37

DNS-over-QUIC

is viewed as a superior, faster, and more private version of the DNS protocol, even DoH and DoT

15 replies

null
    • IAAI
    • 3 yrs ago
    • Reported - view

    or even better ODoH 😬

    • olivier
    • 3 yrs ago
    • Reported - view

    DNS over HTTP/3 support has been released on servers and the CLI. 

    • IAAI
    • 3 yrs ago
    • Reported - view

    Can we get some documentation on how we can use it please ?

      • olivier
      • 3 yrs ago
      • Reported - view

      IAAI doc will follow

    • Johan_de_Jong
    • 3 yrs ago
    • Reported - view

    Super!

    In anticipation of release nextdns-v1.11.1 or v1.12.0 I gave the development version a spin and increased the buffer: 'sysctl -w net.core.rmem_max=2097152'.

    I notice the DNS queries falling back to HTTP/2.0 sometimes; from the logging it's not clear (to me) why that happens though.

    Mar 12 22:32:11 openvpn nextdns[27452]: Connected 188.172.219.167:443 (con=42ms tls=2ms, h3-29, TLS13)
    
    Mar 12 22:32:44 openvpn nextdns[27452]: Query 127.0.0.1 UDP PTR 66.136.178.203.in-addr.arpa. (qry=45/res=89) 739ms HTTP/3
    Mar 12 22:32:45 openvpn nextdns[27452]: Query 127.0.0.1 UDP PTR 9.138.178.203.in-addr.arpa. (qry=44/res=79) 733ms HTTP/3
    
    Mar 12 22:36:22 openvpn nextdns[27452]: Connected 188.172.219.167:443 (con=13ms tls=22ms, TCP, TLS13)
    
    Mar 12 22:36:22 openvpn nextdns[27452]: Query 127.0.0.1 UDP A www.cnn.com. (qry=29/res=45) 50ms HTTP/2.0
    Mar 12 22:36:22 openvpn nextdns[27452]: Query 127.0.0.1 UDP PTR 193.129.28.172.in-addr.arpa. (qry=45/res=12) 0ms
      • olivier
      • 3 yrs ago
      • Reported - view

      Johan de Jong That may happen when HTTP/3 is failing for some reason.

    • Michael_Smith
    • 3 yrs ago
    • Reported - view

    This is exciting!  So we're still waiting for docs or is it in the next version?  

      • olivier
      • 3 yrs ago
      • Reported - view

      Michael Smith for HTTP/3 there is no doc needed as DoH clients supporting HTTP/3 will automatically negotiate HTTP/3. We will update the setup tab for DoQ, but it is the same as DoT in terms of hostnames. The port is 8853 as defined by the very last draft.

      • Michael_Smith
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey So just run the CLI again when it's released and it's all good.  Is the improvement measurable?

      • olivier
      • 3 yrs ago
      • Reported - view

      Michael Smith for HTTP/3 support in the CLI, you need to wait for the next revision. The improvement of Quic over TCP is only measurable on connections with packet loss. Healthy connections should not see any improvement over TCP.

      • Chris_Leidich
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey This would seem to be a boon for mobile devices on changing or intermittent connections. Do you know if the iOS encrypted DNS feature will use HTTP/3 (if available)?

      • Pro subscriber ✓
      • DynamicNotSlow
      • 3 yrs ago
      • Reported - view

      Chris Leidich 

      in Safari it can already enabled: How to enable HTTP/3 in Safari 14 … | Apple Developer Forums

      • olivier
      • 3 yrs ago
      • Reported - view

      Chris Leidich we are discussing with Apple. HTTP/3 is currently disable in the DoH client but should be re-enabled in a next revision.

    • Michael_Smith
    • 3 yrs ago
    • Reported - view

    waseem alwisy I thought it was faster too, but Olivier said not.

    • maghuro
    • 3 yrs ago
    • Reported - view

    So when nextdns release? I don't know how to compile it for asuswrt

Content aside

  • Status Completed
  • 37 Likes
  • 3 yrs agoLast active
  • 15Replies
  • 1707Views
  • 11 Following