forget about nslookup. deprecated in my mind. use dig like so: for DoT: $dig @1.1.1.1 -tA +dnssec +tls www.google.com for Doh: dig @1.1.1.1 -ta +https +dnssec www.google.com
Make sure you have a more recent version of dig to supports this. If you need programmatic DNSSEC access use a library like libdns, ldns, or getdns. Cheers, David On Wed, May 22, 2024 at 7:47 AM Robert Wagner <rwag...@tesla.net> wrote: > Sorry if this has already been hashed through, but I cannot find anything > in the archive. Is there any chance someone can make dig and nslookup > DNSSEC aware and force it to use DoT or DoH ports - TCP 443 or 853 only? > > RW > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
