Measuring the Performance of Encrypted DNS Protocols from Broadband Access Networks

07/14/2020
by   Austin Hounsel, et al.
0

Until recently, DNS traffic was unencrypted, leaving users vulnerable to eavesdropping and tampering. In response to these privacy concerns, two protocols have been proposed: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Previous work has demonstrated that, in general, response times with popular DoT and DoH resolvers are marginally slower than conventional DNS, but sometimes faster on emulated lossy networks. However, these measurements were not taken from home networks, nor at scale from many vantage points. Furthermore, they do not capture performance on real networks with low bandwidth or high latency and packet loss. In this paper, we study the performance of encrypted DNS protocols and DNS from thousands of home networks in the United States, over one month in 2020. We perform these measurements from the homes of 2,768 participating panelists in the Federal Communications Commission's (FCC) Measuring Broadband America program. We find that, across the aggregate dataset, median DoT and DoH response times are as much as 7 ms and 23.2 ms slower than conventional DNS. We study the effects of latency, bandwidth, and heterogeneity between Internet service providers on DNS performance and find that latency had the most significant effect on response times, particularly for DoH. We also find that there can be significant variation in DNS performance between resolvers, with median query response times differing by as much as 23.7 ms.

READ FULL TEXT
research
08/09/2022

Measuring the Availability and Response Times of Public Encrypted DNS Resolvers

Unencrypted DNS traffic between users and DNS resolvers can lead to priv...
research
02/07/2022

One to Rule them All? A First Look at DNS over QUIC

The DNS is one of the most crucial parts of the Internet. Since the orig...
research
05/17/2018

Cellular Network Multi-Access Measurements on the Roads of Värmland, Sweden

Cooperative Intelligent Transport Systems (C-ITS) make road traffic safe...
research
07/18/2019

Analyzing the Costs (and Benefits) of DNS, DoT, and DoH for the Modern Web

Essentially all Internet communication relies on the Domain Name System ...
research
05/01/2023

DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance

Over the last decade, Web traffic has significantly shifted towards HTTP...
research
01/20/2023

Performance of Joint XR and Best Effort eMBB Traffic in 5G-Advanced Networks

In this paper, we address the joint performance of eXtended reality (XR)...
research
05/05/2021

A Case Study of First Person Aiming at Low Latency for Esports

Lower computer system input-to-output latency substantially reduces many...

Please sign up or login with your details

Forgot password? Click here to reset