In view of this, the Internet Engineering Task Force has introduced the DoH specification to encrypt user queries, so that users can better protect their privacy when browsing the web pages.
DNS-over-TLS encryption standard:
We know that HTTPS encryption security protocol can effectively prevent man-in-the-middle attacks, and can also allow intermediaries or operators to monitor users'real-time access information. At present, many operators will use traffic hijacking to insert advertisements into pages accessed by users, while HTTPS-encrypted pages will not be affected.
In the DNS field, there was no encryption before. Even though the web pages were HTTPS connected, the operators could still see the users browsing.websitePage address. DoH is specifically for DNSThe serverThe TLS encryption function introduced prevents operators from viewing web addresses from encrypting the whole process starting from users'requests for access.
Google Public DNS Server DoH Encryption:
Google claims that the network environment has changed dramatically since it launched its public DNS server eight years ago, and users urgently need to protect their privacy. Google's public DNS mission is to improve the security and accuracy of DNS for all users around the world, so Google's DNS began to support DoH encryption.
Currently, Google Public DNS has fully access to DoH encryption and minimizes TLS overhead, including TLS 1.3 and TCP protocol switching on and so on. Encryption function has an impact on query speed, but after optimization, the impact is very small. Most users will not feel the delay caused by encryption.
Attach Google Public DNS Address:
IPv4:8.8.8/126.96.36.199 IPv6:2001:4860:4860::8888/2001:4860:4860::8844 slash is the main DNS and standby DNS respectively. Users should fill in the main address and standby address respectively in the first and second columns of DNS configuration when using IPv4:8.8.8/8.4.4 IPv6:2001:4860::8888/2001:4860::8844 slash.