Encapsulating Requester IP in the DNS payload
marka at isc.org
Tue Jul 18 21:58:56 UTC 2017
In message <CAN9uivGSnoW-JX6i8MYtACi8JspdOqN_0Xu_vHvvvfPcNwwhUg at mail.gmail.com>, Asher Collings writes:
> Hello everyone,
> Long time subscriber first time poster. I have a POC I'm working on where
> I'm trying to add the requesters internal IP into the DNS packet. There are
> posts everywhere stating that this is possible with edns but there are no
> I was wondering if anyone has tried to do this using bind 9.10 and if so
> what road blocks did you run into and were you finally able to do it? Most
> importantly if you did get this to work how?
> Thanks in advance for your time and information
You are looking for ECS (RFC 7871) support. BIND has partial support.
Note: ECS has privacy issues.
The following is the official position on ECS recursive support in
Wed, 19 Apr 2017
We have implemented ECS for recursive queries in 9.10.5-S, the subscriber
preview edition of BIND, which will be released today. For now, ECS recursion
is available only to users with a support contract with ISC. Development of
this feature was a significant effort, sponsored by an OEM user of BIND. As
part of the agreement with the sponsor, we agreed to embargo the feature from
the open source until 2018.
Internet Systems Consortium
vi... at isc.org
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users