You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
dns performance
About this tag
DNS performance on Windows networks can be impacted by subtle software flaws in recursive resolvers like Unbound. A recent vulnerability, CVE-2026-42534, demonstrates how a jostle logic bug in Unbound versions up to 1.25.0 can cause slow DNS resolution when duplicate queries bypass normal handling. This medium-severity issue affects availability rather than security, making it easy to overlook. For Windows administrators, homelab operators, and MSPs running Unbound as part of a local resolver stack, understanding such bugs is key to maintaining fast name resolution. The tag covers discussions around diagnosing and mitigating DNS performance problems, including those arising from resolver internals, configuration, or network conditions.
A café Wi-Fi test comparing the network’s default DNS, Quad9 over plain DNS, and Quad9 over DNS-over-HTTPS found encrypted Quad9 lookups averaging about 21.5 milliseconds, nearly matching the café resolver and beating plain Quad9 DNS at roughly 46.3 milliseconds in that session. That result does...
CVE-2026-42534 is a medium-severity vulnerability disclosed on May 20, 2026, in NLnet Labs Unbound versions up to and including 1.25.0, where repeated duplicate DNS queries can bypass the resolver’s jostle logic and degrade resolution performance for clients relying on it as recursive DNS...