Testing DNS Resolvers

2013-05-16 20:01

Checking the IP address of the DNS resolver in use:

These servers will reflect the IP address of the host querying them.

dig whoami.akamai.net +short 149.20.64.20 dig whoami.ultradns.net +short 149.20.64.20 dig resolver.dnscrypt.org +short 149.20.64.20

Checking if your own local DNS resolver is open:

This one is pretty much self-explanatory.

dig amiopen.openresolvers.org TXT +short "Your resolver at 175.45.176.1 is CLOSED"

Checking your resolver's source port behavior:

A test server allowing to check resolver's source port randomization, and grading them (either POOR, GOOD, or GREAT randomness). More information here.

dig porttest.dns-oarc.net TXT +short porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "149.20.64.20 is GREAT: 71 queries in 37.0 seconds from 71 ports with std dev 19761"

DNS Reply Size Test Server:

A test server allowing to identify resolvers that cannot receive large DNS replies. More information here.