Skip to main content
Background Image

DNSDiag 2.8.1 Release

·245 words·2 mins·
Babak Farrokhi
Author
Babak Farrokhi
Engineering and Technical Operations Leader

I’m pleased to announce the release of DNSDiag version 2.8.1. This update brings DNS Cookie support, improves user experience with automatic Extended DNS Error display, and fixes several issues with encrypted DNS protocols.

Key Features
#

DNS Cookies Support

Added --cookie flag to dnsping for displaying EDNS cookies when present. This allows you to verify if your DNS resolver supports RFC 7873 DNS cookies for improved security.

Automatic Extended DNS Error Display

Extended DNS Error (EDE) messages are now always displayed when present, eliminating the need for the --ede flag. This provides better visibility into DNS resolution issues without requiring explicit configuration.

Enhanced ECS Display Format

EDNS Client Subnet output now shows source prefix length ([ECS:address/source/scope]), making it easier to see what was sent versus what was returned by the resolver.

Bug Fixes
#

This release fixes hostname resolution issues with encrypted DNS protocols. Both DNS over TLS (DoT) and DNS over QUIC (DoQ) now properly handle DNS server hostnames for SNI and certificate validation. Additionally, DNS over HTTPS (DoH) and HTTP/3 no longer fail when using hostnames instead of IP addresses.

Example Usage
#

$ ./dnsping.py --cookie --ecs 203.0.113.0/24 -c 5 -s 8.8.8.8 example.com

Installation
#

DNSDiag 2.8.1 is available on the GitHub release page, or can be installed via:

pip install dnsdiag

or

uv tool install dnsdiag

To upgrade an existing installation:

pip install --upgrade dnsdiag

or

uv tool upgrade dnsdiag

Please report any bugs or feature requests through the GitHub issue tracker.