EDNS Client Subnet (ECS) support for per-client IP logging at the gateway level
M
Matis Stocco
eDNS0 and ECS are already supported, but the client subnet information is only used for CDN routing optimization. When a gateway/firewall (e.g. OPNsense with Unbound) forwards DNS queries with ECS headers containing the originating LAN client IP, that IP should be logged and displayed in the dashboard query log — not just used for CDN decisions.
This would allow firewall-only deployments (without Relay or Roaming Clients) to have per-device visibility in the analytics, which is currently impossible since all queries appear to originate from the gateway IP.
Why this is a strong request:
- ECS is already an open standard (RFC 7871) — You already use it for CDN optimization.
- It doesn't require any agent or Relay deployment, easy to deploy for small clients.
- ControlD and NextDNS both have this.
Minetta Gould
Great breakdown of the use case, Matis Stocco — and you're right that we already receive ECS data, so this isn't starting from zero. There are actually two asks hiding in here, and we want to be transparent about how we're thinking about each:
Surfacing client subnet IPs in the Query Log
— this is something we're going to look into. Since we already receive the data, it's a matter of surfacing it in a useful way for admins. No timeline to share yet, but we'll update this post if that changes.Using ECS values to influence DNS resolution and routing
— this is a more complex lift with potential performance implications, so it's not something we're planning to pursue right now. That said, if votes and use cases continue to grow, it's something we'd revisit down the road.Keep the feedback coming—it genuinely helps us prioritize! 🙌
M
Matis Stocco
Minetta Gould the "Surfacing client subnet IPs in the Query Log" is the reason i opened the request since it's easy to add and add a lot of value in my opinion.
The "Routing based on ECS" is just a plus, for now the relay is the way to go.
Minetta Gould
Matis Stocco: Love it! We'll keep this post updated if we make any progress on the request 💖