search

DNSCrypt / dnscrypt-resolvers

Lists of public DNSCrypt / DoH DNS servers and DNS relays
https://dnscrypt.info
1.2k stars 260 forks source link

Add NIC.CZ #901

Closed demarcush closed 4 months ago

jedisct1 commented 4 months ago

Did you test it?

It used to be there, but was removed in 2022 due to broken responses.

demarcush commented 4 months ago 
$ export VERBOSE=1 DNSSEC=1
$ ./dnslookup go.dnscheck.tools "sdns://AgcAAAAAAAAADDE4NS40My4xMzUuMaDMEGDTnIMptitvvH0NbfkwmGm5gefmOS1c2PpAj02A5iBETr1nu4P4gHs5Iek4rJF4uIK9UKrbESMfBEz18I33zgtvZHZyLm5pYy5jegovZG5zLXF1ZXJ5"
dnslookup dev
2024/05/12 13:07:05 10600#1 [debug] creating a new http client
2024/05/12 13:07:05 10600#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:07:05 10600#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A go.dnscheck.tools.
2024/05/12 13:07:05 10600#7 [debug] bootstrap: dialing 185.43.135.1:443 (1/1)
2024/05/12 13:07:05 10600#7 [debug] bootstrap: connection to 185.43.135.1:443 succeeded in 13.63462ms
2024/05/12 13:07:05 10600#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAADDE4NS40My4xMzUuMaDMEGDTnIMptitvvH0NbfkwmGm5gefmOS1c2PpAj02A5iBETr1nu4P4gHs5Iek4rJF4uIK9UKrbESMfBEz18I33zgtvZHZyLm5pYy5jegovZG5zLXF1ZXJ5

dnslookup result (elapsed 142.053063ms):
;; opcode: QUERY, status: NOERROR, id: 60363
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;go.dnscheck.tools.     IN       A

;; ANSWER SECTION:
go.dnscheck.tools.      5       IN      A       116.203.95.251

$ ./dnslookup badsig.go.dnscheck.tools "sdns://AgcAAAAAAAAADDE4NS40My4xMzUuMaDMEGDTnIMptitvvH0NbfkwmGm5gefmOS1c2PpAj02A5iBETr1nu4P4gHs5Iek4rJF4uIK9UKrbESMfBEz18I33zgtvZHZyLm5pYy5jegovZG5zLXF1ZXJ5"
dnslookup dev
2024/05/12 13:07:46 10607#1 [debug] creating a new http client
2024/05/12 13:07:46 10607#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:07:46 10607#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A badsig.go.dnscheck.tools.
2024/05/12 13:07:46 10607#7 [debug] bootstrap: dialing 185.43.135.1:443 (1/1)
2024/05/12 13:07:46 10607#7 [debug] bootstrap: connection to 185.43.135.1:443 succeeded in 13.419218ms
2024/05/12 13:07:46 10607#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAADDE4NS40My4xMzUuMaDMEGDTnIMptitvvH0NbfkwmGm5gefmOS1c2PpAj02A5iBETr1nu4P4gHs5Iek4rJF4uIK9UKrbESMfBEz18I33zgtvZHZyLm5pYy5jegovZG5zLXF1ZXJ5

dnslookup result (elapsed 135.881988ms):
;; opcode: QUERY, status: SERVFAIL, id: 23017
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;badsig.go.dnscheck.tools.      IN       A

$ ./dnslookup go.dnscheck.tools "sdns://AgcAAAAAAAAACzE5My4xNy40Ny4xoMwQYNOcgym2K2-8fQ1t-TCYabmB5-Y5LVzY-kCPTYDmIEROvWe7g_iAezkh6TiskXi4gr1QqtsRIx8ETPXwjffOC29kdnIubmljLmN6Ci9kbnMtcXVlcnk"
dnslookup dev
2024/05/12 13:08:33 10611#1 [debug] creating a new http client
2024/05/12 13:08:33 10611#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:08:33 10611#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A go.dnscheck.tools.
2024/05/12 13:08:33 10611#7 [debug] bootstrap: dialing 193.17.47.1:443 (1/1)
2024/05/12 13:08:33 10611#7 [debug] bootstrap: connection to 193.17.47.1:443 succeeded in 14.307407ms
2024/05/12 13:08:34 10611#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAACzE5My4xNy40Ny4xoMwQYNOcgym2K2-8fQ1t-TCYabmB5-Y5LVzY-kCPTYDmIEROvWe7g_iAezkh6TiskXi4gr1QqtsRIx8ETPXwjffOC29kdnIubmljLmN6Ci9kbnMtcXVlcnk

dnslookup result (elapsed 145.68221ms):
;; opcode: QUERY, status: NOERROR, id: 41280
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;go.dnscheck.tools.     IN       A

;; ANSWER SECTION:
go.dnscheck.tools.      5       IN      A       116.203.95.251

$ ./dnslookup badsig.go.dnscheck.tools "sdns://AgcAAAAAAAAACzE5My4xNy40Ny4xoMwQYNOcgym2K2-8fQ1t-TCYabmB5-Y5LVzY-kCPTYDmIEROvWe7g_iAezkh6TiskXi4gr1QqtsRIx8ETPXwjffOC29kdnIubmljLmN6Ci9kbnMtcXVlcnk"
dnslookup dev
2024/05/12 13:08:50 10616#1 [debug] creating a new http client
2024/05/12 13:08:50 10616#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:08:50 10616#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A badsig.go.dnscheck.tools.
2024/05/12 13:08:50 10616#7 [debug] bootstrap: dialing 193.17.47.1:443 (1/1)
2024/05/12 13:08:50 10616#7 [debug] bootstrap: connection to 193.17.47.1:443 succeeded in 13.784778ms
2024/05/12 13:08:51 10616#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAACzE5My4xNy40Ny4xoMwQYNOcgym2K2-8fQ1t-TCYabmB5-Y5LVzY-kCPTYDmIEROvWe7g_iAezkh6TiskXi4gr1QqtsRIx8ETPXwjffOC29kdnIubmljLmN6Ci9kbnMtcXVlcnk

dnslookup result (elapsed 157.376515ms):
;; opcode: QUERY, status: SERVFAIL, id: 17029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;badsig.go.dnscheck.tools.      IN       A
demarcush commented 4 months ago

And IPv6:

$ ./dnslookup go.dnscheck.tools "sdns://AgcAAAAAAAAAE1syMDAxOjE0OGY6ZmZmZTo6MV2gzBBg05yDKbYrb7x9DW35MJhpuYHn5jktXNj6QI9NgOYgRE69Z7uD-IB7OSHpOKyReLiCvVCq2xEjHwRM9fCN984Lb2R2ci5uaWMuY3oKL2Rucy1xdWVyeQ"
dnslookup dev
2024/05/12 13:18:20 10720#1 [debug] creating a new http client
2024/05/12 13:18:20 10720#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:18:20 10720#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A go.dnscheck.tools.
2024/05/12 13:18:20 10720#7 [debug] bootstrap: dialing [2001:148f:fffe::1]:443 (1/1)
2024/05/12 13:18:20 10720#7 [debug] bootstrap: connection to [2001:148f:fffe::1]:443 succeeded in 18.503496ms
2024/05/12 13:18:20 10720#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAAE1syMDAxOjE0OGY6ZmZmZTo6MV2gzBBg05yDKbYrb7x9DW35MJhpuYHn5jktXNj6QI9NgOYgRE69Z7uD-IB7OSHpOKyReLiCvVCq2xEjHwRM9fCN984Lb2R2ci5uaWMuY3oKL2Rucy1xdWVyeQ

dnslookup result (elapsed 140.712611ms):
;; opcode: QUERY, status: NOERROR, id: 50674
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;go.dnscheck.tools.     IN       A

;; ANSWER SECTION:
go.dnscheck.tools.      5       IN      A       116.203.95.251

$ ./dnslookup go.dnscheck.tools "sdns://AgcAAAAAAAAAE1syMDAxOjE0OGY6ZmZmZjo6MV2gzBBg05yDKbYrb7x9DW35MJhpuYHn5jktXNj6QI9NgOYgRE69Z7uD-IB7OSHpOKyReLiCvVCq2xEjHwRM9fCN984Lb2R2ci5uaWMuY3oKL2Rucy1xdWVyeQ"
dnslookup dev
2024/05/12 13:18:44 10737#1 [debug] creating a new http client
2024/05/12 13:18:44 10737#1 [debug] using HTTP/2 for this upstream: HTTP3 support is not enabled
2024/05/12 13:18:44 10737#1 [debug] https://odvr.nic.cz:443/dns-query: sending request over tcp: A go.dnscheck.tools.
2024/05/12 13:18:44 10737#7 [debug] bootstrap: dialing [2001:148f:ffff::1]:443 (1/1)
2024/05/12 13:18:44 10737#7 [debug] bootstrap: connection to [2001:148f:ffff::1]:443 succeeded in 19.081777ms
2024/05/12 13:18:44 10737#1 [debug] https://odvr.nic.cz:443/dns-query: response received over tcp: ok
Server: sdns://AgcAAAAAAAAAE1syMDAxOjE0OGY6ZmZmZjo6MV2gzBBg05yDKbYrb7x9DW35MJhpuYHn5jktXNj6QI9NgOYgRE69Z7uD-IB7OSHpOKyReLiCvVCq2xEjHwRM9fCN984Lb2R2ci5uaWMuY3oKL2Rucy1xdWVyeQ

dnslookup result (elapsed 127.316716ms):
;; opcode: QUERY, status: NOERROR, id: 45183
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;go.dnscheck.tools.     IN       A

;; ANSWER SECTION:
go.dnscheck.tools.      5       IN      A       116.203.95.251
demarcush commented 4 months ago

Removed the obsolete hash and tested all 4 of them with dnscrypt-proxy itself, looking good.

jedisct1 commented 4 months ago

Thank you!

But shouldn't the name be nic.cz rather than cz.nic?

demarcush commented 4 months ago

Tried to use the old naming (that you mentioned in the git log), otherwise I think basing it upon their domain is a good thing.