============================================================================================================= [root@NextDNS ~]# curl -v https://dns.nextdns.io/info * Trying 2a00:11c0:17:429::3... * TCP_NODELAY set * Trying 37.252.249.233... * TCP_NODELAY set * Connected to dns.nextdns.io (37.252.249.233) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dns.nextdns.io:443 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dns.nextdns.io:443 ============================================================================================================= [root@NextDNS ~]# curl -v https://dns.nextdns.io/info --resolve dns.nextdns.io:443:37.252.249.233 * Added dns.nextdns.io:443:37.252.249.233 to DNS cache * Hostname dns.nextdns.io was found in DNS cache * Trying 37.252.249.233... * TCP_NODELAY set * Connected to dns.nextdns.io (37.252.249.233) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dns.nextdns.io:443 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dns.nextdns.io:443 [root@NextDNS ~]# ============================================================================================================= [root@NextDNS ~]# curl -v https://dns.nextdns.io/info --resolve dns.nextdns.io:443:2a00:11c0:17:429::3 * Added dns.nextdns.io:443:2a00:11c0:17:429::3 to DNS cache * Hostname dns.nextdns.io was found in DNS cache * Trying 2a00:11c0:17:429::3... * TCP_NODELAY set * Connected to dns.nextdns.io (2a00:11c0:17:429::3) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, [no content] (0): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=nextdns.io * start date: Mar 13 23:55:09 2021 GMT * expire date: Jun 11 23:55:09 2021 GMT * subjectAltName: host "dns.nextdns.io" matched cert's "dns.nextdns.io" * issuer: C=US; O=Let's Encrypt; CN=R3 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (OUT), TLS app data, [no content] (0): * Using Stream ID: 1 (easy handle 0x55ee7f9414a0) * TLSv1.3 (OUT), TLS app data, [no content] (0): > GET /info HTTP/2 > Host: dns.nextdns.io > User-Agent: curl/7.61.1 > Accept: */* > * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS app data, [no content] (0): * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): < HTTP/2 200 < access-control-allow-origin: * < content-type: application/json < strict-transport-security: max-age=63072000; includeSubDomains; preload < timing-allow-origin: * < content-length: 74 < date: Mon, 15 Mar 2021 10:57:36 GMT < * TLSv1.3 (IN), TLS app data, [no content] (0): * Connection #0 to host dns.nextdns.io left intact {"locationName": "🇭🇰 Hong Kong", "pop": "anexia-hkg", "rtt": 175335} [root@NextDNS ~]# ============================================================================================================= [root@NextDNS ~]# curl -v https://blah.dns.nextdns.io/info --resolve blah.dns.nextdns.io:443:37.252.249.233 * Added blah.dns.nextdns.io:443:37.252.249.233 to DNS cache * Hostname blah.dns.nextdns.io was found in DNS cache * Trying 37.252.249.233... * TCP_NODELAY set * Connected to blah.dns.nextdns.io (37.252.249.233) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, [no content] (0): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=nextdns.io * start date: Mar 13 23:55:09 2021 GMT * expire date: Jun 11 23:55:09 2021 GMT * subjectAltName: host "blah.dns.nextdns.io" matched cert's "*.dns.nextdns.io" * issuer: C=US; O=Let's Encrypt; CN=R3 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (OUT), TLS app data, [no content] (0): * Using Stream ID: 1 (easy handle 0x561dec5864a0) * TLSv1.3 (OUT), TLS app data, [no content] (0): > GET /info HTTP/2 > Host: blah.dns.nextdns.io > User-Agent: curl/7.61.1 > Accept: */* > * TLSv1.3 (IN), TLS handshake, [no content] (0): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS app data, [no content] (0): * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! * TLSv1.3 (OUT), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): * TLSv1.3 (IN), TLS app data, [no content] (0): < HTTP/2 200 < access-control-allow-origin: * < content-type: application/json < strict-transport-security: max-age=63072000; includeSubDomains; preload < timing-allow-origin: * < content-length: 74 < date: Mon, 15 Mar 2021 10:59:35 GMT < * TLSv1.3 (IN), TLS app data, [no content] (0): * Connection #0 to host blah.dns.nextdns.io left intact [root@NextDNS ~]# [root@NextDNS ~]# ============================================================================================================= [root@NextDNS ~]# curl -kv https://something.cn/info --resolve something.cn:443:37.252.249.233 * Added something.cn:443:37.252.249.233 to DNS cache * Hostname something.cn was found in DNS cache * Trying 37.252.249.233... * TCP_NODELAY set * connect to 37.252.249.233 port 443 failed: Connection timed out * Failed to connect to something.cn port 443: Connection timed out * Closing connection 0 curl: (7) Failed to connect to something.cn port 443: Connection timed out [root@NextDNS ~]#