A custom developed DNS nameserver that creates dynamic delegated subdomains to enable clients to always query for never-seen-before resource records in order to support a general-purpose framework for testing DNS resolvers.

With the special crafted subdomains and the ability to send "wrong" DNS answers it is possible to analyze the functionality and hopefully tell what RFCs the clients DNS resolver infrastructure supports.

Using an API backend and JavaScript at the clients browser we can analyze every step of the DNS and provide full packet trace.


The following tests exist and can be performed unless they are temporarily disabled for any reason.


Check that DNS queries are sent with the DO header set and that both DS and DNSKEY are retrieved.

IPv6 Connectivity

Check that DNS can be sent over IPv6, this does not necessary mean that the client has IPv6.

QNAME Minimisation

Check that QNAME minimisation is used as described in RFC 7816.

TCP Connectivity

Check that DNS queries are resent over TCP if truncated.


The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together key operators, implementors, and researchers on a trusted platform so they can coordinate responses to attacks and other concerns, share information and learn together.

OARC, Inc. is a nonprofit corporation formed under the laws of the State of Delaware. The corporation was created June 30, 2008 (file number 4569769).

For more information please visit