Quad9

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Quad9 is a public DNS resolver that blocks access to malware infected websites.[1][2] The service protects privacy by not logging the IP address of users who set their computers to send queries to it.[3][4]

CleanerDNS, Inc., a California non-profit corporation, operates Quad9. CleanerDNS is supported by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA), other cyber-security organizations, and private donations.[5] On February 17, 2021, the organization announced that it is in the process of re-incorporating its operations in the country of Switzerland, stating that the host nation's robust privacy laws better support Quad9's user data privacy initiatives.[6]

Service[edit]

IP addresses[edit]

Quad9 operates recursive name servers for public use at the following IP addresses. These addresses are mapped to the nearest operational server by anycast routing. Quad9 offers DNS over TLS over port 853,[7] DNS over HTTPS over port 443,[8] and DNSCrypt over port 443.[9]

Secured (Mainstream) Unsecured Secured, with ECS support
DoH addresses[10] https://dns.quad9.net/dns-query
https://dns9.quad9.net/dns-query (optional)
https://dns10.quad9.net/dns-query https://dns11.quad9.net/dns-query
DoT addresses[11] dns.quad9.net
dns9.quad9.net (optional)
dns10.quad9.net dns11.quad9.net
IPv4 addresses[10] 9.9.9.9
149.112.112.112
149.112.112.9 (optional)
9.9.9.10
149.112.112.10
9.9.9.11
149.112.112.11
IPv6 addresses[10] 2620:fe::fe
2620:fe::fe:9
2620:fe::9 (optional)
2620:fe::10
2620:fe::fe:10
2620:fe::11
2620:fe::fe:11

Quad9's primary DNS service is accessible via the IP addresses for IPv4: 9.9.9.9 and 149.112.112.112, and IPv6: 2620:fe::fe and 2620:fe::fe:9. This service supports blocklist, DNS encryption, and DNSSEC.[10]

Quad9's alternative DNS service that supports limited features is accessible on IPv4: 9.9.9.10 and 149.112.112.10, and IPv6: 2620:fe::10 and 2620:fe::fe:10. This service only supports DNS encryption.[10]

Quad9's identical DNS service that supports ECS is accessible on IPv4: 9.9.9.11 and 149.112.112.11, and IPv6: 2620:fe::11 and 2620:fe::fe:11. This service supports blocklist, DNS encryption, DNSSEC, and ECS.[10]

Privacy[edit]

No personally-identifiable information is collected by the Quad9 system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. Quad9 is a not-for-profit organization with the core charter to provide secure, fast, private DNS. Therefore there are no secondary revenue streams for personally-identifiable data.[12]

See also[edit]

References[edit]

  1. ^ "How does Quad9 protect me from malicious domains?". Quad9. Retrieved 2018-04-08.
  2. ^ "New "Quad9" DNS service blocks malicious domains for everyone". Ars Technica. Retrieved 2018-04-08.
  3. ^ "Quad9 Privacy Policy". Quad9. Archived from the original on 2021-02-17. Retrieved 2021-03-04.
  4. ^ "A Deeper Dive Into Public DNS Resolver Quad9". Internet Society. Retrieved 2018-04-08.
  5. ^ "About Quad9 DNS". Quad9. Retrieved 2018-04-08.
  6. ^ "Quad9 public domain name service moves to Switzerland for maximum internet privacy protection". Quad9. Retrieved 2021-03-04.
  7. ^ "Does Quad9 support DNS over TLS?". Quad9. Retrieved 2018-04-08.
  8. ^ "Does Quad9 support DNS over HTTPS (DoH)?". Quad9. Retrieved 2018-10-05.
  9. ^ "DNSCrypt and more DOH Support Live (via dnscrypt)". Quad 9. 2019-04-04. Retrieved 2020-09-28.
  10. ^ a b c d e f "DoH with Quad9 DNS Servers". Quad9. Retrieved 2018-10-05.
  11. ^ "Enable Private DNS using Quad9 on Android 9". Quad 9. 2018-09-18. Retrieved 2020-09-28.
  12. ^ "About Quad 9: Security. Privacy. Performance". About Quad 9: Security. Privacy. Performance. Retrieved 2020-10-24.

External links[edit]