EDNS Client Subnet (ECS) in queries sent to Google Public DNS

Alexander Dupuy alexdupuy at google.com
Fri Jan 17 18:10:19 UTC 2020


If any reader of this list is sending DNS requests with the EDNS Client
Subnet (ECS) option to 8.8.8.8, please read this post on our announcement
list <https://groups.google.com/g/public-dns-announce/c/h4XLjnWvAp8> that
discusses changes Google is planning in how we handle requests with ECS. It
is also relevant for developers of software that sends ECS to recursive
resolvers.

To be quite clear, these planned changes are only in our handling of
requests sent with ECS, not in how Google Public DNS sends ECS to
authoritative name servers.

For anyone interested in ECS, the Case Western / Akamai paper
<https://www.akamai.com/us/en/multimedia/documents/technical-publication/a-look-at-the-ecs-behavior-of-dns-resolvers.pdf>
is
well worth reading in full; in particular section 8 on ECS Pitfalls, some
of which our planned changes hope to address and discourage in clients that
send ECS to recursive resolvers.
<https://www.akamai.com/us/en/multimedia/documents/technical-publication/a-look-at-the-ecs-behavior-of-dns-resolvers.pdf>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200117/3d1512e5/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4849 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200117/3d1512e5/attachment.bin>


More information about the dns-operations mailing list