[Dnsmasq-discuss] TCP queries are refused if upstream server is specified with interface
Normen Kowalewski
nbkowalewski at gmx.net
Fri Sep 13 17:28:51 BST 2019
HI There
FWIW, please allow me to share a pointer to the Open Source MacOSX/Windows tool DOX [1] that allows to to send queries via Classic DNS, DoT and DoH.
To check for encrypted DNS in form of DNS-over-TLS from a command line, you might want to use kdig from the knot-dnsutils package [2], it defaults to port 853 in case of +tls being set.
kdig can of course also check for Classic DNS.
kdig a example.com +tls @1.1.1.1
I trust that you are likely aware of the classic dig.
BR, Normen
[1] https://github.com/wttw/dox/releases/tag/v0.1.4 <https://github.com/wttw/dox/releases/tag/v0.1.4>
[2] https://pkgs.org/download/knot-dnsutils <https://pkgs.org/download/knot-dnsutils>
> On 13. Sep 2019, at 15:45, B. Cook <bcook at poughkeepsieschools.org> wrote:
>
> I can't find the actual documentation at the moment..
>
> iirc dnsmasq port designation is # not @
>
> and I think it needs a port, not an interface..
>
> server=1.1.1.1#53
>
> but Cloudflare doesn't do unencrypted DNS..
>
> quad9 does..
>
> server=9.9.9.9#53
>
> Not sure if the @ is something new..
>
> --
>
> This message may contain confidential information and is intended only for
> the individual(s) named. If you are not an intended recipient you are not
> authorized to disseminate, distribute or copy this e-mail. Please notify
> the sender immediately if you have received this e-mail by mistake and
> delete this e-mail from your system.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20190913/7e7ebd0d/attachment-0001.html>
More information about the Dnsmasq-discuss
mailing list