change the ECS prefix length from /48 to /56 for IPv6, per RFC 7871 --- Readme.md | 4 ++-- doh-client/client.go | 6 +++--- doh-client/doh-client.conf | 2 +- doh-client/ietf.go | 2 +- doh-server/google.go | 4 ++-- doh-server/ietf.go | 2 +- json-dns/unmarshal.go | 2 +- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/Readme.md b/Readme.md index 06ed17d..bb3f8db 100644 --- a/Readme.md +++ b/Readme.md @@ -85,7 +85,7 @@ records. ## EDNS0-Client-Subnet (GeoDNS) DNS-over-HTTPS supports EDNS0-Client-Subnet protocol, which submits part of the -client's IP address (/24 for IPv4, /48 for IPv6 by default) to the upstream +client's IP address (/24 for IPv4, /56 for IPv6 by default) to the upstream server. This is useful for GeoDNS and CDNs to work, and is exactly the same configuration as most public DNS servers. @@ -121,7 +121,7 @@ Currently supported features are: - [X] IPv4 / IPv6 - [X] EDNS0 large UDP packet (4 KiB by default) -- [X] EDNS0-Client-Subnet (/24 for IPv4, /48 for IPv6 by default) +- [X] EDNS0-Client-Subnet (/24 for IPv4, /56 for IPv6 by default) ## The name of the project diff --git a/doh-client/client.go b/doh-client/client.go index d9327a7..7326fca 100644 --- a/doh-client/client.go +++ b/doh-client/client.go @@ -259,7 +259,7 @@ func (c *Client) tcpHandlerFunc(w dns.ResponseWriter, r *dns.Msg) { var ( ipv4Mask24 = net.IPMask{255, 255, 255, 0} - ipv6Mask48 = net.CIDRMask(48, 128) + ipv6Mask56 = net.CIDRMask(56, 128) ) func (c *Client) findClientIP(w dns.ResponseWriter, r *dns.Msg) (ednsClientAddress net.IP, ednsClientNetmask uint8) { @@ -286,8 +286,8 @@ func (c *Client) findClientIP(w dns.ResponseWriter, r *dns.Msg) (ednsClientAddre ednsClientAddress = ipv4.Mask(ipv4Mask24) ednsClientNetmask = 24 } else { - ednsClientAddress = ip.Mask(ipv6Mask48) - ednsClientNetmask = 48 + ednsClientAddress = ip.Mask(ipv6Mask56) + ednsClientNetmask = 56 } } return diff --git a/doh-client/doh-client.conf b/doh-client/doh-client.conf index d287b52..3b5de14 100644 --- a/doh-client/doh-client.conf +++ b/doh-client/doh-client.conf @@ -72,7 +72,7 @@ no_cookies = true # Disable EDNS0-Client-Subnet (ECS) # # DNS-over-HTTPS supports EDNS0-Client-Subnet protocol, which submits part of -# the client's IP address (/24 for IPv4, /48 for IPv6 by default) to the +# the client's IP address (/24 for IPv4, /56 for IPv6 by default) to the # upstream server. This is useful for GeoDNS and CDNs to work, and is exactly # the same configuration as most public DNS servers. no_ecs = false diff --git a/doh-client/ietf.go b/doh-client/ietf.go index 0117e72..503243c 100644 --- a/doh-client/ietf.go +++ b/doh-client/ietf.go @@ -96,7 +96,7 @@ func (c *Client) generateRequestIETF(w dns.ResponseWriter, r *dns.Msg, isTCP boo ednsClientNetmask = 24 } else { ednsClientFamily = 2 - ednsClientNetmask = 48 + ednsClientNetmask = 56 } edns0Subnet = new(dns.EDNS0_SUBNET) edns0Subnet.Code = dns.EDNS0SUBNET diff --git a/doh-server/google.go b/doh-server/google.go index cf82607..ee742aa 100644 --- a/doh-server/google.go +++ b/doh-server/google.go @@ -104,7 +104,7 @@ func (s *Server) parseRequestGoogle(w http.ResponseWriter, r *http.Request) *DNS ednsClientNetmask = 24 } else { ednsClientFamily = 2 - ednsClientNetmask = 48 + ednsClientNetmask = 56 } } else { ednsClientAddress = net.ParseIP(ednsClientSubnet[:slash]) @@ -139,7 +139,7 @@ func (s *Server) parseRequestGoogle(w http.ResponseWriter, r *http.Request) *DNS ednsClientNetmask = 24 } else { ednsClientFamily = 2 - ednsClientNetmask = 48 + ednsClientNetmask = 56 } } diff --git a/doh-server/ietf.go b/doh-server/ietf.go index 2e547ba..875c5df 100644 --- a/doh-server/ietf.go +++ b/doh-server/ietf.go @@ -126,7 +126,7 @@ func (s *Server) parseRequestIETF(w http.ResponseWriter, r *http.Request) *DNSRe ednsClientNetmask = 24 } else { ednsClientFamily = 2 - ednsClientNetmask = 48 + ednsClientNetmask = 56 } edns0Subnet = new(dns.EDNS0_SUBNET) edns0Subnet.Code = dns.EDNS0SUBNET diff --git a/json-dns/unmarshal.go b/json-dns/unmarshal.go index a42c6ab..4bda705 100644 --- a/json-dns/unmarshal.go +++ b/json-dns/unmarshal.go @@ -119,7 +119,7 @@ func Unmarshal(msg *dns.Msg, resp *Response, udpSize uint16, ednsClientNetmask u if ednsClientFamily == 1 { ednsClientNetmask = 24 } else { - ednsClientNetmask = 48 + ednsClientNetmask = 56 } } edns0Subnet := new(dns.EDNS0_SUBNET)