luci-mod-network: add DNR (RFC9463) support

odhcpd has had support for Discovery of Network-designated Resolvers
(DNR, RFC9463), which allows allows devices on the network to discover
encrypted DNS resolvers, since December 2024 [1].

This patch adds a basic luci interface to configure DNR records. odhcp
actually supports DNR records via DHCPv4, DHCPv6 and RA, but since it's
typically only used for the latter two, stashing the option next to IPv6
DNS server options seems reasonable.

Patch v2: long help string broken into multiple strings, "Format: ..."
changed to "Syntax: ...".

Patch v3: add a note on the _lifetime=<seconds> parameter, add a RA
<abbr> stanza.

Patch v4: change title to "Announce encrypted DNS servers", change IPv6
example address to the IANA documentation address space, add a blurb
about IPv4 address support (only when odhcpd is used for DHCPv4).

[1] https://github.com/openwrt/odhcpd/commit/6d342cc03bf72f27d0838942d009bf1c5df4f954

Signed-off-by: David Härdeman <[email protected]>
(cherry picked from commit b4965119bc213b756af442a395514afce5a8bdeb)

diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
index 7ba803463c7e3a3585c74272a726ee3adb8a62dc..db0a28a403f1c112a35feaf0374c0cbb7b85d52a 100644 (file)
--- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
+++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js
@@ -957,6 +957,20 @@ return view.extend({
                                        so.depends('dhcpv6', 'server');
                                        so.depends({ dhcpv6: 'hybrid', master: '0' });
 
+                                       so = ss.taboption('ipv6', form.DynamicList, 'dnr', _('Announce encrypted DNS servers'),
+                                               _('Specifies a fixed list of encrypted DNS server addresses to announce via DHCPv6/<abbr title="Router Advertisement">RA</abbr> (see %s).')
+                                                .format('<a href="%s" target="_blank">RFC9463</a>').format('https://www.rfc-editor.org/rfc/rfc9463') + '<br/>' +
+                                               _('IPv4 addresses are only supported if <code>odhcpd</code> also handles DHCPv4.') + '<br/>' +
+                                               _('Syntax: <code>&lt;numeric priority&gt; &lt;domain-name&gt; [IP,...] [SVC parameter ...]</code>') + '<br/>' +
+                                               _('Example: <code>100 dns.example.com 2001:db8::53,192.168.1.53 alpn=doq port=853</code>') + '<br/>' +
+                                               _('Note: the <code>_lifetime=&lt;seconds&gt;</code> SVC parameter sets the lifetime of the announced server (use <code>0</code> to indicate a server which should no longer be used).')
+                                       );
+                                       so.datatype = 'string';
+                                       so.depends('ra', 'server');
+                                       so.depends({ ra: 'hybrid', master: '0' });
+                                       so.depends('dhcpv6', 'server');
+                                       so.depends({ dhcpv6: 'hybrid', master: '0' });
+
                                        so = ss.taboption('ipv6', form.Flag, 'dns_service', _('Local IPv6 DNS server'),
                                                _('Announce this device as IPv6 DNS server.'));
                                        so.default = so.enabled;