From 5684c21bcf4fa4c5dad491a8f6874cc2cc20ff6f Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 1 Sep 2020 12:03:59 +1000
Subject: [PATCH] Generate PTR records for DNS64 mapped ipv4only.arpa reverses.

Rather than generating CNAMES records pointing into IN-ADDR.ARPA,
generate PTR records directly as the names are known as per RFC 8880.
---
 bin/named/builtin.c             | 12 +++++++++++-
 bin/tests/system/dns64/tests.sh | 10 ++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/bin/named/builtin.c b/bin/named/builtin.c
index bc6e9b2f1e..c2bbc59655 100644
--- a/bin/named/builtin.c
+++ b/bin/named/builtin.c
@@ -296,6 +296,16 @@ dns64_cname(const dns_name_t *zone, const dns_name_t *name,
 		 */
 		return (ISC_R_NOTFOUND);
 	}
+
+	/*
+	 * Reverse of 192.0.0.170 or 192.0.0.171 maps to ipv4only.arpa.
+	 */
+	if ((v[0] == 170 || v[0] == 171) && v[1] == 0 && v[2] == 0 &&
+	    v[3] == 192) {
+		return (dns_sdb_putrdata(lookup, dns_rdatatype_ptr, 3600,
+					 ipv4only, sizeof(ipv4only)));
+	}
+
 	return (dns_sdb_putrdata(lookup, dns_rdatatype_cname, 600, rdata,
 				 (unsigned int)len));
 }
@@ -455,7 +465,7 @@ static isc_result_t
 do_ipv4reverse_lookup(dns_sdblookup_t *lookup) {
 	isc_result_t result;
 
-	result = dns_sdb_putrdata(lookup, dns_rdatatype_ptr, 0, ipv4only,
+	result = dns_sdb_putrdata(lookup, dns_rdatatype_ptr, 3600, ipv4only,
 				  sizeof(ipv4only));
 	return (result);
 }
diff --git a/bin/tests/system/dns64/tests.sh b/bin/tests/system/dns64/tests.sh
index f3b60d0ea3..bf0ca7a51f 100644
--- a/bin/tests/system/dns64/tests.sh
+++ b/bin/tests/system/dns64/tests.sh
@@ -1438,5 +1438,15 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+echo_i "checking reverse of dns64 mapped ipv4only.arpa addresses returns ipv4only.arpa ($n)"
+ret=0
+$DIG $DIGOPTS ptr -x 2001:96::192.0.0.170 -b 10.53.0.7 @10.53.0.2 > dig.out.170.ns2.test$n || ret=1
+$DIG $DIGOPTS ptr -x 2001:96::192.0.0.171 -b 10.53.0.7 @10.53.0.2 > dig.out.171.ns2.test$n || ret=1
+grep "ip6\.arpa\..*PTR.*ipv4only\.arpa\." dig.out.170.ns2.test$n >/dev/null || ret=1
+grep "ip6\.arpa\..*PTR.*ipv4only\.arpa\." dig.out.171.ns2.test$n >/dev/null || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1