DNS queries and responses sent over port 53 without encryption are vulnerable to spoofing and eavesdropping. This issue is addressed in NIOS appliances that have DNS over TLSĀ (Transport Layer Security) and DNS over HTTPS services enabled. These features encrypt DNS queries and responses to secure communication between a DNS server and a DNS client.
...
| Note | ||
|---|---|---|
| ||
When a NIOS appliance does not have the required base memory configuration, if you try to enable and run DNS over TLS, DNS over HTTPS, and Parental Control features simultaneously, all of these features will be disabled. |
Supported Cipher Suites
From NIOS 8.5.3 onwards, the DNS over TLS and DNS over HTTPS features support cipher suites that are supported by TLS only TLS version 1.2 and TLS version 1.3. The cipher suite order preference is configured to improve the throughput in DNS over TLS and DNS over HTTPS communication.
...