Valikko
Valikko
Koti
AdGuard Mainosesto
Virallinen sivusto
Windows-sovellus
Mac-sovellus
Android-sovellus
Android TV
iOS-sovellus
Selainlaajennus
Blogi
AdGuard VPN
Virallinen sivusto
Windows-sovellus
Mac-sovellus
Android-sovellus
iOS-sovellus
Selainlaajennus
Reitittimet
Näytä kaikki tuotteet
Blogi
AdGuard DNS
Virallinen sivusto
Hallintapaneeli
Julkinen DNS
Blogi
Tietopankki
Tuki
Muut tuotteet
AdGuard Home
AdGuard Pro iOS:lle
AdGuard Sisällönesto
AdGuard Safarille
AdGuard Avustaja
AdGuard Temp Mail
Näytä kaikki tuotteet
Tuotteet
AdGuard Mainosesto
Estää mainokset, seurannat, tietojenkalastelun ja muut verkon ärsykkeet.
Virallinen sivusto
Windows-sovellus
Mac-sovellus
Android-sovellus
Android TV
iOS-sovellus
Selainlaajennus
Blogi
AdGuard VPN
Tekee sinusta nimettömän ja tietoliikenteestäsi huomaamatonta
Virallinen sivusto
Windows-sovellus
Mac-sovellus
Android-sovellus
iOS-sovellus
Selainlaajennus
Reitittimet
Näytä kaikki tuotteet
Blogi
AdGuard DNS
Pilvipohjainen DNS-palvelu, joka estää mainokset ja suojaa yksityisyyttäsi.
Virallinen sivusto
Hallintapaneeli
Julkinen DNS
Blogi
Tietopankki
Tuki
Muut tuotteet
Muita työkaluja sisällönestoon
AdGuard Home
AdGuard Pro iOS:lle
AdGuard Sisällönesto
AdGuard Safarille
AdGuard Avustaja
AdGuard Temp Mail
Näytä kaikki tuotteet
Blogi
Tuki
Osta
Osta
FI
Tuki
AdGuard DNS Blogi DNS-over-QUIC is now officially a proposed standard

DNS-over-QUIC is now officially a proposed standard

20. kesäkuuta 2022 3 min luettu

We're happy to announce that DNS-over-QUIC, a very promising protocol, has become a proposed standard. We believe that DNS-over-QUIC is better than other popular alternatives (DNS-over-HTTPS, DNS-over-TLS) and has a potential to completely replace old unencrypted DNS protocols. But first things first.

The history of DNS-over-QUIC

DNS-over-QUIC (abbreviated as DoQ) is a relatively new protocol for transmitting DNS queries: it was not until May 2022 that it became a standard. For comparison, DNS-over-TLS was standardized in 2016 and DNScrypt in 2011.

About a year and a half ago AdGuard DNS became the first public DNS resolver to support the new DoQ protocol. At that time, the DoQ standard was still in the draft stage: it was an experiment, not yet ready to be used everywhere.

And finally, in mid-May this year, the situation changed: DNS-over-QUIC was published as an RFC (Request for Comments, a document that describes online protocols, methods, programs, or research applicable to the Internet), was assigned the number 9250 and since then has to be treated as a proposed standard. This RFC has a long way to go before it becomes an Internet standard, but already now DNS-over-QUIC has been found to be stable enough and has received enough community reviews to be implemented around the world.

But first let's talk about what DNS-over-QUIC is and why it's better than other versions.

Why is DNS-over-QUIC worth it?

We've written earlier about what DNS-over QUIC is. If you're eager to dive into detail, you can read that article first. Shortly, DNS-over-QUIC is a DNS protocol that uses the QUIC transport layer protocol to transmit DNS requests.

TCP data packet transmission scheme
TCP data packet transmission scheme

QUIC data packet transmission scheme
QUIC data packet transmission scheme

Compared to another, extremely popular protocol TCP, QUIC is faster, more reliable, and offers more encryption options. And DNS-over-QUIC inherits all its advantages.

In short, here are the main advantages of DNS-over-QUIC:

  1. It encrypts DNS traffic. Nobody except you can see what websites you visit.
  2. QUIC is designed to solve the problem of "head-of-line-blocking", that is, it will work better in networks with a high packet loss rate (think mobile data in elevators or tunnels).
  3. The QUIC standard supports the so-called "Connection Migration". When you're leaving home and your phone switches from Wi-Fi to mobile network, the QUIC connection, unlike other connections, doesn't drop. Unfortunately, it hasn't been implemented yet, but we hope the situation changes soon.
  4. QUIC allows you to establish a network connection much faster. As with the "Connection Migration", it's especially useful when being on mobile. With DNS-over-QUIC implemented, the connection is established twice as fast as with DNS-over-TLS.

How has the standard changed compared to drafts?

DNS-over-QUIC can now be used not only for recursive DNS servers (such as AdGuard DNS), but also for authoritative ones. In the long term, this will make it possible to encrypt not only the traffic from the client (your computer or phone) to the recursive server, but also all DNS traffic in general. That is, unlike DNS-over-HTTPS, DoQ is a more comprehensive protocol that can fully cover the situations where the unencrypted protocol was previously used.

What has changed for AdGuard?

Many AdGuard products have been supporting DoQ for a while now, but we'd like to outline a few things:

  1. AdGuard DNS now fully supports the standard. "Draft" versions will continue to be supported as well.
  2. As for AdGuard Home, it has already adopted the new standard!
  3. All of our apps will also switch to the standard; the "experimental" mark will be finally removed from the interface. In future versions, we're planning to implement DoQ as the default protocol (instead of DNS-over-HTTPS which is our default choice at the moment).

Almost all of our DoQ related developments are publicly available. We maintain them and update them regularly. Here are some of them:

  • dnslookup is a basic utility to perform DNS requests. It supports all popular modern protocols: DoH, DoT, DNSCrypt, and, of course, DoQ.
  • With AdGuard Home, you can set up your own DoQ server. If you run AdGuard Home as a public server, you can set up encryption on it.
  • dnsproxy is a simple DNS proxy server with support for DoH, DoT, DoQ and DNSCrypt.
  • DnsLibs is a C++ library that we use in our AdGuard products. Feel free to use it to incorporate DoQ into your own app.
    We're also expecting to make the new AdGuard DNS code public in the near future.

We're really excited about the opportunities that the implementation of DNS-over-QUIC as a standard can bring: a faster connection, better encryption, a lesser packet loss rate, "Connection Migration", and much more. And we're looking forward to taking advantage of all of them! Meanwhile, you can read how to set up DoQ in AdGuard for iOS and AdGuard for Android or configure a public AdGuard DNS server that uses the QUIC protocol (you can find it in the "Our server addresses" section). Or create your very own private AdGuard DNS server, choose any protocol you want (like DoQ!) and be directly in charge of all your DNS requests!

Piditkö tästä julkaisusta?
Upd: 29. maaliskuuta 2023 Julkaistu alun perin 20. kesäkuuta 2022 3 min luettu AdGuard DNS Industry news
Andrey Meshkov Andrey Meshkov

Aiheeseen liittyvät artikkelit

© 2016–2024 AdGuard DNS