|
|
|
|
|
|
by raxi
1738 days ago
|
|
|
I concluded that from sentences like "they don’t owe you optional features because you really want to see user IP data" which reveal misunderstanding on who is sending queries and who decides what to answer to those queries. From your text it looks like webmasters are sending requests to CloudFlare to get user's IP. This is totally wrong. It is CloudFlare wants to see server IP and in the query it has to explain how they will use this info, to which region they will forward my server IP. That is what EDNS-client-IP for. If the requester refuses to explain why they need the server IP address for (and their goal cannot be derived from the source IP of the UDP packet, like in the case of local ISP resolvers), they may be denied the privilege of the honor of receiving responses. |
|
|
They're not forwarding it at all. A request from LA will come from the LAX Cloudflare DC, and thus plugging in the requesting IP address into some geoip service will show Los Angeles, California. All you have to do to get this working is to fallback to the incoming IP if ECS is absent.
Or time travel to 2010 and try to respond to DNS queries while no servers are sending ECS.