Following feedback and discussion on this draft I've updated it to use a META RR rather than an EDNS option.
This simplifies questions about adding an OPT RR if one wasn't already in the proxied packet. It also avoids (some) issues with TSIG / SIG(0). This RR now contains the entire 5-tuple of src/dest address and port (and protocol) and not just the source IP address - the rationale for this is explained in the draft. As I won't be present for DNSOP in Prague this is due to be presented by Peter van Dijk, one of my two new co-authors. Ray -------- Forwarded Message -------- A new version of I-D, draft-bellis-dnsop-xpf-02.txt has been successfully submitted by Ray Bellis and posted to the IETF repository. Name: draft-bellis-dnsop-xpf Revision: 02 Title: DNS X-Proxied-For Document date: 2017-07-03 Group: Individual Submission Pages: 8 URL: https://www.ietf.org/internet-drafts/draft-bellis-dnsop-xpf-02.txt Status: https://datatracker.ietf.org/doc/draft-bellis-dnsop-xpf/ Htmlized: https://tools.ietf.org/html/draft-bellis-dnsop-xpf-02 Htmlized: https://datatracker.ietf.org/doc/html/draft-bellis-dnsop-xpf-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-bellis-dnsop-xpf-02 Abstract: It is becoming more commonplace to install front end proxy devices in front of DNS servers to provide (for example) load balancing or to perform transport layer conversions. This document defines a meta resource record that allows a DNS server to receive information about the client's original transport protocol parameters when supplied by trusted proxies. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
