Open Encrypted DNS Servers
We scan the IPv4 address space for servers supporting DNS-over-TLS (DoT, RFC 7858), DNS-over-HTTPS (DoH, RFC 8484), DNS-over-QUIC (DoQ, RFC 9250), and DoH3. Here we provide statistics and data about open encrypted DNS servers, including their IP addresses, authentication domain names (ADN), locations, and certificate verification status.
Related publications
[WWW ‘24] Ruixuan Li, Baojun Liu, Chaoyi Lu, Haixin Duan, and Jun Shao. A Worldwide View on the Reachability of Encrypted DNS Services. To appear in Proceedings of the Web Conference 2024
Code
[IMC ‘19] Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, and Jianping Wu. An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?. In Proceedings of the 2019 ACM Internet Measurement Conference
Paper Bibtex IRTF Applied Networking Research Prize Recepient
[ToN ‘23] Ruixuan Li, Xiaofeng Jia, Zhenyong Zhang, Jun Shao, Rongxing Lu, Jingqiang Lin, Xiaoqi Jia, Guiyi Wei. A Longitudinal and Comprehensive Measurement of DNS Strict Privacy. In IEEE/ACM Transactions on Networking
Paper Bibtex
Statistics and summary
Our scan is performed monthly. Data for DoT/DoH dates back to Dec 2021, and DoQ/DoH3 dates back to Jul 2022.
A) Count of IPs (v4) and ADNs of encrypted DNS servers
Following an evident growing trend in early stages since proposal, the count of IPs and ADNs associated with each protocol shows small fluctuations in recent years.
B) Validity of certificates
Invalid certificates, especially self-signed certificates, still pose as a substantial issue for open DoT servers (>30% of all). The same problem is minor for other protocols.
Raw data
We provide open access to raw data from the two most recent scans. Drop us an email if you need scanning results from other months.
| Description | DoT servers | DoH servers | DoQ servers | DoH3 servers |
|---|---|---|---|---|
| March 2024 (IPv4) | dot-202403.json | doh-202403.json | doq-202403.json | doh3-202403.json |
| February 2024 (IPv4) | dot-202402.json | doh-202402.json | doq-202402.json | doh3-202402.json |
| DoE domains (with IPv6) | dot-domain-v6.txt | doh-domain-v6.txt | doq-domain-v6.txt | doh3-domain-v6.txt |