bind
dnsmasq
unbound
systemd-resolve

Получить srv запись

nslookup:

nslookup -type=srv _ldap._tcp.dc._msdcs.domain.com

dig:

dig _ldap._tcp.dc._msdcs.domain.com SRV

Очистить кэш днс

• systemd-resolve
• ipconfig
• unbound

TTL DNS домена

Текущее значение:

dig +noall +answer domain.com

Установленное на NS значение:

DOMAIN=domain.com; dig +noall +answer $DOMAIN @$(dig NS $DOMAIN +short|head -n1)

Узнать SPKI pin в base64 для TLS аутентификации:

echo | openssl s_client -connect '1.1.1.1:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64

https://kb.isc.org/article/AA-01386/0 - DNS over TLS (BIND9 Knowledge Articles )
Cloudflare Introduces 1.1.1.1 Privacy-focused DNS Service with DNS over HTTPS and DNS over TLS Support
https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients - DNS Privacy Project
https://www.ctrl.blog/entry/knot-dns-resolver-tutorial - How to get faster and more secure DNS resolution with Knot Resolver
https://pavelurusov.com/dns-over-tls-in-macos/ - Как настроить DNS over TLS на macOS (Stubby)
http://www.gabriel.urdhr.fr/2015/02/14/recursive-dns-over-tls-over-tcp-443/ - Recursive DNS over TLS over TCP 443 (Unbound)

https://www.whatsmydns.net/ - Тест записей на сторонних днс

Запрос по tcp порту:

dig +tcp @127.0.0.1 -p1053 ya.ru

Запрос DoH и DoT:

dig @77.88.8.8 ya.ru +https
dig @77.88.8.8 ya.ru +tls

https://superuser.com/questions/1532975/how-to-query-for-dns-over-https-dns-over-tls-using-command-line

Время ответа сервера:

dig @1.0.0.1 ya.ru | grep -e DiG -e Query