copy EDNS options to resolver response
I have a BIND9 server configured as a resolver for the local network to forward all requests to 1.1.1.1. Given that that 1.1.1.1 includes (RFC8914) EDE EDNS options in it's responses, can I configure the BIND resolver to forward those EDNS options in it's response to the client? While I know BIND9 doesn't yet do EDE itself, I am hoping for an option in BIND to just blindly copy whatever EDNS options it receives to it's client. Cheers, b. signature.asc Description: This is a digitally signed message part -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: copy EDNS options to resolver response
On 19.02.22 12:31, Brian J. Murrell wrote: I have a BIND9 server configured as a resolver for the local network to forward all requests to 1.1.1.1. what's the point of this setup? BIND can resolve by itself perfectly and you wouldn't rely on 3rd party service Given that that 1.1.1.1 includes (RFC8914) EDE EDNS options in it's responses, can I configure the BIND resolver to forward those EDNS options in it's response to the client? bind uses edns by default unless you turn it off. Or unless your firewall blocks it, in which case you can't enable it. While I know BIND9 doesn't yet do EDE itself, I am hoping for an option in BIND to just blindly copy whatever EDNS options it receives to it's client. no, bind uses edns as it needs, not as client asks it to. communication with clients is independent from communication with servers -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #9: Out of error messages. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: copy EDNS options to resolver response
On Sat, 2022-02-19 at 19:02 +0100, Matus UHLAR - fantomas wrote: > > what's the point of this setup? > BIND can resolve by itself perfectly and you wouldn't rely on 3rd > party > service Except that it cannot do EDE, as I already said in my original message. Cheers, b. signature.asc Description: This is a digitally signed message part -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: copy EDNS options to resolver response
EDNS is hop by hop. There is no copying by any compliant server. -- Mark Andrews > On 20 Feb 2022, at 06:32, Brian J. Murrell wrote: > On Sat, 2022-02-19 at 19:02 +0100, Matus UHLAR - fantomas wrote: >> >> what's the point of this setup? >> BIND can resolve by itself perfectly and you wouldn't rely on 3rd >> party >> service > > Except that it cannot do EDE, as I already said in my original message. > > > Cheers, > b. > > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from > this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: copy EDNS options to resolver response
On Sun, 2022-02-20 at 08:16 +1100, Mark Andrews wrote: > > EDNS is hop by hop. There is no copying by any compliant server. Fair enough. I thought it was a long shot. Cheers, b. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
