The second checkbox is about AGH to reverse resolve IPs of it’s clients to show them in log/dashboard, AFAIK, which you can leave disabled if IPs are fine there.įor private reverse DNS you enter the IP of your DHCP server (router), yes. The first checkbox below that is to resolve local PTR requests from clients via the configured local resolver (router), instead of sending them upstream, which definitly makes sense. If you use Unbound, you don’t need AGH to do DNSSEC as Unbound is doing it already.įor private reverse DNS you enter the IP of your DHCP server (router), yes. Cloudflare doesn’t support it/doesn’t forward that info: EDNS Client Subnet - Wikipedia And it can be seen as privacy issue, which is why e.g. But of course this only works if the final hostname/resource is served via some CDN and if the upstream resolver and authoritative DNS server support ECS. This can be used by DNS servers to resolve names to CDN IPs which are geographically near the client to speed up it’s (final) requests.
However, the first checkbox is about EDNS Client Subnet (ECS), which adds parts of the client’s subnet to the DNS request. Would it be my router’s IP Address? Or some other text/string?Įnable Reverse Resolving of Clients’ IP AddressesĪlthough I am not sure what PTR requests are, I do recall reading something that suggested this won’t work since I am using Unbound, but I am interested in hearing opinions.Īs always, I appreciate anyone’s assistance and/or insight!ĮDNS is an extension of the 512 bytes DNS UDP packets to allow adding additional information. When I was using Pi-Hole, I was able to use the Conditional Forwarding setting to see the Client’s Hostname, but as I said, I never really figured out how to accomplish this with AdGuard Home. The reason that I have not set this up is due to the fact that there are many topics/forum posts/articles/blogs out there that have different opinions of what should be entered into the text box. I believe I read somewhere that this isn’t something that is required for a locally server DNS Server, but I am interested in hearing opinions (and what exactly that it does).Ĭorrect me if I am wrong, but shouldn’t this be enabled since I am using Unbound, which is a DNSSEC Resolver?Īs of writing this post, I only see my LAN Clients’ IP Address rather than their Hostname - however, I do not mind NOT seeing their Hostname. Enable Reverse Resolving of Clients’ IP Addresses (Second Image).Use Private Reverse DNS Resolvers (Second Image).Enable EDNS Client Subnet (First Image).I am currently running AdGuard Home and Unbound on a Raspberry Pi 4B and was wondering about a few DNS settings within the AdGuard Home web GUI.
0 kommentar(er)
