Open c2xusnpq6 opened 3 years ago
Especially new tests for DoH, DoQ and DoH3
NextDNS DoQ:
quic://firefox.dns.nextdns.io:8853
NextDNS QoH:
https://firefox.dns.nextdns.io/
https://adguard.com/en/adguard-dns/overview.html
Adguard DoQ: (port=853?)
quic://dns.adguard.com
Adguard DoH:
https://dns.adguard.com/dns-query
Cloudflare also supports two request modes (GET
& POST
), allowing for more detailed DNS interference testing
https://developers.cloudflare.com/1.1.1.1/dns-over-https/wireformat
Itβs better to also add those DNS service providers in China
like... alibaba dns, tencent dns, rubyfish dns (chinese version nextdns), baidu dns......
Alibaba: https://www.alidns.com/ Tencent (dnspod): https://docs.dnspod.cn/ Tencent (dnspod for non-chinese user): https://www.dnspod.com/ Baidu: https://dudns.baidu.com/ rubyfish: https://www.rubyfish.cn/ 360: https://dns.360.cn/dnsPublic.html
One more thing... Cloudflare China Network ---> JD Cloud / Baidu Cloud https://www.google.com/search?q=site%3Acloudflare.com+OR+site%3A1.1.1.1+china+OR+chinese+OR+jd+OR+baidu
Thanks for the feedback! We have an experimental test which investigates specifically the blocking of DoH, DoT and DoH3 servers. It's called dnscheck: https://github.com/ooni/spec/blob/master/nettests/ts-028-dnscheck.md.
We are still sorting out the last details about how we are going to actually deploy it in production, but you input on other DNS providers to look into is super helpful.
It would be better if the user can test the dns server he wants to test.
Yes, I very much agree with you. I think we need to do two things: make Web Connectivity more capable of doing automatic things for automated runs and adding more support of running custom scans of DNS, HTTP, etc.
They may not be able to resolve the domain ip
Connect directly by IP:
US https://1.1.1.1/dns-query
US https://8.8.8.8/resolve
US https://8.8.8.8/dns-query
TW https://101.101.101.101/dns-query
my friends from mainland China told me that some network operators, communities, and local governments will block 1.1.1.1
and 8.8.8.8
try the backup server, 1.0.0.1
, 8.8.4.4
or something like that
I heard from people in mainland China that alidns
will return blank or wrong ip value to user, such as google search and youtube related domain names
I can't confirm this, I tried it for a while and it worked... So it may be treated separately according to the request source ip
Can you add a
dns interference level test
?Because in China, DNS pollution is very serious. It is not necessarily done by the government. The network operator on their side is also very complicated. The network operator will mess with the customer's connection.
(google translated...π )