DNS-over-QUIC: the third generation of encrypted DNS
Do53 was plaintext. DoT bolted on TLS. DoH hid queries inside HTTPS. DoQ skips the compromises and runs DNS directly over QUIC. Here is why that matters, and how to turn it on today.
DNS is the part of the internet that decides where you actually go. Type planet-proxy.com, your machine asks a resolver, the resolver answers with an IP, and your browser opens a connection. For thirty-five years that conversation happened in plaintext over UDP port 53. Anybody on the path — your ISP, the coffee shop router, a transit provider in another country — could read every site you visited and, if they felt like it, lie about the answer.
Encrypted DNS is the long, slow fix. We are now on the third version of it. The first two are widely deployed and have known weaknesses. The third one, DNS-over-QUIC (DoQ, RFC 9250), is the one most people have not heard of yet. It is also the one that is quietly winning.
A short history of how DNS got encrypted
Standard DNS — call it Do53 — was specified in 1987. It runs over UDP, falls back to TCP for large responses, and offers zero confidentiality or authentication. Every middlebox between you and the resolver sees the names you look up.
DNS-over-TLS (DoT, RFC 7858, 2016) was the first serious answer. Open a TLS session to your resolver on port 853, send DNS messages inside it. It works. It is also trivially blockable — port 853 is unmistakable, and a hostile network operator can drop it without breaking anything else.
DNS-over-HTTPS (DoH, RFC 8484, 2018) reframed the problem politically. Wrap DNS queries in HTTPS POST requests to a /dns-query endpoint on port 443. Now the queries blend in with normal web traffic. Mozilla shipped it in Firefox, Cloudflare ran a public resolver, and the censorship-resistance crowd cheered. The downside: HTTPS is TCP plus TLS plus HTTP/2 framing. That is a lot of overhead for a 60-byte question that wants a 100-byte answer.
QUIC, briefly, because it matters here
QUIC is a transport protocol that runs over UDP. Google built it, the IETF standardised it as RFC 9000 in 2021, and HTTP/3 is just QUIC with HTTP semantics on top. The key facts for our purposes: QUIC is encrypted by default — there is no unencrypted QUIC, the way there is unencrypted TCP. Connection establishment and TLS 1.3 are merged into a single one-RTT handshake. Resumed connections can do 0-RTT, meaning the first datagram carries application data. And because QUIC streams are independent, packet loss on one stream does not stall the others. There is no TCP-style head-of-line blocking.
You can probably see where this is going.
What DoQ actually is
DNS-over-QUIC, specified in RFC 9250 in May 2022, runs DNS messages directly over QUIC streams on UDP port 853. No HTTP, no JSON, no /dns-query path. Each query gets its own QUIC stream. The wire format is the same DNS message format you have been parsing since 1987 — just inside a QUIC frame.
That is the entire spec, more or less. The simplicity is the point.
Why DoQ beats DoH on the wire
DoH solves the privacy problem and the censorship-resistance problem. It does not solve the latency problem. A cold DoH lookup costs a TCP handshake (1 RTT), a TLS 1.3 handshake (1 RTT), then an HTTP/2 request and response. Even with connection reuse, you are paying for HTTP framing on every query.
DoQ pays the QUIC handshake once (1 RTT, sometimes 0 if you have prior session state), then sends each query on its own lightweight stream. Three things drop out of the system that DoH had to deal with:
- No TCP. UDP loss does not stall the connection. A dropped packet for query A does not delay the response to query B.
- No HTTP framing. You are not paying for HEADERS frames, DATA frames, and HPACK state on a 60-byte question.
- No head-of-line blocking. QUIC streams are independent at the transport layer, not just the application layer.
In benchmarks we have run from a residential connection in Mumbai to Quad9 anycast, DoQ tail latencies (95th percentile) are roughly 30-40% lower than DoH for parallel lookups during page load. The median is closer because medians hide the tails. The tails are where users notice.
Where DoQ is deployed today
On the resolver side, the public DoQ ecosystem is smaller than DoH but covers the names that matter:
- Quad9: dns.quad9.net on UDP/853, with malware-blocking and unfiltered variants.
- AdGuard DNS: dns.adguard-dns.com, with family and unfiltered profiles.
- NextDNS: every NextDNS profile gets a DoQ endpoint at <id>.dns.nextdns.io.
- Cloudflare 1.1.1.1: rolling out via the 1.1.1.1 app and on the resolver since late 2024.
On the client side, support is lopsided. Android 13+ exposes DoQ through Private DNS if you point it at a DoQ-capable hostname. iOS has no native DoQ support and probably never will — Apple shipped DoH and DoT in iOS 14 and stopped there. Linux can use systemd-resolved with patches, or dedicated stub resolvers like dnsproxy or dnscrypt-proxy. Windows has no native support; you need a third-party stub.
How to turn DoQ on right now
Three paths, ordered by how much pain they involve.
Android (easiest)
- 1Settings → Network and Internet → Private DNS.
- 2Choose "Private DNS provider hostname".
- 3Enter dns.quad9.net (Quad9), dns.adguard-dns.com (AdGuard), or your NextDNS hostname.
- 4Android will automatically prefer DoQ if the resolver advertises it, falling back to DoT.
AdGuard or NextDNS apps (easy)
Both apps speak DoQ to their own resolvers by default on every platform. If you are already using either, you are already on DoQ — check the connection log to confirm.
Cloudflare 1.1.1.1 app (easy on iOS, easier elsewhere)
The 1.1.1.1 app uses DoH publicly but the underlying daemon supports DoQ; on platforms where Cloudflare has enabled it, you get QUIC transparently. On iOS this is the only practical way to get DoQ without rolling your own profile.
The honest assessment
DoQ is the right design. It does not pretend to be web traffic, which is a privacy compromise DoH made for political reasons (it is harder for a censoring middlebox to selectively block). It just does encrypted DNS, fast, with the modern transport. If you control your client and you trust your resolver, DoQ is the protocol you want.
If you are on a network where UDP is unreliable or DPI actively blocks QUIC — some corporate networks, some authoritarian-state ISPs — DoH is still the better tool because it hides inside HTTPS. Use DoQ where it works, fall back to DoH when it does not, and never go back to plaintext Do53.
Our own DNS leak tester checks for both, and our VPN clients pin DNS to a DoQ-capable resolver inside the tunnel. The first time you watch your tail latencies drop on a page that pulls assets from twenty domains, you understand why this protocol exists.
Frequently asked
Is DoQ faster than DoH for everyone?+
Median latencies are similar on a warm connection — both reuse a single transport handshake. The win shows up at the tails: parallel lookups during a page load, lossy mobile networks, and any scenario where TCP head-of-line blocking would hurt. On a clean wired connection to a nearby resolver, you may not notice.
Can my ISP still see my DNS queries with DoQ?+
Your ISP sees that you are talking to a specific DoQ resolver (Quad9, AdGuard, etc.) on UDP/853. They cannot see the names you look up or the answers you receive. They can also see SNI in your subsequent TLS connections unless you also use Encrypted Client Hello, which is a separate fight.
Why is iOS DoQ support so limited?+
Apple chose DoH and DoT for the system-level encrypted DNS APIs introduced in iOS 14 and has not added DoQ. Third-party apps can implement DoQ in user space, which is what the 1.1.1.1 app and AdGuard do, but there is no system-wide setting equivalent to Android Private DNS for DoQ. Pressure Apple if you care.
Run PlanetProxy for seven days, on us.
Same purple tile cards you see on this page, plus the green lock and a 50 ms hop to wherever you want to be.
Start the trial →More from the dispatch
NetworkingPP · DispatchWireGuard vs OpenVPN in 2026: which one to useNetworking · 9 minWireGuard vs OpenVPN in 2026: which one to use
Two protocols with very different histories. One is from 1999 and weighs 70,000 lines of C. The other is from 2018 and weighs 4,000. Here's when to pick each.
- NetworkingPP · DispatchHTTP/3 and QUIC: why your browser already changed protocols and you didn't noticeNetworking · 8 min
HTTP/3 and QUIC: why your browser already changed protocols and you didn't notice
About a third of the web now runs over HTTP/3, which means it runs over QUIC, which means it runs over UDP. Your browser made the switch silently. Here is what changed mechanically, where it breaks, and what it does to VPN throughput.
- NetworkingPP · DispatchIPv6 leaks: the hidden way your "secure" VPN can give you upNetworking · 8 min
IPv6 leaks: the hidden way your "secure" VPN can give you up
Most consumer VPN clients tunnel your IPv4 traffic and pretend IPv6 does not exist. Meanwhile your machine has a perfectly working IPv6 address from your ISP, and every site that supports IPv6 — Google, Cloudflare-fronted, Facebook, GitHub — sees it. Here is how to check, and how to fix it.