[Pdns-users] pdns-recursor: edns-subnet signalling

Niklas metaswirl at gmail.com
Thu Aug 9 21:50:53 UTC 2012


Hi again,

It appears I am not the only one who seeks clarification on the edns
issue. Like [1] and [2] I found there is an option disable-edns in the
recursor.conf and even a counter for outgoing edns queries exists:
noedns-outqueries (found it with rec_controll get-all)

Still when I enable this on the recursor, the queries getting to the
resolver omit the real remote ip. Instead they contain the IP of the
ISP DNS twice. Not only that, but queries already containing a edns
part appear to be reformatted too.

Requests send with dig + edns client subnet plugin

a) directly
-> Q    xxx.abc IN      SOA     -1      10.0.0.109      10.0.1.4
 10.0.1.13/32

b) via the recursor
-> Q    yyy.abc IN      SOA     -1      10.0.1.12       10.0.1.4
 10.0.1.12/32

At the moment I am digging into the source code. Hence it would be a
big help if somebody could give me a few pointers.

Best,
Niklas

[1] http://mailman.powerdns.com/pipermail/pdns-users/2010-April/006641.html
[2] http://old.nabble.com/EDNS-support-%2B-default-buffer-size-td27941127.html


On Thu, Aug 9, 2012 at 5:47 PM, Niklas <metaswirl at gmail.com> wrote:
> Hello PowerDNS users,
>
> given a setup where one pdns recursor forwards dns requests to
> multiple pdns resolvers. Is it possible to have the recursor share the
> client ip (== real remote ip) with the resolvers?
>
> I am running a pdns server customized with pipe backend and need the
> client subnet for optimizing.
>
> In [1] Peter van Dijk talks about edns-subnet signalling as an
> interesting topic. But there is little description on whether there
> was work done on the issue or if it is in development.
>
> Would be great to know :)
>
> Best,
> Niklas
>
>
> [1] http://www.mail-archive.com/pdns-users@mailman.powerdns.com/msg05314.html



More information about the Pdns-users mailing list