Hi Mark,
On 4/17/21 12:37 AM, Nejedlo, Mark via Pdns-users wrote:
Using the same dnsdist/pdns_recursor setup as the previous, but with
“ecs-add-for=0.0.0.0/0, ::/0" added to the configuration, I see ECS
with ::/56 as the client subnet. Since dnsdist is using
“newServer({address='[::1]:5353', useProxyProtocol=true, sockets=12})”,
this suggests that pdns_recursor is ignoring the client IP that was
proxied, and using the client IP from the UDP connection instead.
I did try 4.5beta2 as well, but the behavior didn’t change.
Have I missed some setting for telling pdns_recursor to use the proxied
client IP in ECS? Is this a bug?
That seems like a bug indeed, the interaction between the proxy protocol
and EDNS Client Subnet was not properly handled. I opened a pull request
[1] to fix it.
Thanks for reporting that issue!
[1]: https://github.com/PowerDNS/pdns/pull/10303
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
