[dns-operations] Embedding MAC address in DNS requests for selective filtering
robert at ripe.net
Tue Jan 26 08:36:56 UTC 2016
>>> Alternately this could be implemented by having the DHCP server give
>>> the clients a different DNS server (possibly even in a different
>>> subnet, if you wanted to do actual isolation instead of DNS filtering
>> Hi, Shane:
>> If I understand correctly, this would only really work with a very
>> limited number of filtering options, say "filtered" and "unfiltered".
>> But the DNS filtering vendors give you a lot more flexibility than that.
>> E.g., this is OpenDNS's "Web Content Filtering" configuration panel:
> Fair enough. Bert's description of filtering the kids' iPads but being
> able to still see the unfiltered network made me think of simple
Since there are fifty-something categories listed there, plus a few generic
options, one can encode all this in the host part of the v6 address of the
DNS resolver given to the client. That's way more than a boolean for
filtered/unfiltered. So your idea scales well! :-)
> I clearly don't have the proper mindset for censorship. :(
Don't worry, that's a feature!
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
More information about the dns-operations