Hi Grant, On 19-Apr-2017 15:59 BST, <bind-users@lists.isc.org> wrote:
> On 04/19/2017 03:37 AM, Tony Finch wrote: > > This is what the EDNS client subnet option is about. You can use it in > > BIND by adding "ecs" clauses to your address match lists for views or > > acls. However it isn't documented in the ARM and it has significant > > problems. See > > https://kb.isc.org/article/AA-01432/0/BIND-9.11.0-Release-Notes.html > > and especially > > https://kb.isc.org/article/AA-01480/0/BIND-9.11.1rc3-Release-Notes.html > > The only occurrences I found for "ecs" on the two release notes didn't > include more details about how to configure views to use it. As pointed out by Tony, it is not document in the ARM, so you need to dig a little bit :) Googling a little, you'll find things such as: acl ecs-area01 { ecs 192.168.164.0/24; } acl no-ecs-area01 { 192.168.164.0/24; }; and then you can use these ACLs as part of your DNS views. > Nor did I see > details on how to have BIND send ECS with queries when it's a recursive > server. As far as I know, ECS for Recursive queries is not yet implemented by ISC, or at least it is not publicly available. > I'd also like to see if it's possible to have dig send ECS info. +edns / +noedns , but you'll need a recent dig version. Cheers, -- Nico _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users