Client Subnet in DNS Queries
RFC 7871
Document | Type | RFC - Informational (May 2016; Errata) | |
---|---|---|---|
Authors | Carlo Contavalli , Wilmer van der Gaast , David Lawrence , Warren Kumari | ||
Last updated | 2020-01-21 | ||
Replaces | draft-vandergaast-edns-client-subnet | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized with errata bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Suzanne Woolf | ||
Shepherd write-up | Show (last changed 2015-12-30) | ||
IESG | IESG state | RFC 7871 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Yes | ||
Telechat date | |||
Responsible AD | Joel Jaeggli | ||
Send notices to | "Suzanne Woolf" <suzworldwide@gmail.com> | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | RFC-Ed-Ack |
Internet Engineering Task Force (IETF) C. Contavalli Request for Comments: 7871 W. van der Gaast Category: Informational Google ISSN: 2070-1721 D. Lawrence Akamai Technologies W. Kumari Google May 2016 Client Subnet in DNS Queries Abstract This document describes an Extension Mechanisms for DNS (EDNS0) option that is in active use to carry information about the network that originated a DNS query and the network for which the subsequent response can be cached. Since it has some known operational and privacy shortcomings, a revision will be worked through the IETF for improvement. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7871. Contavalli, et al. Informational [Page 1] RFC 7871 Client Subnet in DNS Queries May 2016 Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Contavalli, et al. Informational [Page 2] RFC 7871 Client Subnet in DNS Queries May 2016 Table of Contents 1. Introduction ....................................................4 2. Privacy Note ....................................................5 3. Requirements Notation ...........................................5 4. Terminology .....................................................6 5. Overview ........................................................7 6. Option Format ...................................................8 7. Protocol Description ............................................9 7.1. Originating the Option .....................................9 7.1.1. Recursive Resolvers .................................9 7.1.2. Stub Resolvers .....................................10 7.1.3. Forwarding Resolvers ...............................11 7.2. Generating a Response .....................................11 7.2.1. Authoritative Nameserver ...........................11 7.2.2. Intermediate Nameserver ............................13 7.3. Handling ECS Responses and Caching ........................14 7.3.1. Caching the Response ...............................15 7.3.2. Answering from Cache ...............................16 7.4. Delegations and Negative Answers ..........................17 7.5. Transitivity ..............................................18 8. IANA Considerations ............................................18 9. DNSSEC Considerations ..........................................19 10. NAT Considerations ............................................19 11. Security Considerations .......................................20 11.1. Privacy ..................................................20 11.2. Birthday Attacks .........................................21 11.3. Cache Pollution ..........................................22 12. Sending the Option ............................................23 12.1. Probing ..................................................23 12.2. Whitelist ................................................24 13. Example .......................................................24 14. References ....................................................26Show full document text