[dns-operations] Testing edns client subnet

Mukund Sivaraman muks at isc.org
Sat Dec 10 15:19:46 UTC 2016


Hi Albert

> What is required for a recursive resolver to send client subnet information to
> the auth. server when it is not explicitly provided by the client? Do I need to
> setup anything in the config? Are any compile options required?

EDNS CLIENT-SUBNET (ECS) needs support on the authoritative side (server) as well as the resolver side (client).

The public BIND 9.11.x does not have resolver support for ECS. We have written support for resolver ECS for BIND, but due to contractual reasons, we are unable to release it right now in a public version.

For those who want it, we are able to release it in the subscription version and it will be shipped in that capacity sometime soon. The feature is ready for production use.

Mukund



More information about the dns-operations mailing list