On Cross-Layer Interactions of QUIC, Encrypted DNS and HTTP/3: Design, Evaluation and Dataset

TL;DR

This paper evaluates the benefits and performance impacts of using QUIC to combine DNS over QUIC and HTTP/3 with 0-RTT, demonstrating significant load time improvements over traditional DNS encryption methods.

Contribution

It provides a comprehensive analysis of cross-layer interactions between QUIC, encrypted DNS, and HTTP/3, highlighting the advantages of connection coalescing with QUIC for web performance.

Findings

Page load times increase with DoH compared to unencrypted DNS.

Connection coalescing with DoQ and H3 0-RTT reduces load times significantly.

QUIC-based coalescing offers the best performance for encrypted web communications.

Abstract

Every Web session involves a DNS resolution. While, in the last decade, we witnessed a promising trend towards an encrypted Web in general, DNS encryption has only recently gained traction with the standardisation of DNS over TLS (DoT) and DNS over HTTPS (DoH). Meanwhile, the rapid rise of QUIC deployment has now opened up an exciting opportunity to utilise the same protocol to not only encrypt Web communications, but also DNS. In this paper, we evaluate this benefit of using QUIC to coalesce name resolution via DNS over QUIC (DoQ), and Web content delivery via HTTP/3 (H3) with 0-RTT. We compare this scenario using several possible combinations where H3 is used in conjunction with DoH and DoQ, as well as the unencrypted DNS over UDP (DoUDP). We observe, that when using H3 1-RTT, page load times with DoH can get inflated by $>$30\% over fixed-line and by $>$50\% over mobile when compared to unencrypted DNS with DoUDP. However, this cost of encryption can be drastically reduced when encrypted connections are coalesced (DoQ + H3 0-RTT), thereby reducing the page load times by 1/3 over fixed-line and 1/2 over mobile, overall making connection coalescing with QUIC the best option for encrypted communication on the Internet.