The full IP of the Cloudflare resolver doing the recursive resolution is already provided to the authoritative server, as the source IP for the DNS query traffic.
True. Copying the information would be possible, but given they’re working on other efforts to replace the functionality of EDNS ECS in a standard way, it seems like a hacky bandaid.
The full IP of the Cloudflare resolver doing the recursive resolution is already provided to the authoritative server, as the source IP for the DNS query traffic.
I think the parent is saying, why not spoof the EDNS client subnet information?
True. Copying the information would be possible, but given they’re working on other efforts to replace the functionality of EDNS ECS in a standard way, it seems like a hacky bandaid.
4 replies →