Hacker News new | past | comments | ask | show | jobs | submit login

DoH /is/ a bad technology on a technical level. On a modern network DNS requests come in pretty much constantly and I've never seen so many DNS timeouts and slow lookups as when I tried running a DoH proxy for my LAN. The head of line blocking of HTTP / TCP is horrible and my router was running at 100% CPU with all the TLS overhead.

I'm all for authenticated and encrypted DNS but routing it over HTTPS is just a nasty hack.




It seems like it's a problem with your router not being able to handle TLS. Old equipment doesnt last forever.

HTTP is the internet, and the amount requests a client makes is magnitudes greater than DNS.

Like Google or Cloudfare's DoH isn't slow.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: