edns-client-subnet-icon-white.png

EDNS-CLIENT-SUBNET

NS1’s native ECS support enhances your Filter Chain to give you unparalleled routing precision


EDNS-CLIENT-SUBNET (ECS), sometimes referred to as EDNS0 Client-Subnet or ECS for short, is a DNS extension proposed in 2011 by a group of DNS and CDN operators. ECS-enabled DNS resolvers, when sending DNS queries to authoritative DNS servers like NS1’s, may send along a portion of the IP address of the end user. Most commonly, they send along the first three octets of a (four-octet) IPv4 address, telling us, for example, that the request was initiated by a user with an IP address like 1.2.3.x.

This kind of information is useful because we can leverage it to make better routing decisions. For example, you may have a record with a Filter Chain including NS1’s GEOTARGET_COUNTRY filter. Without ECS data, DNS platforms perform geotargeting by looking at the geolocation of the IP from which the the query was received – usually, the user’s resolver – which may be different from the geolocation of the actual end user. The theory is that most of the time, users are nearby their resolvers, and in general, this is true.

Two things are quickly rendering this assumption incorrect though, and the pervasiveness of distributed mobile devices coupled with the success of large public resolver networks like Google Public DNS and OpenDNS means that today, many users query via a DNS resolver that can be extremely distant from them, geographically and topologically. If those public resolver networks send along ECS data, however, NS1 can use that data to determine the network and geolocation data not of the resolver but of the actual requester. This technology is one of the many ways NS1 dramatically improves the accuracy with which you can route users of public resolvers.