[Pdns-users] Doubt about "edns-subnet-whitelist" directive
Brian Candler
b.candler at pobox.com
Thu Aug 4 15:55:01 UTC 2016
On 04/08/2016 16:45, WANG Cui 王璀 wrote:
> I researched in the source code and find out in file: pdns_recursor.cc,
> function: getEDNSSubnetMask(), there is an if test:
> * if(g_ednsdomains.check(dn) || g_ednssubnets.match(rem)) where the
> “rem” is actually is the forwarder IP that I set by:
> * forward-zones-recurse=.=8.8.8.8
> Of course the if test won’t pass, therefore pdns-recursor never append
> subnet option in query.
I couldn't see this setting in the current documentation, but I found
from a previous announcement:
https://mailman.powerdns.com/pipermail/pdns-users/2015-November/011803.html
"It works by setting edns-subnet-whitelist to a list of domain names or
nameserver netmasks that should be getting EDNS Client Subnet queries."
So it seems to be behaving as stated: if it's a subnet, it matches
against the remote nameserver which the query is being sent to.
More information about the Pdns-users
mailing list