doh

🍩 DNS over HTTPs command-line client

Using cloudflare, google, and quad9 the doh command-line utility can concurrently lookup all three sources for one or more given domain(s). You can even specify your own custom source to use.

Note

Since doh outputs everything as JSON, it pairs really well with tools like jq to parse relevant parts of the output for your purposes.

Install

To get started, you will need go installed and properly configured.

$ go install -v github.com/picatz/doh@latest

Help Menus

The --help command-line flag can show you the top-level help menu.

$ doh --help
Usage:
  doh [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  query       Query domains for DNS records in JSON

Flags:
  -h, --help   help for doh

Use "doh [command] --help" for more information about a command.

To get more information for the query command:

$ doh query --help
Query DNS records from DoH servers using the given domains and record type.

Users can specify which servers to use for the query, or use the default servers from Google, Cloudflare, and Quad9.
They can also specify a timeout for the query, which defaults to 30 seconds if not specified. Each server is queried
in parallel, and each domain is queried in parallel. Results are streamed to STDOUT as JSON newline delimited objects,
which can be piped to other commands (e.g. jq) or redirected to a file.

Usage:
  doh query domains... [flags]

Flags:
  -h, --help                      help for query
      --resolver-addr string      address of a DNS resolver to use for resolving DoH server names (e.g. 8.8.8.8:53)
      --resolver-network string   protocol to use for resolving DoH server names (e.g. udp, tcp) (default "udp")
      --servers strings           servers to query (default [https://dns.google/dns-query,https://cloudflare-dns.com/dns-query,https://dns.quad9.net:5053/dns-query])
      --timeout duration          timeout for query, 0s for no timeout (default 30s)
      --type string               dns record type to query for each domain, such as A, AAAA, MX, etc. (default "A")

Example Usage

Let's say we're curious about google.com's IPv4 address. We can use doh to query three different sources (Google, Cloudflare, and Quad9) for the DNS A record type:

$ doh query google.com
{"server":"https://dns.google.com/resolve","resp":{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"google.com.","type":1}],"Answer":[{"name":"google.com.","type":1,"TTL":283,"data":"172.217.2.46"}]}}
{"server":"https://cloudflare-dns.com/dns-query","resp":{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"google.com","type":1}],"Answer":[{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.101"},{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.138"},{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.113"},{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.102"},{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.100"},{"name":"google.com","type":1,"TTL":129,"data":"142.251.178.139"}]}}
{"server":"https://dns.quad9.net:5053/dns-query","resp":{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"google.com.","type":1}],"Answer":[{"name":"google.com.","type":1,"TTL":34,"data":"142.250.191.142"}]}}

To get just all of the IPs from all of those sources, we could do the following:

$ doh query google.com | jq -r '.resp.Answer[0].data'
172.217.2.46
142.251.178.113
142.250.191.142

We can also query multiple domains at once:

$ doh query bing.com google.com | jq -r '(.resp.Answer[0].name|rtrimstr(".")) + "\t" + .resp.Answer[0].data' | sort -n
bing.com        13.107.21.200
bing.com        204.79.197.200
bing.com        204.79.197.200
google.com      142.250.191.142
google.com      142.251.178.102
google.com      172.217.0.174

To get IPv6 records, we'll need to specify the --type flag, like so:

$ doh query google.com --type AAAA
...

To get MX records:

$ doh query google.com --type MX
...

To get ANY records (which is only implemented by Google at the moment):

$ doh query google.com --type ANY --servers=https://dns.google.com/resolve
...

Tip

To use a custom DNS over HTTPs source, specify the URL with the --servers flag.

add CircleCI tests

It'd be nice to catch when/if any of the implemented sources have a random change or is acting flakey. Probably should add something like CircleCI.

For example, the quad9 source seems to be erring out from a TLS handshake timeout which can be seen when using --verbose:

error: Get https://dns.quad9.net/dns-query?name=google.com&type=A: net/http: TLS handshake timeout

After looking at their documentation and using the example link, this url seems to actually work:

https://dns.quad9.net:5053/dns-query?name=google.com&type=A

Removing the :5053 port part I see the following plaintext error on the web page:

Unable to find the DNS parameter

I don't really know when this change occurred, but it would've been nice to catch earlier. 🤷‍♂

Note: I plan on fixing the quad9 source so it doesn't error anymore.

picatz / doh Goto Github PK

doh's Introduction

doh

Install

Help Menus

Example Usage

doh's People

Contributors

Stargazers

Watchers

Forkers

doh's Issues

feature request

Wishlist: specify custom source

Add CIRA Support

add CircleCI tests

Incompatible with many DoH providers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent