DNS resolver Quad9 enables DNS over HTTP/3 and QUIC globally, expanding encrypted options

Quad9 has rolled out support for DNS over HTTP/3 (DoH3) and DNS over QUIC (DoQ) across its global resolver network. This update expands encrypted DNS options for users who prioritize privacy and security.

Both DoH3 and DoQ operate on the QUIC protocol. QUIC features built-in end-to-end encryption and mandates Transport Layer Security (TLS) 1.3, which is faster and offers improved cryptographic security over earlier versions. It also directly addresses several limitations seen in TCP-based DNS by reducing connection setup time and enforcing encrypted communication protocols.

While DoH3 transports DNS over HTTPS using HTTP/3 on top of QUIC, its deployment benefits from an ecosystem where browser and content delivery network support for HTTP/3 is already mature. This allows privacy-oriented users to retain compatibility with widely adopted infrastructure while utilizing Quad9 as their resolver.

In contrast, DoQ sends DNS queries directly over QUIC, bypassing HTTP and leveraging a purpose-built protocol design on port 853. Though adoption of DoQ is still developing, Quad9 is making it broadly available to encourage its broader use. For configuring DoH3, no changes are needed. To use DoQ, users must set the appropriate Quad9 hostname on port 853. Both protocols are accessible across the full range of Quad9 variants.