[Pdns-users] ECS not using proxied client IP?
Remi Gacogne
remi.gacogne at powerdns.com
Mon Apr 19 08:15:39 UTC 2021
Hi Mark,
On 4/17/21 12:37 AM, Nejedlo, Mark via Pdns-users wrote:
> Using the same dnsdist/pdns_recursor setup as the previous, but with
> “ecs-add-for=0.0.0.0/0, ::/0" added to the configuration, I see ECS
> with ::/56 as the client subnet. Since dnsdist is using
> “newServer({address='[::1]:5353', useProxyProtocol=true, sockets=12})”,
> this suggests that pdns_recursor is ignoring the client IP that was
> proxied, and using the client IP from the UDP connection instead.
>
> I did try 4.5beta2 as well, but the behavior didn’t change.
>
> Have I missed some setting for telling pdns_recursor to use the proxied
> client IP in ECS? Is this a bug?
That seems like a bug indeed, the interaction between the proxy protocol
and EDNS Client Subnet was not properly handled. I opened a pull request
[1] to fix it.
Thanks for reporting that issue!
[1]: https://github.com/PowerDNS/pdns/pull/10303
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
More information about the Pdns-users
mailing list