Skip to content

Instantly share code, notes, and snippets.

@fartbagxp

fartbagxp/dig-edns.md

Created October 6, 2019 07:32
Show Gist options
  • Star 9 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save fartbagxp/0566c4e8431a8dd32c8cdddcd01f2886 to your computer and use it in GitHub Desktop.
Save fartbagxp/0566c4e8431a8dd32c8cdddcd01f2886 to your computer and use it in GitHub Desktop.
Download ZIP
Testing eDNS with dig
Raw
dig-edns.md

Articles about eDNS

NolaCon 2017 GBC04 EDNS Client Subnet ECS DNS CDN Magic or Secur Jim Nitterauer

archive.is not resolving under 1.1.1.1 Cloudflare DNS resolver

Commands to try

Resolving Google using two different IP address will provide two different results.

  • dig +short @8.8.8.8 google.com +subnet=120.5.5.6

  • dig +short @8.8.8.8 google.com +subnet=121.5.5.5

Use the following to see what subnet eDNS is passing as a result (generally a /24)

  • dig +nocmd @dns.google. -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +stats

  • dig +nocmd @resolver1.opendns.com -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +stats

  • dig +nocmd @one.one.one.one -t txt o-o.myaddr.l.google.com +nocomments +noall +answer +stats

@callowaysutton
Copy link

Thanks for posting this, just spent like 30 minutes setting up my own nameserver to test this when I could've used these commands lol

@DavisNT
Copy link

DavisNT commented Aug 4, 2023

On Windows use the following to see what subnet eDNS is passing as a result:

  • nslookup -type=TXT o-o.myaddr.l.google.com. dns.google
  • nslookup -type=TXT o-o.myaddr.l.google.com. resolver1.opendns.com
  • nslookup -type=TXT o-o.myaddr.l.google.com. one.one.one.one

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment