I'd like a Bind DNS server to add a client subnet EDNS option (ideally one I specify) to any requests that it recurses to an upstream DNS server, to cover for the fact the clients themselves aren't providing one. Is there a way to make Bind add this to outbound requests?
Asked
Active
Viewed 1,006 times
1 Answers
0
Not currently. You can find unofficial patches with some Google searching, but none that are currently in the stable branch.
Evan Hunt (isc.org) stated the following back in 2014:
We're open to it, but it probably won't happen unless someone contributes the code to us, or sponsors the feature financially so we can hire an engineer. It's an enormous job of work (requiring a major rewrite of the cache database), and we have our hands full as it is. Sorry.
While the functionality has since been added to dig (BIND 9.10 feature announcement), I can find no documentation pertaining to this feature being in a stable branch. I found one mention of it being available for authoritative servers in the master and alpha branches, but that is neither what you are looking for or a solution for production environments.
Andrew B
- 32,588
- 12
- 93
- 131
-
Thanks very much for that. If that's the case, does anyone know how anyone is getting geo-locating DNS to work? Is it basically everyone in the Faster Internet group (Google, Comcast, OpenDNS, Cloudflare etc...) have done the hard yards but nobody has contributed code to Bind openly in a manner that allow everyone else to do it? – Geordie Guy Apr 21 '16 at 00:28
-
BIND implements it using [GeoIP-based ACLs](https://kb.isc.org/article/AA-01149/0/Using-the-GeoIP-Features-in-BIND-9.10.html) linked to views, but I lack the insight to answer for the other implementations. – Andrew B Apr 21 '16 at 00:31
-
1The feature has been added in bind 9.10.5 Subscriber Edition, see https://www.isc.org/wp-content/uploads/2017/04/ecs.pages.pdf or https://kb.isc.org/article/AA-01310/109/BIND9-Significant-Features-Matrix.html – Patrick Mevzek Aug 21 '18 at 15:52