Some Light Reading:
https://tools.ietf.org/html/draft-vandergaast-edns-client-subnet-00
Many Authoritative nameservers today return different replies based on the perceived topological location of the user. These servers use the IP address of the incoming query to identify that location. Since most queries come from intermediate recursive resolvers, the source address is that of the recursive rather than of the query originator. Traditionally and probably still in the majority of instances, recursive resolvers are reasonably close in the topological sense to the stub resolvers or forwarders that are the source of queries. For these resolvers, using their own IP address is sufficient for authority servers that tailor responses based upon location of the querier. Increasingly though a class of remote recursive servers has arisen that serves query sources without regard to topology. The motivation for a query source to use a remote recursive server varies but is usually because of some enhanced experience, such as greater cache security or applying policies regarding where users may connect. (Although political censorship usually comes to mind here, the same actions may be used by a parent when setting controls on where a minor may connect.) When using a remote recursive server, there can no longer be any assumption of close proximity between the originator and the recursive, leading to less than optimal replies from the authority servers. A similar situation exists within some ISPs where the recursive servers are topologically distant from some edges of the ISP network, resulting in less than optimal replies from the authority servers. This draft defines an EDNS0 option to convey network information that is relevant to the message but not otherwise included in the datagram. This will provide the mechanism to carry sufficient network information about the originator for the authority server to tailor responses. It also provides for the authority server to indicate the scope of network addresses that the tailored answer is intended. This EDNS0 option is intended for those recursive and authority servers that would benefit from the extension and not for general purpose deployment. It is completely optional and can safely be ignored by servers that choose not to implement it or enable it. This draft also includes guidelines on how to best cache those results and provides recommendations on when this protocol extension should be used.
For those of you running BIND here is some practical information
https://ftp.isc.org/isc/dnssec-guide/html/dnssec-guide.html#whats-edns0-all-about
One reply on “Client subnet in DNS requests”
[…] This cast we talk about: Google devices disrupting home wifi Ubiquiti Unifi Dimmers Mikrotik hAP ac2 – AC wave 2 gear How many routes have you gotten on a CCR? IPv6 again… EDNS […]