Confirm 1.1.1.1 / DoT is being used, using CURL

I use 1.1.1.1 with DNS over TLS, in various different setups, configured directly in the routers themselves (all running ASUS-Merlin)

I know I can use a Browser from desktop clients that are connected to a given router, and then access the help page: http://1.1.1.1/help

… that will tell whether DoT is in use, this works fine.

However, in some setups, I only have (headless) servers as hosts, that are not running any desktop environment, hence I can’t run a browser to check if the DNS setup is using DoT. I can issue “curl” commands from those hosts though.

Is there any curl-friendly cloudflare Test / Help URL that I can use to quickly check whether the hosts name resolution requests are being properly routed to cloudflare via DoT? Like a json API endpoint that would give the same output that 1.1.1.1/help produces? Currently, pointing curl to 1.1.1.1/help directly (allowing curl to follow redirection) prints the page HTML but without the test results, so it’s not useful

This would make me think you’re using your router for DNS lookups and the headless servers would query the router.

In that case, just a ‘dig example.com’ should return a result that shows which DNS server you’re querying. I’d expect it’d be your router, which should pass along the request over TLS.

Hi @ari.reads, it is possible in theory, if you take a look at the requests the help page sends :wink: