Quad9 Enables DNS over HTTP/3 and DNS over QUIC
6 hours ago
- #DNS
- #Quad9
- #Privacy
- Quad9 has globally enabled DNS over HTTP/3 (DoH3) and DNS over QUIC (DoQ) on its resolver network, enhancing privacy and security.
- Both DoH3 and DoQ are built on the QUIC protocol, which offers encryption by design, uses TLS 1.3, reduces connection setup time, and protects more transport metadata than TCP-based protocols.
- QUIC improves latency by merging connection steps, allowing encrypted sessions in fewer round trips, and maintains sessions during network changes, unlike TCP.
- DoH3 is DNS over HTTPS carried over HTTP/3, requiring no configuration changes for existing Quad9 DoH users, with support via discovery mechanisms like DDR and alt-svc headers.
- DoQ carries DNS queries directly over QUIC on port 853, without an HTTP stack, aiming to boost adoption by providing production infrastructure for client testing.
- Quad9 offers both protocols across all its resolver variants (filtering, non-filtering, ECS-enabled), alongside existing DoH, DoT, and DNSCrypt support.
- Protocol adoption is gradual, but QUIC-based ones benefit from existing web infrastructure, and Quad9 encourages testing by client developers and tooling creators.