TL;DR
This study evaluates the performance of encrypted DNS protocols compared to traditional DNS across thousands of home networks, revealing that privacy does not necessarily compromise speed and that performance varies widely among resolvers.
Contribution
It provides large-scale empirical measurements of encrypted DNS performance, highlighting the variability and suggesting adaptive client strategies for optimal DNS resolution.
Findings
DoT can outperform traditional DNS in median response times.
Significant variation exists in DoH performance across resolvers.
Clients should periodically measure latency to choose optimal DNS protocols.
Abstract
In this paper, we study the performance of encrypted DNS protocols and conventional DNS from thousands of home networks in the United States, over one month in 2020. We perform these measurements from the homes of 2,693 participating panelists in the Federal Communications Commission's (FCC) Measuring Broadband America program. We found that clients do not have to trade DNS performance for privacy. For certain resolvers, DoT was able to perform faster than DNS in median response times, even as latency increased. We also found significant variation in DoH performance across recursive resolvers. Based on these results, we recommend that DNS clients (e.g., web browsers) should periodically conduct simple latency and response time measurements to determine which protocol and resolver a client should use. No single DNS protocol nor resolver performed the best for all clients.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
