2

Is Anonymized EDNS Client Subnet Broken?

Testing my network today I notice that NextDNS' Anon-EDNS is no longer Anon.

I use https://www.dnscheck.tools/ to test DNS for dnsleaks, etc. Where before it never showed anything about EDNS today it yielded EDNS info.

The test result page now shows:

"Your DNS resolvers provide partial client IP address information (ECS):" followed by ISP, subnet, etc.

If I go to NextDNS settings and turn off Anon-EDNS, then DNS test at dnscheck.tools no longer shows anything about EDNS.

If anybody else experiencing this issue? Please test and see if you too are experiencing this the same issue and report back. Thanks.

1 reply

null
    • NextDNs
    • 1 mth ago
    • Reported - view

    When EDNS is enabled, we send a client IP that reflects similar network preferences to yours. It is not your actual IP, and all clients with similar network preferences will be reported using the same IP. For more information, visit: https://help.nextdns.io/t/m1hmv04/what-is-edns-client-subnet-ecs

Content aside

  • 2 Likes
  • 1 mth agoLast active
  • 1Replies
  • 178Views
  • 3 Following