pdns-recursor use the source netmask provided by the client for edns-client-subnet queries

classic Classic list List threaded Threaded
2 messages Options
Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

pdns-recursor use the source netmask provided by the client for edns-client-subnet queries

soampoah
Hi all,

Is there any setting in pdns-recursor that passes along source netmask if EDNS subnet options are set?
So far my recursor (pdns-recursor-4.00.alpha) only able to send my machine netmask.

I found a discussing about this on github but not sure if this feature already added on the latest pdns-recursor release.

Thanks.
Soampoah.
Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pdns-recursor use the source netmask provided by the client for edns-client-subnet queries

bert hubert-3
On Wed, Apr 27, 2016 at 08:42:21AM -0700, soampoah wrote:
> Hi all,
>
> Is there any setting in pdns-recursor that passes along source netmask if
> EDNS subnet options are set?
> So far my recursor (pdns-recursor-4.00.alpha) only able to send my machine
> netmask.

We have no such option right now - can you tell us about your use case? It
is not that we are against it, but it is some work since you might want to
limit the ability of your clients to "lie" for example. We'd need to
understand what problem you are trying to solve.

We do have the infrastructure in 4.0.0 to process the client provided
subnet, since we have a use for that in dnsdist.

        Bert
_______________________________________________
Pdns-users mailing list
[hidden email]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
Loading...