Comment by dbmnt
No, I don't think they are proxying traffic. They are giving the website operators a spoofed EDNS Client Subnet which tricks them into thinking the traffic is coming from a different geolocation.
No, I don't think they are proxying traffic. They are giving the website operators a spoofed EDNS Client Subnet which tricks them into thinking the traffic is coming from a different geolocation.
ECS is popular with third party DNS providers with open resolvers, like Google, but not all software that sends DNS queries sends large DNS packets with EDNS extensions and some www users avoid open resolvers
One of the things that I noticed about NextDNS when they announced their service on HN is that like the other public caches, they too sent ECS, but they claimed they could "anonymise" it