On 11/2/22 4:03 AM, David Touzeau wrote:
It should be a good feature request that the Squid DNS client supports eDNS
eDNS can be used to send the source client IP address received by
Squid to a remote DNS.
On 02.11.22 08:52, Grant Taylor wrote:
Does Squid even have it's own DNS "" / lookup mechanism?
yes.
I naively assumed that Squid simply used the system's name resolution
capabilities, be that DNS, /etc/hosts, or even NIS(+).
afaik these functions don't work asynchronously which would be problem for
squid.
up to 3.4 squid supported external DNS children.
In this case the DNS will be able to change its behavior depending
on the source IP address.
I take that to mean that DNS will change it's behavior based on the
EDNS0 Client Subnet information. Because DNS will still see Squid as
the client of the DNS query.
Since it's always squid who accesses destination servers, providing client
subnet option by squid is useless here and only squid's IP matters.
Aside: There's a chance that the -- as I understand it -- suggested
/24 aggregation of E.C.S. will not be granular enough to provide the
OP's desired result.
N.B. the E.C.S. interactions that I've had have used /24 or larger
subnets to protect client identity.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Save the whales. Collect the whole set.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
