Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following servers are configured to support TLS on port 1021 and STARTTLS on port 53 for testing purposes.

Open resolver

    The authoritative servers for getdnsapi.net are running a patched version of NSD:
  • IP address: 185.49.141.37 and 2a04:b900:0:100::37
  • The server key file is available for download here: 185.49.141.37-nsd.key
  • Hosted by the getdns API implementation project at getdnsapi.net (running a patched version of UnboundUnbound 1.5.6):

    • IP address: 185.49.141.38 and 2a04:b900:0:100::38

Authoritative getdnsapi.net servers [currently offline]

    • (Note this server does not support UDP)

Authoritative test server hosted by Verisign Labs:

  • Verisign Labs are kindly hosting a test zone on a server (running a patched version of NSD):
    • The zone is named starttls.verisignlabs.com and it has A, AAAA, and TXT records for names from 'L001' to 'L100'. 

    • The IP address of the server is currently 173.255.254.151

    • Server key file is available to download here: nsd.key

    • The zone is signed

    • This server also supports TCP fast open

Authoritative getdnsapi.net servers [currently offline]

  • The authoritative servers for getdnsapi.net are running a patched version of NSD:
  • IP address: 185.49.141.37 and 2a04:b900:0:100::37
  • The server key file is available for download here: 185.49.141.37-nsd.key
Server typeHosted byIP addressesServer keyHostname for TLS authentication
Open Resolvergetdnsapi.net

185.49.141.38

2a04:b900:0:100::38

 getdnsapi.net
Authoritativegetdnsapi.net

185.49.141.37

2a04:b900:0:100::37

185.49.141.37-nsd.key 
AuthoritativeVerisign Labs173.255.254.151nsd.keystarttls.verisignlabs.com

 

...

How to Decode TLS packets in Wireshark

...