Community discussions

MikroTik App
 
Solaris
Member Candidate
Member Candidate
Topic Author
Posts: 111
Joined: Thu Apr 29, 2010 5:05 pm

Feature request : DNS over TLS or Quic?

Fri Jul 15, 2022 12:14 am

It's mid 2022, we got cake QOS which is nice but how about DNS over TLS or Quic which is faster than TLS, in my poor Mikrotik RB2011, most of the time, cpu resources is mostly used by SSL which is currently DoH(DNS over Https).

Dns Over Quic please?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11968
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Feature request : DNS over TLS or Quic?

Fri Jul 15, 2022 12:46 am

I do not know if you live on a country with a dictatorship and you need, to be free, the use of DoH,
but, if not, why uselessly using DoH on RB???

And how you can say than "Quic" or DoT on routerboard is Quick?
Both needs cryptography as DoH...
 
Solaris
Member Candidate
Member Candidate
Topic Author
Posts: 111
Joined: Thu Apr 29, 2010 5:05 pm

Re: Feature request : DNS over TLS or Quic?

Fri Jul 15, 2022 2:06 am

Well I don't want to debate or discuss regarding my country's politics or ideology but even reddit got blocked lol. It's about privacy also, I know they still can sniff my other non-dns traffic.

It's based benchmark on other platform which is I have tested quickly, don't want to mention the platform name.

Also this is just a feature request one way to another we don't know for sure if either DoT or DoQ is slower in lower end or old device like RB2011 until mikrotik bring it into live.

Edit:
As through DoH it has more overhead as it through https protocol than probably DoT or DoQ which are more inclined or newly designed specially for secure dns request, as a guru you must be already know those overheads may cause additional few or some extras milliseconds which is really crucial.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: Feature request : DNS over TLS or Quic?

Fri Jul 15, 2022 2:21 am

I have nothing against your request. On the other hand, I ran DoH on RB2011 for around two years and did not experience a problem with the device maybe you should look into it more deeply.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11968
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Feature request : DNS over TLS or Quic?

Fri Jul 15, 2022 4:01 am

Well I don't want to debate or discuss regarding my country's politics or ideology
This is not the point... me niether.

[...] but even reddit got blocked [...]
NO problem, next time also the IPs are blocked (after collect who is using reddit directly circumventing DNS block)
You make a VPN.
Next time the VPN is blocked,
and so on...

[...] as a guru you must be already know those overheads [...]
Yes, as a forum guru I know everything in the world, for sure...
And for sure I know that standard DNS is the best and faster way possible to have DNS solved.
And for sure I know that for privacy, all your DNS traffic goes to "one" company, that, FOR SURE,
does not collect anything from you and respect unconditionally your privacy...



P.S.:
Analyzing traffic, is clear when a packet containing DoH or DoQ request......
Is more clear and easily blockable the DoT...

Who is online

Users browsing this forum: No registered users and 23 guests