This page is integral part of the parent page '''[wiki:doc/DnsResolver DNS Resolver]''' ([wiki:doc/DnsResolver]), all examples & notes & documents here are related to that parent page and continuation of it.
```
This page is integral part of the parent page **[DNS Resolver](./doc/DnsResolver)** ([doc/DnsResolver](doc/DnsResolver)), all examples & notes & documents here are related to that parent page and continuation of it.
To understand this page, you must view parent page.
Make sure [wiki:doc/DnsResolver#DNS DNS] testing utility/tool software folder locations are included inside 'PATH' system variable/container, so that, testing utility software can be used under any directory inside the 'Command Prompt' like console windows.
```
# DNS Test or Diagnostic Tools
Make sure [DNS](./doc/DnsResolver#DNS) testing utility/tool software folder locations are included inside 'PATH' system variable/container, so that, testing utility software can be used under any directory inside the 'Command Prompt' like console windows.
Goto DNS test related tool, utility, font, software modification, etc section: [[#Console Command Prompt]], [[#ConEmu ConEmu]], [[#ping ping]], [[#NSLookup NSLookup]], [[#DiG DiG]], [[#DiG_with_Unicode_Support DiG (with Unicode support)]], [[#Wireshark Wireshark]], [[#Using_Unicode Using Unicode]], [[#Load_Unicode_Font Load Unicode Font]].
'''Note:''' The 'ping', 'nslookup', web-browser etc should work when using a Deadwood (from MaraDNS) dns server/resolver, but 'dig' tool may not work. All tools should work with 'Unbound', 'BIND' dns servers/resolvers.
**Note:** The 'ping', 'nslookup', web-browser etc should work when using a Deadwood (from MaraDNS) dns server/resolver, but 'dig' tool may not work. All tools should work with 'Unbound', 'BIND' dns servers/resolvers.
{{{
#!html
```
<a name="Console"></a>
}}}
== Command Prompt / Console / Shell / Terminal ==
```
## Command Prompt / Console / Shell / Terminal
Console or Terminal type of tool/utility software, like "Command Prompt", "Terminal", etc allows to run or to test or to diagnose various functions, devices, objects, connectivity, etc by typing commands manually using the keyborad. GUI (Graphical User Interface) software (which shows button(s), picture(s)/graphics and video(s)) often lacks various detail customization options that we need to do/use, so such need can be full-filled by using command-lines which can accept more customized options/choices that we prefer or like or want to do/use. In some area, GUI programs are more suitable, in some area Console programs are more suitable.
{{{
#!html
```
<a name="ping"></a>
}}}
== ping ==
By default, 'ping' exists in Windows. 'ping' is already in your PATH. In Windows "Command Prompt", type '''ping /?''' ⏎ to see how this tool can be used and what is the command syntax/format:[[BR]]
{{{
#!html
```
## ping
By default, 'ping' exists in Windows. 'ping' is already in your PATH. In Windows "Command Prompt", type **ping /?** ⏎ to see how this tool can be used and what is the command syntax/format:
-w timeout Timeout in milliseconds to wait for each reply.
</textarea></center><br />
}}}
```
{{{
#!html
```
<a name="NSLookup"></a>
}}}
== NSLookup ==
By default, 'nslookup' exists in Windows. 'nslookup' is already in your PATH. In "Command Prompt", type '''nslookup''' ⏎, then type '''help''' ⏎, to see how this tool can be used and what is the command syntax/format. And type '''exit''' ⏎ to get out of nslookup shell.[[BR]]
{{{
#!html
```
## NSLookup
By default, 'nslookup' exists in Windows. 'nslookup' is already in your PATH. In "Command Prompt", type **nslookup** ⏎, then type **help** ⏎, to see how this tool can be used and what is the command syntax/format. And type **exit** ⏎ to get out of nslookup shell.
@@ -164,16 +158,15 @@ ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
view FILE - sort an 'ls' output file and view it with pg
exit - exit the program
</textarea></center><br />
}}}
```
{{{
#!html
```
<a name="DiG"></a>
}}}
== DiG ==
Windows does not include 'dig' tool by default. Get dig from Internet or Disc, (and install if necessary), or copy 'dig' inside \WINDOWS\System32 folder, or include it's folder location in PATH. In "Command Prompt", type '''dig -h''' ⏎, to see how this tool can be used and what is the command syntax/format.[[BR]]
{{{
#!html
```
## DiG
Windows does not include 'dig' tool by default. Get dig from Internet or Disc, (and install if necessary), or copy 'dig' inside \WINDOWS\System32 folder, or include it's folder location in PATH. In "Command Prompt", type **dig -h** ⏎, to see how this tool can be used and what is the command syntax/format.
Get DiG and Add DiG in PATH: One of the simple way to get 'dig' (domain information groper) on Windows would be: goto BIND server developer ISC site (https://www.isc.org/), get BIND for Windows (filename may or may not be closer to 'BINDn.n.n-Pn.zip', where n is 0~9 digit, and match provided signature file (using GnuPG) if you have right zip file or not). Decompress it. Copy all files except the 'named.exe', (or, copy at least these files: 'dig.exe', 'dig.html', 'bindevt.dll', 'libdns.dll', 'libeay32.dll', 'libisc.dll', 'libisccfg.dll', 'liblwres.dll', 'libbind9.dll' into inside C:\dig folder, (change C: to your windows drive where you installed Windows). Add path C:\dig at the end of your system PATH environment variable, by adding ";C:\dig" at the end (without double quote symbols). Press and hold Windows Flag/Logo button on keyboard and then press '''R''' once, and let go both buttons. On 'Run' window, type: '''sysdm.cpl'''{{{⏎}}} and then goto 'Advanced' > 'Environment variables' > under the 'System variables' box, scroll down and find 'Path' and click on Path once > Edit > inside 'Variable value:' textbox go at the end (by pressing right arrow button or 'End' button) and then type: ''';C:\dig''' and then press on OK button > OK > OK. To see folder locations list inside PATH, in Command Promt, type: '''echo %PATH%'''
```
Get DiG and Add DiG in PATH: One of the simple way to get 'dig' (domain information groper) on Windows would be: goto BIND server developer ISC site (https://www.isc.org/), get BIND for Windows (filename may or may not be closer to 'BINDn.n.n-Pn.zip', where n is 0~9 digit, and match provided signature file (using GnuPG) if you have right zip file or not). Decompress it. Copy all files except the 'named.exe', (or, copy at least these files: 'dig.exe', 'dig.html', 'bindevt.dll', 'libdns.dll', 'libeay32.dll', 'libisc.dll', 'libisccfg.dll', 'liblwres.dll', 'libbind9.dll' into inside C:\dig folder, (change C: to your windows drive where you installed Windows). Add path C:\dig at the end of your system PATH environment variable, by adding ";C:\dig" at the end (without double quote symbols). Press and hold Windows Flag/Logo button on keyboard and then press **R** once, and let go both buttons. On 'Run' window, type: **sysdm.cpl**`⏎` and then goto 'Advanced' > 'Environment variables' > under the 'System variables' box, scroll down and find 'Path' and click on Path once > Edit > inside 'Variable value:' textbox go at the end (by pressing right arrow button or 'End' button) and then type: **;C:\dig** and then press on OK button > OK > OK. To see folder locations list inside PATH, in Command Promt, type: **echo %PATH%**
{{{
#!html
```
<a name="DiG_with_Unicode_Support"></a>
}}}
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. DiG with Unicode support: The 'dig.exe' tool/binary in the BIND package for Windows (from isc.org site), cannot use Unicode char (at the time of my test on Aug 25, 2012), you will must have to use Unicode character's equivalent Punycode form, to resolve domain-name to IP-address. More info: [https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains List of TLDs].[[BR]][[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Another way to get a 'dig' tool capable of resolving domain-names with Unicode char(s), is to install Cygwin (from [http://www.cygwin.com here]). Download their 'setup.exe' in "C:\Cygwin-Install" folder (or, download inside "%windir%\..\Cygwin-Install" folder, if that ('Cygwin-Install') folder does not exist, then create it, here '''%windir%''' variable indicating your actual location of 'Windows' folder, where 'system32' or 'system' sub-folder exist). (And also verify the 'setup.exe' file with their 'setup.exe.asc' file, using 'GnuPG' software. You must obtain .asc file at least 2 or 3 times and make sure you have changed and used a different Tor '''circuit''' each time, only use a Tor circuit which has 3 different middle nodes than what was shown last time (in 'Tor Network Map' window), and then compare if you have exact same file or not). Run the 'setup.exe' installer -> select 'Install from Internet' -> Root Directory: '''C:\cygwin''' -> All Users > choose 'C:\Cygwin-Install' as Local Package Directory -> Direct Connection -> choose one (http based) Download Site (that appears closer to your location) -> Next -> on 'Select Packages' Category stage, in category list find the "Net" Category, and click on [+] symbol on that line/row to expand it -> find the package line which shows '''bind: DNS utilities suite''' -> on that line, click once on the word 'skip' and it will change into 'Install' or change into the version # of BIND which is available at that moment -> Next -> Cygwin Intaller will show you popup window with other software or tools list, which are necessary for the 'bind' utility to work, as 'bind' depends on those -> Ok/Next -> when downloading & installation process finishes, then press on 'Finish' button. To use 'dig' from any folder location, add Cygwin's '''bin''' folder in PATH, (see next paragraph).[[BR]][[BR]]
* See [[#Add_DiG_in_PATH Add DiG in PATH]] section for how to edit Windows PATH variable, and add ''';C:\cygwin\bin\;c:\cygwin\usr\sbin''' at the end. If ''';C:\dig''' already exist inside the value of 'Path', then add the ''';C:\cygwin\bin\;c:\cygwin\usr\sbin\''' in left side of ''';C:\dig''' location.
{{{
#!html
```
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. DiG with Unicode support: The 'dig.exe' tool/binary in the BIND package for Windows (from isc.org site), cannot use Unicode char (at the time of my test on Aug 25, 2012), you will must have to use Unicode character's equivalent Punycode form, to resolve domain-name to IP-address. More info: [List of TLDs](https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains).
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Another way to get a 'dig' tool capable of resolving domain-names with Unicode char(s), is to install Cygwin (from [here](http://www.cygwin.com)). Download their 'setup.exe' in "C:\Cygwin-Install" folder (or, download inside "%windir%\..\Cygwin-Install" folder, if that ('Cygwin-Install') folder does not exist, then create it, here **%windir%** variable indicating your actual location of 'Windows' folder, where 'system32' or 'system' sub-folder exist). (And also verify the 'setup.exe' file with their 'setup.exe.asc' file, using 'GnuPG' software. You must obtain .asc file at least 2 or 3 times and make sure you have changed and used a different Tor **circuit** each time, only use a Tor circuit which has 3 different middle nodes than what was shown last time (in 'Tor Network Map' window), and then compare if you have exact same file or not). Run the 'setup.exe' installer -> select 'Install from Internet' -> Root Directory: **C:\cygwin** -> All Users > choose 'C:\Cygwin-Install' as Local Package Directory -> Direct Connection -> choose one (http based) Download Site (that appears closer to your location) -> Next -> on 'Select Packages' Category stage, in category list find the "Net" Category, and click on [+] symbol on that line/row to expand it -> find the package line which shows **bind: DNS utilities suite** -> on that line, click once on the word 'skip' and it will change into 'Install' or change into the version # of BIND which is available at that moment -> Next -> Cygwin Intaller will show you popup window with other software or tools list, which are necessary for the 'bind' utility to work, as 'bind' depends on those -> Ok/Next -> when downloading & installation process finishes, then press on 'Finish' button. To use 'dig' from any folder location, add Cygwin's **bin** folder in PATH, (see next paragraph).
* See [[#Add_DiG_in_PATH Add DiG in PATH]] section for how to edit Windows PATH variable, and add **;C:\cygwin\bin\;c:\cygwin\usr\sbin** at the end. If **;C:\dig** already exist inside the value of 'Path', then add the **;C:\cygwin\bin\;c:\cygwin\usr\sbin\** in left side of **;C:\dig** location.
```
<p style="width: 100%; text-align: center;"><a href="#Navigation_Links">Goto Top Navigation Links</a></p>
}}}
```
{{{
#!html
```
<a name="Test_DNS_Resolver"></a>
}}}
= Test DNS Resolving Functionality =
```
# Test DNS Resolving Functionality
First, Run or Open the Windows "Command Prompt" (cmd.exe).
* Here, when we will use words, like: local DNS server, or, localhost DNS server, or, local resolver, etc, then these means and points to the 3rd party DNS server or the resolver software which is installed (using the config files from the parent doc of this page), configured and running on your own computer. By default, it listens for DNS queries made toward your computer's internal IP address, 127.0.0.1, on UDP port 53. It is also often written as, 127.0.0.1:53, or, 127.0.0.1@53
* Before installing a 3rd party DNS resolver, do each of these below command-lines inside "Command Prompt" window, and write the command and result IP address down on a paper, or, copy all messages from "Command Prompt" window to a text/txt file. This will come in handy in the Testing phase of a DNS resolver or server installation.
@@ -288,17 +279,17 @@ dig any . +dnssec +multiline ⏎
dig reg.for.free. any ⏎
dig dot-bit.bit. any ⏎</pre>
</tt></td></tr></table><br />
}}}
```
* Make sure you have already done this DNS Server network settings steps, before running below command-line tests: After installing your choice of 3rd party DNS resolver, go inside Windows Network Settings, find & open the Network/NIC Adapter which is used to connect with Internet and set 127.0.0.1 IP address as a Primary/preferred DNS Server IP address on it, and make sure there is no other IP address inside DNS settings.
* Use 'ping' (or ping.exe) utility to test DNS resolving, if working or not. Type below command-line and then press {{{⏎}}}('Enter') button:
* Use 'ping' (or ping.exe) utility to test DNS resolving, if working or not. Type below command-line and then press `⏎`('Enter') button:
**`ping yahoo.com`**
'''{{{ping yahoo.com}}}'''[[BR]]
A similar result like below should be shown and is expected:
Pinging <b>yahoo.com</b> [<b>98.139.183.24</b>] with 32 bytes of data:<br /><pre style="display:inline;">
...
...
@@ -312,18 +303,19 @@ Ping statistics for 98.139.183.24:
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 321ms, Average = 213ms</pre>
</tt></td></tr></table><br />
}}}
```
You can see in above result, 'ping' has successfully resolved 'yahoo.com' domain-name into it's IP address '98.139.183.24' by sending queries on local resolver's DNS port 53 (using UDP packets). After getting the IP address, it sends ICMP query packets to that IP address & receives ICMP reply back from it.
If 'ping' command fails to ping a domain-name, then try again, with one of the known IP address after the 'ping' for that domain-name, and you will see its succeeding. In such case it will indicate local DNS resolver is not working.
* By default, 'nslookup' tool exists in Windows. Try to test using 'nslookup':[[BR]]
'''{{{nslookup yahoo.com}}}'''[[BR]]
* By default, 'nslookup' tool exists in Windows. Try to test using 'nslookup':
**`nslookup yahoo.com`**
A similar result like below should be shown and is expected:
A 'Non-authoritative answer' is an error message, means that your local DNS resolver has queried an external (or, has queried hierarchy-wise one step above or higher level or next level, external) (or, has queried the next, in the chain/line of external) DNS server, in an effort to resolve/find the IP address associated with the 'yahoo.com' domain-name, and received an answer for it from a cache or non-authoritative nameservers. If 'nslookup' were to connect/query directly with the actual/exact NS(nameserver) DNS server which has kept the SOA (statement of authority) authoritative record for the 'domain-name' that you have used in a nslookup command-line, then received answer would be an 'Authoritative answer', and so, no other error messages (like, 'Non-authoritative answer') will be shown above the "Name: domain-name" line. It is possible to query directly to a 'Authritative' DNS nameserver of a domain-name, if it's IP address (or hostname) is known in early, and by specifying that IP-address (or hostname) after the domain-name in the nslookup command-line. In nslookup commandline, if you specify '-querytype=NS' before a domain-name (without the quote symbols), then it will show nameserver's hostnames (not the IP-address). The 'whois' command can also be used to find the actual authoritative NS DNS Server hostnames for a domain-name. And 'dig' tool can be used to find IP address of nameservers.
NSLookup tool will return the name and IP address of the DNS server that resolved the name. It will list only the DNS server it initially connects to. If the name resolution request is forwarded to other DNS servers (in the chain, or from the heirarchy), then those servers are not listed.
* If you have/installed Windows edition of 'dig' then you may try to test with any one of this command-line:[[BR]]
'''{{{dig yahoo.com. NS}}}'''[[BR]]
* If you have/installed Windows edition of 'dig' then you may try to test with any one of this command-line:
**`dig yahoo.com. NS`**
A similar result like below should be shown and is expected, if you are using Deadwood / Unbound:
@@ -367,17 +360,18 @@ yahoo.com. 91263 IN NS ns6.yahoo.com.
;; WHEN: Sat Aug 18 00:24:05 2012
;; MSG SIZE rcvd: 153</pre>
</tt></td></tr></table><br />
}}}
```
If you run the same command like above, again, then you will see the "Query time" value is showing a very low or 0 msec time. Because, at first time it required longer time to resolve (hostname or domain-name to it's IP address lookup), but at 2nd time, it already has the result in cache, so answer/result is given instantly.
In the above command-line the last option is "'''ns'''", which finds all DNS records which has NS bit (nameserver). The word "'''any'''" can be used for query instead of 'ns', and view all DNS records. Result may also include 'ADDITIONAL ANSWER' section, where IP address of each ns server will be listed/shown. The 'Unbound', 'BIND' resolver is able to deliver Additional section(s) to DiG.
In the above command-line the last option is "**ns**", which finds all DNS records which has NS bit (nameserver). The word "**any**" can be used for query instead of 'ns', and view all DNS records. Result may also include 'ADDITIONAL ANSWER' section, where IP address of each ns server will be listed/shown. The 'Unbound', 'BIND' resolver is able to deliver Additional section(s) to DiG.
* If you now try this command-line:
**`dig yahoo.com. any`**
* If you now try this command-line:[[BR]]
'''{{{dig yahoo.com. any}}}'''[[BR]]
A similar result like below should be shown and is expected:
* Gateway/Wireshark: If you want to be 100% sure, that any .onion TLD based domain-name or hostname to it's IP address conversion query, is not reaching outside to your ISP's DNS or to any other DNS (other than the local resolver), (instead of going via Tor network), you will have to use 'Wireshark' network packet/traffic monitoring software on a 2nd computer which will work as a "Gateway" computer for your network and other computers under it. Alternatively, if previous test steps and next test steps are working (or showing messages very similar to the result shown inside the "expected" boxes), then that will also indicate that DNS is not leaking.[[BR]]
```
* Gateway/Wireshark: If you want to be 100% sure, that any .onion TLD based domain-name or hostname to it's IP address conversion query, is not reaching outside to your ISP's DNS or to any other DNS (other than the local resolver), (instead of going via Tor network), you will have to use 'Wireshark' network packet/traffic monitoring software on a 2nd computer which will work as a "Gateway" computer for your network and other computers under it. Alternatively, if previous test steps and next test steps are working (or showing messages very similar to the result shown inside the "expected" boxes), then that will also indicate that DNS is not leaking.
In your network, set & configure another (a 2nd) computer as your Gateway computer which can connect to Internet (via your physical router network device or your ISP provided modem network device). And for example, lets say, it has (or configured with) IP address 192.168.0.2. Then install 'Wireshark' inside this gateway computer. Run it. Set it to show 'DNS' or filter with 'DNS', to see any DNS related network traffic packets. The computer where you just installed your 3rd party DNS server (for example, like 'Deadwood', 'Unbound', 'BIND', etc) to block or check DNS leak, on that computer, change the "Default Gateway" IP address, into wireshark gateway computer's IP address 192.168.0.2. When you will try to ping/nslookup/dig for any *.onion hostname, then Wireshark on gateway computer will not show anything if your 3rd party DNS server is blocking DNS leaks successfully, or else, you will see the .onion related DNS query appearing on Wireshark, so DNS is leaking.
* On "Command Prompt" window, to test/query the onion host 'idnxcnkne4qt76tg.onion' of TorProject.org, type:
'''{{{ping idnxcnkne4qt76tg.onion}}}'''[[BR]]
**`ping idnxcnkne4qt76tg.onion`**
A similar result like below should be shown and is expected:
@@ -672,63 +668,82 @@ l.gtld-servers.net. 166748 IN A 192.41.162.30
;; WHEN: Sat Aug 18 23:50:05 2012
;; MSG SIZE rcvd: 500</pre>
</tt></td></tr></table><br />
}}}
Note that in above result, the bold faced word ('''com.''') under 'AUTHORITY SECTION', suppose to show '''google.com.''' and then it's IP address after the '''A''' or nameserver hostname after the '''NS'''. This type of error usually indicating that DNS Server which was queried, did not sent back answer for google.com, instead it has sent back other root server's address where to look for it. So pay attention on caching, recursive DNS Servers which are specified after the '''name: "."''' commandline (which is next to '''forward-zone:''' command), and use one or set of very trustworthy and suitable DNS servers only. You will most likely have to test out with different DNS servers to get desired results, because some ISPs and other entities are known to alter and interfere with such DNS traffics.
```
Note that in above result, the bold faced word (**com.**) under 'AUTHORITY SECTION', suppose to show **google.com.** and then it's IP address after the **A** or nameserver hostname after the **NS**. This type of error usually indicating that DNS Server which was queried, did not sent back answer for google.com, instead it has sent back other root server's address where to look for it. So pay attention on caching, recursive DNS Servers which are specified after the **name: "."** commandline (which is next to **forward-zone:** command), and use one or set of very trustworthy and suitable DNS servers only. You will most likely have to test out with different DNS servers to get desired results, because some ISPs and other entities are known to alter and interfere with such DNS traffics.
* If above results marked with 'expected' are not shown, then somehwere there is a mistake or mis-configuration in DNS resolver or related software.
* Also check with your web-browser software (like, Internet Exporer, Firefox, etc) if you can view various webpages which starts with 'http', and also check if you can load/view webpages which starts with 'http'''s'''', properly or not. And if you use local Email client software (like, Outlook Express, Thunderbird, etc), then check, if you can send & receive, do both or not.
* Also check with your web-browser software (like, Internet Exporer, Firefox, etc) if you can view various webpages which starts with 'http', and also check if you can load/view webpages which starts with 'http**s**', properly or not. And if you use local Email client software (like, Outlook Express, Thunderbird, etc), then check, if you can send & receive, do both or not.
{{{
#!html
```
<a name="Using_Unicode"></a>
}}}
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Using Unicode Characters in Command-Lines: You will need a 'DiG' tool capable of processing Unicode characters and supports Unicode, follow [[#DiG_with_Unicode_Support DiG with Unicode support]] section. If you want to use non-English Unicode characters in 'Command Prompt' then follow [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]] marked or tagged sections. You can alternatively use "ComEmu" for Unicode, then follow [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]] tagged or marked sections, or you can also Skip these sections, and goto next section ([[#Type_Unicode Type Unicode]]).[[BR]][[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. There are TLDs, domain-names, hostnames which can be queried by using special characters (other than English) from other writing languages/scripts, (writing languages also known as 'scripts'). These special characters uses Unicode. You may go and/or follow further into the link for more info: [https://en.wikipedia.org/wiki/Internationalized_domain_name Internationalized Domain Name (IDN)], [https://en.wikipedia.org/wiki/Internationalized_country_code_top-level_domain IDN ccTLDs]. IDN & IDN ccTLDs are stored in the DNS servers as ASCII strings using 'Punycode' transcription (which starts with ".'''xn--'''" ASCII codes). Application or tool which can send DNS queries and receive answer, not all but some of them are able to convert Unicode characters into 'Punycode' form before sending query to DNS servers, if Unicode character is present in a domain-name. 'Punycode' form can be used by almost all apps/tools, as it is in very simple (alpha-numeric) ASCII form, but very hard to memorise. UTF-8 based Percent Encoding can also be used, but also hard to remember.[[BR]][[BR]]
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Unicode in Command Prompt: To use Unicode characters with 'Command Prompt' window, following next steps are necessary: Set font to 'Lucida Console'. With mouse, Right Click on the 'Command Prompt' window menu bar > click on Properties. In 'Properties' window, goto 'Font' tab > click on 'Lucida Console' > click on OK (See below how to add Uncode fonts in the font list). 'Lucida Console' font may support in showing and in using a very limited set of Unicode characters. (See few paragraphs below, how to use Alt+UnicodeHexCodePoint (in [[#Type_Unicode Type Unicode]] section) for typing Unicode characters). In 'Command Prompt' window, first type: '''chcp''' and press {{{⏎}}}('Enter'), then write down your default active Code Page code # and then change your Code Page settings or encoding from '437' (en_US) into '65001' (UTF-8), type below command-line & then press {{{⏎}}}('Enter') button:
{{{
```
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Using Unicode Characters in Command-Lines: You will need a 'DiG' tool capable of processing Unicode characters and supports Unicode, follow [[#DiG_with_Unicode_Support DiG with Unicode support]] section. If you want to use non-English Unicode characters in 'Command Prompt' then follow [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]] marked or tagged sections. You can alternatively use "ComEmu" for Unicode, then follow [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]] tagged or marked sections, or you can also Skip these sections, and goto next section ([[#Type_Unicode Type Unicode]]).
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. There are TLDs, domain-names, hostnames which can be queried by using special characters (other than English) from other writing languages/scripts, (writing languages also known as 'scripts'). These special characters uses Unicode. You may go and/or follow further into the link for more info: [Internationalized Domain Name (IDN)](https://en.wikipedia.org/wiki/Internationalized_domain_name), [IDN ccTLDs](https://en.wikipedia.org/wiki/Internationalized_country_code_top-level_domain). IDN & IDN ccTLDs are stored in the DNS servers as ASCII strings using 'Punycode' transcription (which starts with ".**xn--**" ASCII codes). Application or tool which can send DNS queries and receive answer, not all but some of them are able to convert Unicode characters into 'Punycode' form before sending query to DNS servers, if Unicode character is present in a domain-name. 'Punycode' form can be used by almost all apps/tools, as it is in very simple (alpha-numeric) ASCII form, but very hard to memorise. UTF-8 based Percent Encoding can also be used, but also hard to remember.
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Unicode in Command Prompt: To use Unicode characters with 'Command Prompt' window, following next steps are necessary: Set font to 'Lucida Console'. With mouse, Right Click on the 'Command Prompt' window menu bar > click on Properties. In 'Properties' window, goto 'Font' tab > click on 'Lucida Console' > click on OK (See below how to add Uncode fonts in the font list). 'Lucida Console' font may support in showing and in using a very limited set of Unicode characters. (See few paragraphs below, how to use Alt+UnicodeHexCodePoint (in [[#Type_Unicode Type Unicode]] section) for typing Unicode characters). In 'Command Prompt' window, first type: **chcp** and press `⏎`('Enter'), then write down your default active Code Page code # and then change your Code Page settings or encoding from '437' (en_US) into '65001' (UTF-8), type below command-line & then press `⏎`('Enter') button:
```
chcp 65001
}}}
[[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Unicode Font for Command Prompt: If 'Lucida Console' font was not enough for your need or your script(writing language), then you will need to add at least one more TrueType monospaced or fixed width or console font, which includes large set of 'Unicode' glyphs or at least supports your desired language scripts / character-set.[[BR]][[BR]]
{{{
#!html
```
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Unicode Font for Command Prompt: If 'Lucida Console' font was not enough for your need or your script(writing language), then you will need to add at least one more TrueType monospaced or fixed width or console font, which includes large set of 'Unicode' glyphs or at least supports your desired language scripts / character-set.
```
<a name="Load_Unicode_Font"></a>
}}}
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Install Unicode Font: Search for, download and install Unicode fonts, for example, 'DejaVu Sans Mono' (from [http://dejavu-fonts.org/ here]), 'FreeMono' (included inside 'GNU Freefont', aka Free UCS Outline Fonts, from [http://www.gnu.org/software/freefont/ here]), 'Everson Mono Terminal' or 'Everson Mono Unicode' (from [http://www.evertype.com/emono/ here]), . In 'Windows Explorer', goto C:\WINDOWS\Fonts folder, or goto '''%SystemRoot%\Fonts''' folder, (if you cannot view 'Fonts' folder then goto 'Folder Options' > View > select 'Show hidden files and folders' > remove the 'tick'/'check' mark from 'Hide extensions for known file types' option > click on OK). Decompress downloaded font zip/gz file (by using 7-zip sofwtare) to get TTF, OTF, TTC etc font files. Select & copy your desired all font files *.ttf, *.otf, *.ttc, etc and then paste those files inside %SystemRoot%\Fonts folder to install those fonts.[[BR]][[BR]]
*[[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Alternative Console Software: You can either use other alternative 'Console' or 'Terminal' type of software like [http://code.google.com/p/conemu-maximus5/ ConEmu], to overcome the limitations of Windows default console program "Command Prompt" (cmd.exe), or, you can apply Windows registry hacks and other tricks or other Console software to make the Unicode work.[[BR]][[BR]]
*[[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. If you will be using 'ConEmu', then you should install 'GNU Unifont' (from [http://unifoundry.com/unifont.html here]), or load other large Unicode font mentioned in [http://en.wikipedia.org/wiki/Unicode_font Unicode Font], that is able to show your desired writing language/script. After installing ConEmu, goto 'Settings', change all 'Font' related settings into your desired font name, which you installed. (If you will be using GNU Unifont ('unifont') then use 'Standard' anti-aliasing, unselect 'Monospace', goto 'Features' > 'Colors' > 'Standard colors' > change 'Text:Auto' into 'Text:''#''15').[[BR]][[BR]]
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Add Unicode Font in 'Command Prompt': Press & hold the Windows Logo/Flag key/button on keyboard, press R key/button once, and then release both keys. On 'Run' window, after typing '''regedit''' press {{{⏎}}}('Enter') key once or click on OK button. 'Registry Editor' window will appear. (Warning: It is very very dangerous to use this program, you must be very very careful not to delete/erase or accidentally drag something to somewhere else). In 'Registry Editor' window, browse to this registry location:
{{{
#!html
```
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Install Unicode Font: Search for, download and install Unicode fonts, for example, 'DejaVu Sans Mono' (from [here](http://dejavu-fonts.org/)), 'FreeMono' (included inside 'GNU Freefont', aka Free UCS Outline Fonts, from [here](http://www.gnu.org/software/freefont/)), 'Everson Mono Terminal' or 'Everson Mono Unicode' (from [here](http://www.evertype.com/emono/)), . In 'Windows Explorer', goto C:\WINDOWS\Fonts folder, or goto **%SystemRoot%\Fonts** folder, (if you cannot view 'Fonts' folder then goto 'Folder Options' > View > select 'Show hidden files and folders' > remove the 'tick'/'check' mark from 'Hide extensions for known file types' option > click on OK). Decompress downloaded font zip/gz file (by using 7-zip sofwtare) to get TTF, OTF, TTC etc font files. Select & copy your desired all font files *.ttf, *.otf, *.ttc, etc and then paste those files inside %SystemRoot%\Fonts folder to install those fonts.
*[[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Alternative Console Software: You can either use other alternative 'Console' or 'Terminal' type of software like [ConEmu](http://code.google.com/p/conemu-maximus5/), to overcome the limitations of Windows default console program "Command Prompt" (cmd.exe), or, you can apply Windows registry hacks and other tricks or other Console software to make the Unicode work.
*[[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. If you will be using 'ConEmu', then you should install 'GNU Unifont' (from [here](http://unifoundry.com/unifont.html)), or load other large Unicode font mentioned in [Unicode Font](http://en.wikipedia.org/wiki/Unicode_font), that is able to show your desired writing language/script. After installing ConEmu, goto 'Settings', change all 'Font' related settings into your desired font name, which you installed. (If you will be using GNU Unifont ('unifont') then use 'Standard' anti-aliasing, unselect 'Monospace', goto 'Features' > 'Colors' > 'Standard colors' > change 'Text:Auto' into 'Text:_#_15').
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Add Unicode Font in 'Command Prompt': Press & hold the Windows Logo/Flag key/button on keyboard, press R key/button once, and then release both keys. On 'Run' window, after typing **regedit** press `⏎`('Enter') key once or click on OK button. 'Registry Editor' window will appear. (Warning: It is very very dangerous to use this program, you must be very very careful not to delete/erase or accidentally drag something to somewhere else). In 'Registry Editor' window, browse to this registry location:
My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Console\TrueTypeFont
</tt></td></tr></table><br />
}}}
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Click on or select the above 'TrueTypeFont' location in 'Registry Editor's left side pane are (or in tree-list). Then right click on an empty area of right side pane/area, select New > String value. A new entry "New Value ''#''1" will appear under 'Name' column. If an entry '''00''' did not exist previously, then rename that "New Value ''#''1" into '''00''' (two zeroes). Right click on that newly created entry '''00''', click on 'Modify'. In 'Edit String' window, write a desired Unicode font name, inside the 'Value data:' textbox/field. You must write a font name here which must exist in the font list located in this below registry location, (from below registry location, copy font name shown under 'Name' column, without the (Font Type) portion shown inside first braces):
{{{
#!html
```
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Click on or select the above 'TrueTypeFont' location in 'Registry Editor's left side pane are (or in tree-list). Then right click on an empty area of right side pane/area, select New > String value. A new entry "New Value _#_1" will appear under 'Name' column. If an entry **00** did not exist previously, then rename that "New Value _#_1" into **00** (two zeroes). Right click on that newly created entry **00**, click on 'Modify'. In 'Edit String' window, write a desired Unicode font name, inside the 'Value data:' textbox/field. You must write a font name here which must exist in the font list located in this below registry location, (from below registry location, copy font name shown under 'Name' column, without the (Font Type) portion shown inside first braces):
My Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Fonts
</tt></td></tr></table><br />
}}}
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. To add more additional fonts, repeat like previous steps: by adding an extra '''0''' (zero) at the end of a new entry name, each time. A 3rd entry should look like '''000''', a 4th entry should look like '''0000''' and so on.[[BR]][[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Now 'Log Off' and re-login back (into your Windows, using your choice of user account/profile), or, restart Windows (and re-login). Start 'Command Prompt' again, and right click on the 'Command Prompt' window's menu bar > select 'Properties'. In 'Properties' window, goto 'Font' tab > select or click on 'DejaVu Sans Mono' > click on OK. Type '''chcp 65001''' and press {{{⏎}}}('Enter').[[BR]][[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Now you can either copy/paste 'Unicode' characters from webpages, or, copy/paste characters from a "Character Map" (a Font Explorer type of utility), or change Keyboard key/button layout into your desired writing language/script using 'Input Method Editor', and start typing unicode directly.[[BR]][[BR]]
{{{
#!html
```
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. To add more additional fonts, repeat like previous steps: by adding an extra **0** (zero) at the end of a new entry name, each time. A 3rd entry should look like **000**, a 4th entry should look like **0000** and so on.
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]]. Now 'Log Off' and re-login back (into your Windows, using your choice of user account/profile), or, restart Windows (and re-login). Start 'Command Prompt' again, and right click on the 'Command Prompt' window's menu bar > select 'Properties'. In 'Properties' window, goto 'Font' tab > select or click on 'DejaVu Sans Mono' > click on OK. Type **chcp 65001** and press `⏎`('Enter').
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Now you can either copy/paste 'Unicode' characters from webpages, or, copy/paste characters from a "Character Map" (a Font Explorer type of utility), or change Keyboard key/button layout into your desired writing language/script using 'Input Method Editor', and start typing unicode directly.
```
<a name="Type_Unicode"></a>
}}}
```
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Type & Show Unicode Characters: First, goto this Windows registry location and click on 'Input Method' or select it:
{{{
```
My Computer\HKEY_CURRENT_USER\Control Panel\Input Method\
}}}
In above location on right side pane/area, right click on an empty area, select 'New' > 'String value'. Then a new entry "New Value ''#''1" will appear under the 'Name' column. Rename it to "EnableHexNumpad" and press {{{⏎}}}('Enter'). Right click on 'EnableHexNumpad' > Modify > type '''1''' inside 'Value data:' textbox. Move your (blinking) cursor where you want to type a unicode char, (or use mouse pointer arrow and click on the position where you want to type a Unicode char). Press & hold onto 'Alt' key/button, press '+' key once on numeric keypad area, and then type in your desired Unicode character's hex codepoint (using the main letter keys and any of the number keys), then release 'Alt' key/button, then it will send one Unicode character (based on your hex code) where your cursor was. But remembering hex codepoints are not easier. Other Alternative Options: You can use or enable 'Input Method' based language/script utility software to change keyboard keys/buttons layout and mode, into a different language and type/show Unicode characters on 'Command Prompt' directly, or you can use font glyph/character viewer/explorer type of software like 'Character Map' (included with Windows) to visually see Unicode characters and then 'click' on desired Unicode character(s) or 'copy' your desired Unicode character(s), and then 'paste' inside 'Command Prompt'.[[BR]][[BR]]
*[[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Example query: query for a domain-name which has Unicode characters in it, and also query using it's equivalent Punycode.[[BR]][[BR]]
* IDN TLD ".中国" (means a non-latin or non-english character based TLD portion of a domain-name/web-site), it is used at the end side of a domain-name/web-site-name. This ".中国" portion is shown in Unicode form, it is more understandable and meaningful for users who will visit/use/type it. It means ".china". And the actual code which is used by DNS servers is ".xn--fiqs8s" (shown as TLD form) or DNS servers uses "xn-fiqs8s." (as TLD in zone form, for using it with test tools, or to use in configuration files, etc), this "xn--fiqs8s" code is known as Punycode form. Web-browser, DNS/stub Resolver, etc which are IDN compliant, can convert the ("中国") Unicode portion into it's equivalent Punycode form, and then sends it to DNS Servers as a DNS query/question, if DNS server has appropriate answer record(s) then it sends answer back, then, DNS/stub Resolver, Web-Browser, etc which are IDN compliant software, can re-convert the Punycode form back into it's equivalent Unicode form, and then shows it to us. To view Unicode characters (which are non-english / non-latin) shown on this webpage properly in your Web browser software, change it's Default Encoding Character settings, into "Unicode (UTF-8)". (For example, in Firefox, goto Tools > Content > Fonts & Colors > Advanced > Character Encoding > Default Char Enc: > and change this option's value into "Unicode (UTF-8)" > OK > OK). After previous steps, press F5 key/button or click on refresh (circular arrow) or press Ctrl+R while staying on this webpage, if Unicode characters are still not appearing or not viewable then your system does not have a font with required glyph/character, so you need to install a large unicode font or multiple unicode fonts.[[BR]][[BR]]
If you run this command-line '''{{{dig 中国. any +dnssec}}}''' then result should be similar like below and is expected:
{{{
#!html
```
In above location on right side pane/area, right click on an empty area, select 'New' > 'String value'. Then a new entry "New Value _#_1" will appear under the 'Name' column. Rename it to "EnableHexNumpad" and press `⏎`('Enter'). Right click on 'EnableHexNumpad' > Modify > type **1** inside 'Value data:' textbox. Move your (blinking) cursor where you want to type a unicode char, (or use mouse pointer arrow and click on the position where you want to type a Unicode char). Press & hold onto 'Alt' key/button, press '+' key once on numeric keypad area, and then type in your desired Unicode character's hex codepoint (using the main letter keys and any of the number keys), then release 'Alt' key/button, then it will send one Unicode character (based on your hex code) where your cursor was. But remembering hex codepoints are not easier. Other Alternative Options: You can use or enable 'Input Method' based language/script utility software to change keyboard keys/buttons layout and mode, into a different language and type/show Unicode characters on 'Command Prompt' directly, or you can use font glyph/character viewer/explorer type of software like 'Character Map' (included with Windows) to visually see Unicode characters and then 'click' on desired Unicode character(s) or 'copy' your desired Unicode character(s), and then 'paste' inside 'Command Prompt'.
* [[span([Unicode.in.CmdPrmpt], style=color: green; background-color: yellow)]], [[span([Unicode.in.ConEmu], style=color: white; background-color: blue)]]. Example query: query for a domain-name which has Unicode characters in it, and also query using it's equivalent Punycode.
* IDN TLD ".中国" (means a non-latin or non-english character based TLD portion of a domain-name/web-site), it is used at the end side of a domain-name/web-site-name. This ".中国" portion is shown in Unicode form, it is more understandable and meaningful for users who will visit/use/type it. It means ".china". And the actual code which is used by DNS servers is ".xn--fiqs8s" (shown as TLD form) or DNS servers uses "xn-fiqs8s." (as TLD in zone form, for using it with test tools, or to use in configuration files, etc), this "xn--fiqs8s" code is known as Punycode form. Web-browser, DNS/stub Resolver, etc which are IDN compliant, can convert the ("中国") Unicode portion into it's equivalent Punycode form, and then sends it to DNS Servers as a DNS query/question, if DNS server has appropriate answer record(s) then it sends answer back, then, DNS/stub Resolver, Web-Browser, etc which are IDN compliant software, can re-convert the Punycode form back into it's equivalent Unicode form, and then shows it to us. To view Unicode characters (which are non-english / non-latin) shown on this webpage properly in your Web browser software, change it's Default Encoding Character settings, into "Unicode (UTF-8)". (For example, in Firefox, goto Tools > Content > Fonts & Colors > Advanced > Character Encoding > Default Char Enc: > and change this option's value into "Unicode (UTF-8)" > OK > OK). After previous steps, press F5 key/button or click on refresh (circular arrow) or press Ctrl+R while staying on this webpage, if Unicode characters are still not appearing or not viewable then your system does not have a font with required glyph/character, so you need to install a large unicode font or multiple unicode fonts.
If you run this command-line **`dig 中国. any +dnssec`** then result should be similar like below and is expected:
; <<>> DiG 9.9.1-P2 <<>> <b>中国.</b> any +dnssec<br /><pre style="display:inline;">
;; global options: +cmd
...
...
@@ -754,26 +769,25 @@ My Computer\HKEY_CURRENT_USER\Control Panel\Input Method\
;; WHEN: Tue Aug 27 00:20:05 2012
;; MSG SIZE rcvd: 172</pre>
</tt></td></tr></table><br />
}}}
The bold faced TLD '''中国.''' in above result box will be changed into '''xn--fiqs8s.''' (and the '''id''' value will also change) when you will try above command's punycode equivalent like this '''{{{dig xn--fiqs8s. any +dnssec}}}''' in dig command-line. If punycode form works and Unicode form does not, then you are not using a 'dig' capable of processing Unicode conversion.
```
The bold faced TLD **中国.** in above result box will be changed into **xn--fiqs8s.** (and the **id** value will also change) when you will try above command's punycode equivalent like this **`dig xn--fiqs8s. any +dnssec`** in dig command-line. If punycode form works and Unicode form does not, then you are not using a 'dig' capable of processing Unicode conversion.
{{{
#!html
```
<a name="TLD_IDN_Numeric"></a>
}}}
* Use TLDs, IDNs Which Has Numeric Digits: Windows, by default refuses to resolve numeric TLD (it means, Windows refuses to resolve domain-names which has .N at end, here N is a numeric digit). If you will be using such a TLD which has numbers/digits, only then follow below step:[[BR]][[BR]]
* Click on "Start" menu, then in "Run" or "Execute" (of Windows XP) or in "Search" (of Windows Vista/Seven/7/8), type '''regedit''' and press {{{⏎}}}('Enter'). Goto/browse to this below registry location, and click on 'Parameters' in left side/pane:
{{{
#!html
```
* Use TLDs, IDNs Which Has Numeric Digits: Windows, by default refuses to resolve numeric TLD (it means, Windows refuses to resolve domain-names which has .N at end, here N is a numeric digit). If you will be using such a TLD which has numbers/digits, only then follow below step:
* Click on "Start" menu, then in "Run" or "Execute" (of Windows XP) or in "Search" (of Windows Vista/Seven/7/8), type **regedit** and press `⏎`('Enter'). Goto/browse to this below registry location, and click on 'Parameters' in left side/pane:
My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
</tt></td></tr></table><br />
}}}
In 'Edit' menu, select 'New' and click on 'DWORD' value. Type 'ScreenBadTlds' (without the single quote symbols) and press {{{⏎}}}('Enter'). Right-click on '''ScreenBadTlds''', and then click on 'Edit'. In data area, type 0 and click OK. Close the Registry editor. Either restart your computer (if required), (or Log-off from your Windows account, and re-login back).
```
In 'Edit' menu, select 'New' and click on 'DWORD' value. Type 'ScreenBadTlds' (without the single quote symbols) and press `⏎`('Enter'). Right-click on **ScreenBadTlds**, and then click on 'Edit'. In data area, type 0 and click OK. Close the Registry editor. Either restart your computer (if required), (or Log-off from your Windows account, and re-login back).
* Test out TLDs supported by other Alternative Root operators, after you finish installing a 3rd Party DNS resolver, and then after loading your choice of config file (from parent webpage of this webpage), type these below commands and press {{{⏎}}}('Enter') one by one:
{{{
#!html
* Test out TLDs supported by other Alternative Root operators, after you finish installing a 3rd Party DNS resolver, and then after loading your choice of config file (from parent webpage of this webpage), type these below commands and press `⏎`('Enter') one by one:
dig  geek.  any ⏎ (one of the OpenNIC TLD).<br />
dig  ita.  any ⏎ (one of the CesidianRoot TLD).<br />
...
...
@@ -785,25 +799,24 @@ dig  sundial.  any ⏎ (one of the Unifiedroot TLD).<br />
dig  xn--e1apq.  any ⏎ (one of the i-DNS.net TLD).<br />
dig  нет.  any ⏎ (TLD in Unicode form, same as above i-DNS punycode form TLD, russian .net TLD).<br />
</tt></td></tr></table><br />
}}}
In parent page of this article, inside the DNS resolver's config file, you will find domain-name/hostname for TLDs from different root operators, which you can use with 'ping', 'nslookup', 'dig', web-browser, etc for test.[[BR]][[BR]]
```
In parent page of this article, inside the DNS resolver's config file, you will find domain-name/hostname for TLDs from different root operators, which you can use with 'ping', 'nslookup', 'dig', web-browser, etc for test.
If your results do not have "Status: NOERROR" each time, then, may be there are some mis-configurations in config file, or, name servers were changed by TLD operator, or, server are currently down/off, etc. Actual reason will depend on what answer you get and related software configuration and/or hardware connection related matters. When you try to resolve a TLD for 1st time, resolving process may take bit longer, so you may receive a "SERVFAIL" or "connection timed out; no servers could be reached" etc error messages. Wait & try again for 2nd time, then you should receive a "NOERROR" & related correct answer/records.
* Everytime you restart DNS resolver, you may also have to restart your web-browser, email-client software to be sure those are not using older mis-configured values.
{{{
#!html
```
<a name="Test_Via_TCP_DNS"></a>
}}}
* Test Using TCP DNS Query: When you have enabled using TCP traffic for resolving DNS in DNS Server/Resolver, and When you want to force 'dig' to use TCP DNS (instead of default UDP DNS), then, in 'dig' command-line add ''' +tcp''' option at the end. See next section's example which uses +tcp option. For this +tcp option to work successfully, you will have to pre-configure your DNS Server to allow TCP DNS query, see Unbound Tweak sections: [wiki:doc/DnsResolver#TCP_UDP_DNS this], and if you want to always connect with DNS/nameserver using TCP traffic, then configure your DNS Server further like [wiki:doc/DnsResolver#TCP_Only this].
```
* Test Using TCP DNS Query: When you have enabled using TCP traffic for resolving DNS in DNS Server/Resolver, and When you want to force 'dig' to use TCP DNS (instead of default UDP DNS), then, in 'dig' command-line add ** +tcp** option at the end. See next section's example which uses +tcp option. For this +tcp option to work successfully, you will have to pre-configure your DNS Server to allow TCP DNS query, see Unbound Tweak sections: [this](./doc/DnsResolver#TCP_UDP_DNS), and if you want to always connect with DNS/nameserver using TCP traffic, then configure your DNS Server further like [this](./doc/DnsResolver#TCP_Only).
{{{
#!html
```
<a name="Test_Via_Specific_Nameserver"></a>
}}}
```
* Test DNS Query On Specific DNS/Nameserver: If you want to query for DNS info using 'dig' tool via using a very specific DNS/nameserver, then you can do so, by specifying that DNS/nameserver's ip address or hostname right after the 'dig' word in command-line and by using a leading '@' (at) symbol in front of the nameserver. Few examples:
Disclaimer: If you make mistake in following, any of these "general" steps/guidelines mentioned here in these article, it will NOT be good at all for your system, so be warned, search for each word which you don't understand, on Bing / Yahoo / Google search engine sites and search in documents and books, before actually following any of these steps. Instruction writer(s) has(/have) tested and found these steps to be effective on his/her(/their) computer's OS + software + hardware + internal-network + external-network, etc environment + configuration + settings + features + restrictions, etc combinations. These factors cannot be 100% same on your case. Instruction writers are assuming, users who will follow these steps are familiar with these steps, at least have done such once or twice before and very recently, effectively and correctly. Instruction writer will not be (and cannot be held) responsible in any way for your mistakes, or for your lack of experties, or for your lack of understanding, or for your lack of not following these general instructions, or for not converting them to a practical level in correct manner for your case, or for not learning effectively more on these, or for not realizing the patterns to suit/modify with/for your case, or for any conflict or for any type of any loss which may or will occur with any current or any future component / event / etc. Everything is changing all the time, so you will need to improve & adopt better solution(s) which suits you, your need(s), that is your responsibility. Adopt such solution(s) which is(/are) (or will be) better for majority, or will meet your goals. Adopt which works, discard which does not.
