A custom developed DNS nameserver that creates dynamic delegated subdomains to enable clients to always query for never-seen-before resource records in order to support a general-purpose framework for testing DNS resolvers.
With the special crafted subdomains and the ability to send "wrong" DNS answers it is possible to analyze the functionality and hopefully tell what RFCs the clients DNS resolver infrastructure supports.
The following tests exist and can be performed unless they are temporarily disabled for any reason.
Check that DNS queries are sent with the DO header set and that both DS and DNSKEY are retrieved.
Check that DNS can be sent over IPv6, this does not necessary mean that the client has IPv6.
Check that QNAME minimisation is used as described in RFC 7816.
Check that DNS queries are resent over TCP if truncated.
The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together key operators, implementors, and researchers on a trusted platform so they can coordinate responses to attacks and other concerns, share information and learn together.
OARC, Inc. is a nonprofit corporation formed under the laws of the State of Delaware. The corporation was created June 30, 2008 (file number 4569769).
For more information please visit https://www.dns-oarc.net.