REG: configuring BIND to respond with EDNS client subnet option
Ramachandra Kasyap Marmavula
rmarmav at ncsu.edu
Wed Mar 30 00:19:23 UTC 2016
Hi Mukund,
I recall reading that ECS is supported when BIND acts as authoritative
server, but there is no support in resolver mode (tried unsuccessfully to
find the exact link). Thanks for clarifying. I am using BIND 9.10 and shall
switch to using the 9.11 alpha release.
Regards,
Ramachandra Kasyap
On Tue, Mar 29, 2016 at 2:39 PM, Mukund Sivaraman <muks at isc.org> wrote:
> Hi Ramachandra
>
> On Tue, Mar 29, 2016 at 02:32:28PM -0700, Ramachandra Kasyap Marmavula
> wrote:
> > Request for some help with configuring a BIND DNS server to respond with
> > EDNS0 client subnet option. I am using the enhanced 'dig' utility
> available
> > with the BIND distribution to generate DNS queries with the EDNS0 client
> > subnet option. I compiled bind with GeoIP and I am trying to use views to
> > to define the list of IP subnets. Sample configuration from named.conf:
> >
> > acl "IN" {
> > 1.6.0.0/15;
> > 1.22.0.0/15;
> > 1.38.0.0/15;
> > 103.24.201.0/24;
> > };
> >
> > view "EDNS" {
> > match-clients { IN; };
> > zone "ecs.test" {
> > type master;
> > file "/etc/named/zones/myzone.tld.conf";
> > };
> > }
> >
> > When I send a DNS query with EDNS client subnet option, the server
> returns
> > a response without the ECS option (indicating that it doesn't support
> this
> > option). Is there some other configuration that I have to enable in
> > named.conf to get this to work?
>
> Which version of BIND are you using? Authoritative side support for
> client-subnet is only available in the master branch (and the 9.11 alpha
> release so far). It has not been released in any stable releases and is
> not a part of BIND 9.10 or 9.9.
>
> Mukund
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160329/26689d5f/attachment.html>
More information about the bind-users
mailing list