ResInfo is a diagnostic service providing real-time visibility into DNS resolver behavior. By querying a custom authoritative nameserver, users can observe exactly how their DNS provider handles privacy, security, and protocol features—attributes that are typically opaque to both the client and the end user.
The service is built on a custom CoreDNS plugin that intercepts queries to assemble a diagnostic report. Unlike active scanning tools, ResInfo relies on passive observation to infer resolver capabilities directly from the incoming DNS traffic.
This implementation enables the detection of several key resolver behaviors:
- Privacy Features: Identifies support for QNAME Minimization (RFC 7816) by tracking intermediate subdomain probes, as well as EDNS0 Client Subnet (ECS) and EDNS0 Padding.
- Security & Integrity: Detects 0x20 Case Randomization used to mitigate spoofing, along with DNSSEC flags (DO/AD/CD) and EDNS0 Cookies.
- Operational Metadata: Provides transparency into the resolver’s identity (ASN/Organization) and technical parameters like UDP Buffer Size.
By packaging these diagnostics into a simple TXT record response, ResInfo provides an immediate, “no-install” way for network engineers and privacy enthusiasts to audit their DNS infrastructure.
For a deep dive into the plugin logic and the mechanics of passive detection, see the detailed blog post.