Recognizing remote IP in shared connections
Alex Dupuy
alexdupuy at google.com
Wed Mar 1 16:00:23 UTC 2017
> for policies purpuose, we need to know which remote site is resolving a Bind 9.x public DNS Server.
> The problem occurs when some carriers "share" the same IP address between more customers and they surf behind a shared NAT.
>
> Is there a way?
You could use DNS Cookies (https://tools.ietf.org/html/rfc7873) to identify different clients using the same IP address. However, this will not tell you their "remote site" or location or "real" IP address.
Furthermore, DNS Cookies support is very thin on the ground, and few clients have the ability to send them (even fewer will actually do so).
More information about the bind-users
mailing list