[dns-operations] CLI Tool for DoH
Jeroen Massar
jeroen at massar.ch
Tue Sep 29 09:37:29 UTC 2020
> On 20200929, at 10:47, Petr Špaček <petr.spacek at nic.cz> wrote:
>
> On 29. 09. 20 3:30, cjc+dns-oarc at pumpky.net wrote:
>> Looking for a command line tool to do testing of DoH. Something like
>> dig or drill with DoH support. I suspect there's a Python tool or
>> the like out there somewhere, but my google-fu is failing.
>>
>> Don't want to re-invent the wheel if I don't have to.
>
> Knot DNS 3.0 has DoH support in kdig:
>
> Examples for various DoH server implementations:
> $ kdig @1.1.1.1 +https example.com.
> $ kdig @193.17.47.1 +https=/doh example.com.
> $ kdig @8.8.4.4 +https +https-get example.com.
>
> Version 3.0 was released couple weeks ago and might not be in Linux distributions yet. Packages for common distributions and also source code is available from https://www.knot-dns.cz/download/
Thanks Petr for adding that, very useful tool!
I was already using it for testing DoT, thus having DoH support in the same style/binary is very useful.
(kdig -d @<server> +tls-ca +tls-host=<tlsname> <domain>)
Otherwise, for DoH, for platforms where one has Python (gotta use what one has)
with (Debian: python3-dnspython python3-pycurl) one can also test quickly with Stéphane Bortzmeyer's script:
https://www.bortzmeyer.org/files/test-doh.py
Greets,
Jeroen
More information about the dns-operations
mailing list