forwarding policy should be able to specify EDNS0 Client Subnet

The EDNS0 Client Subnet extension describes a way that a "stub resolver" can specify its preferred limit of how much the resolver should reveal to the authoritative about the client's IP address.

A user may have a configured resolver that they trust enough to forward to, but not want the resolver to leak their IP address to the authoritative servers it looks up. If such a user is running kresd as a local caching stub with a forwarding policy, they might want to configure something like:

policy.FORWARD({'192.0.2.15', ecs_prefix_len=0})

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

forwarding policy should be able to specify EDNS0 Client Subnet