eDNS0 and ECS are already supported, but the client subnet information is only used for CDN routing optimization. When a gateway/firewall (e.g. OPNsense with Unbound) forwards DNS queries with ECS headers containing the originating LAN client IP, that IP should be logged and displayed in the dashboard query log — not just used for CDN decisions.

This would allow firewall-only deployments (without Relay or Roaming Clients) to have per-device visibility in the analytics, which is currently impossible since all queries appear to originate from the gateway IP.

Why this is a strong request: