Get Started Free | Contact Sales: +1 (888) 274-3482

The Cloudflare Blog

Subscribe to receive notifications of new posts:

Subscription confirmed. Thank you for subscribing!

Encrypting DNS end-to-end

Irtefa

Over the past few months, we have been running a pilot with Facebook to test the feasibility of securing the connection between 1.1.1.1 and Facebook’s authoritative name servers. Traditionally, the connection between a resolver and an authoritative name server is unencrypted i.e. over UDP.

In this pilot we tested how an encrypted connection using TLS impacts the end-to-end latency between 1.1.1.1 and Facebook’s authoritative name servers. Even though the initial connection adds some latency, the overhead is amortized over many queries. The resulting DNS latency between 1.1.1.1 and Facebook’s authoritative name servers is on par with the average UDP connections.

To learn more about how the pilot went, and to see more detailed results, check out the complete breakdown over on Code, Facebook's Engineering blog.

We protect entire corporate networks, help customers build Internet-scale applications efficiently, accelerate any website or Internet application, ward off DDoS attacks, keep hackers at bay, and can help you on your journey to Zero Trust.

Visit 1.1.1.1 from any device to get started with our free app that makes your Internet faster and safer.

To learn more about our mission to help build a better Internet, start here. If you're looking for a new career direction, check out our open positions.

1.1.1.1 DNS Resolver Speed & Reliability TLS

Follow on Twitter

Cloudflare |Cloudflare

December 08, 2020 12:00PM

Helping build the next generation of privacy-preserving protocols

Today, we’re making several announcements around improving Internet protocols with respect to something important to our customers and Internet users worldwide: privacy....

Nick Sullivan

Privacy Week , Encryption , Cryptography , DNS , DoH

June 18, 2019 2:00PM

Securing Certificate Issuance using Multipath Domain Control Validation

Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital certificates, providing the foundation for encrypted and authentic communication....

Dina Kozlov
, Gabbi Fisher

Crypto Week , Crypto , Cryptography , DNS , BGP

December 22, 2017 2:17PM

Technical reading from the Cloudflare blog for the holidays

During 2017 Cloudflare published 172 blog posts (including this one). If you need a distraction from the holiday festivities at this time of year here are some highlights from the year....

John Graham-Cumming

Year in Review , Product News , LavaRand , DDoS , Geo Key Manager

July 21, 2017 9:01AM

How to use Cloudflare for Service Discovery

Cloudflare runs 3,588 containers, making up 1,264 apps and services that all need to be able to find and discover each other in order to communicate -- a problem solved with service discovery....

Dani Grant

DDoS , Reliability , Speed & Reliability , IPv4 , DNS