This is a combined DNS+HTTP server that shows which DNS server a computer is using.
- You make a request to a hostname with a unique prefix.
- All hostnames resolve to the same IP, but the DNS server records which IP address the query came from.
- The webserver looks for this record and returns it.
My server is running at which.nameserve.rs.
Be forewarned: it is running on the cheapest box I could find with a static IP. You can hit it for light, non-commercial use. I specifically made the API be JSONP only (i.e. you need to provide a callback parameter), so if you abuse it, bad things will happen to your clients!
Make an HTTPS request to GUID.which.nameserve.rs/api.json?callback=myfunction. The GUID should be a unique string (not necessarily an actual GUID), different for every call. It will call myfunction with an object that has the following fields:
success- boolean if it succeeded or notoutput- the result (if it succeeded)message- the error message (if it failed)source- the source IP address (useful for detecting self-hosted DNS)
You can see it in action on the home page of resolve.rs.
You need a static IP address to run this server.
Then you need to decide on two host names:
hostnameis the name of the subdomain that this server will own (for example:which.example.com)nshostnameis the name of the authoritative name server for the subdomain (for example:which-dns.example.com)
They will both be served by the same server and at the same IP address.
The following DNS records need to be added to the main domain (for the above examples this would be example.com):
- A for the
nshostnamepointing to the static IP - NS for the
hostnamepointing to thenshostname
The program needs access to the following ports:
- 53: for DNS
- 80: for HTTP
- 443: for HTTPS
The following parameters are required:
- email: the email address for your account with Let's Encrypt (and the SOA record)
- hostname: the
hostnamethat you picked - ipaddress: the public IP address of the server
- nshostname: the
nshostnamethat you picked
Optional parameters:
- disclaimer: text to include in every response (for example: "no commercial use")
- proxy: true if behind a trusted proxy (uses
X-Forwarded-Forheader)
GNU Affero General Public License v3.0
I wasn't the first person to come up with this idea. Here are some other public sites that do the same thing:
- DNS-OARC's Check My DNS - comprehensive: see the popup under "Network".
- dnsleaktest
- whatsmydnsserver
- ipleak.net - a bit of information overload though.
- benchmark from GRC - fat-client tool to benchmark which DNS servers are fastest from your workstation.
- dnsadblock
- akahelp.net - name server that you can use with
dig