[Pdns-users] Doubt about "edns-subnet-whitelist" directive
王璀WANG Cui
wangc at essilorchina.com
Thu Aug 4 23:58:22 UTC 2016
>
> I couldn't see this setting in the current documentation, but I found from
> a previous announcement:
>
> https://mailman.powerdns.com/pipermail/pdns-users/2015-Novem
> ber/011803.html
>
> "It works by setting edns-subnet-whitelist to a list of domain names or
> nameserver netmasks that should be getting EDNS Client Subnet queries."
>
> So it seems to be behaving as stated: if it's a subnet, it matches against
> the remote nameserver which the query is being sent to.
>
This setting is not documented on
https://doc.powerdns.com/md/recursor/settings/ yet.
But in the recursor.conf there is below section to control ECS:
#################################
# edns-subnet-whitelist List of netmasks and domains that we should enable
EDNS subnet for
#
# edns-subnet-whitelist=
I confirm that like you said, it is to whitelist the forwarder (8.8.8.8 in
my case), not to whitelist the requester, so my previous understanding is
wrong.
Anyway, the setting description is quite vague, better make it more clearer
to avoid such misunderstanding as I did...
--
This e-mail and its attachments are confidential and intended for use by
the above named recipient(s) only. If you are not the intended recipient,
please note that any use, modification, dissemination, edition or
reproduction (either in whole or partially) of this e-mail and/or its
attachments, or of the information contained herein, is strictly
prohibited. If you have received this e-mail by mistake, please notify the
sender immediately, and immediately delete this e-mail with its attachments
and any copy of it from your computer system. We do not ensure the security
of electronically transmitted information. Therefore, we take no
responsibility in the event this email and/or its attachments may have been
for example modified, altered and/or in the case of transmission of a
virus. Your communication with us through such means shall signify your
acceptance of such risks. We kindly advise you to check whether this email
or its attachments are free of viruses
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20160805/8f448835/attachment.html>
More information about the Pdns-users
mailing list