Question Adguard DNS is extremely slow today

[TairikuOkami]

The AdGuard public DoH DNS and the DoH DNS with an AdGuard account do not provide an IP address

netsh dns add encryption server=94.140.14.14 dohtemplate=https://dns.adguard-dns.com/dns-query autoupgrade=yes udpfallback=no
netsh dns add encryption server=94.140.15.15 dohtemplate=https://dns.adguard-dns.com/dns-query autoupgrade=yes udpfallback=no

Known DNS Providers | AdGuard DNS Knowledge Base

Here we suggest a list of trusted DNS providers. To use them, first install AdGuard Ad Blocker or AdGuard VPN on your device. Then, on the same device, click the link to a provider in this article

adguard-dns.io

 

[Divine_Barakah]

No, no, he asked how do you have it set up in Windows. Do you use some kind of software for using AdGuard DNS system-wide or?

He was talking about Adguard Public servers which do not provide IP addresses to use in Windows 11 native DoH.

Im using Windows 11 native DoH. I'm considering Technitium btw

 

[Sampei.Nihira]

That's completely normal and expected. Whenever you put a DNS request, your DNS server first needs to check if the domain you requested is present in some kind of blocklist you selected. If it isn't, just then it goes to check for corresponding IP address that will return to you.

Same goes for ad blockers; the more lists you subscribe to, the slower will websites load due to ad blocker having to check your domain and rules against every filter list. Unfiltered DNS server don't have to do that and straight go to find the corresponding IP address, which explains why they are faster.

Nonetheless; I prefer blocking on DNS level as filtering is done on the network-level rather than your device doing the checking. Reduces CPU usage and saves battery life.

With dynamic filtering, this is not the case.
Using pure Hard Mode, the website will load as quickly as possible.
In Medium Mode, the website loading speed will be slower because passive third-party resources will not be blocked.
In Hard Mode + TLD, which is the mode I use even on a website outside the TLD exceptions, there will be parts of the website included in the TLDs that will load when allowed by the filter lists.

I prefer adblock-level filtering, which is more refined and targeted, even though I also use DNS-level filtering.

 

[Divine_Barakah]

Update

Adguard DNS Speed back to normal today.

 

[Marko :)]

With dynamic filtering, this is not the case.
Using pure Hard Mode, the website will load as quickly as possible.
In Medium Mode, the website loading speed will be slower because passive third-party resources will not be blocked.
In Hard Mode + TLD, which is the mode I use even on a website outside the TLD exceptions, there will be parts of the website included in the TLDs that will load when allowed by the filter lists.

I prefer adblock-level filtering, which is more refined and targeted, even though I also use DNS-level filtering.

Yes, sure, you could block third-party everything and website will load quickly. You can also block first-party scripts to have it even faster, but at what cost? At the cost of having non functional website.

Many website depend on resources loaded from third-party. Actually... pretty much every modern website uses loads at least one thing from CDN to increase page loading time and save on costs. If you block third-party requests, you get broken website. Same goes for first-party script blocking.

Ad blockers still to this day heavily rely on filter lists which can contain hundreds of thousands of entries, and the job of ad blocker is still to check filter lists one by one in order to see how to apply ad blocking to a certain website. The essential part of ad blocking didn't much change from the 2010s when they came while hardware became more capable with each year. Back in the day, ad blockers would really slow down browsing, today not so much unless you have filters containing millions of rules.

Anyone who wants effective ad blocking experience should use DNS + extension combination as these perfectly complement each other.

 

[SeriousHoax]

@Divine_Barakah @rashmi Use 94.140.14.49 and 94.140.14.59 as the IPv4 address for Windows DoH for AdGuard account DNS.
It works for Technitium DNS server, AdGuard Home, my router. It should work for Windows also.

 

[rashmi]

netsh dns add encryption server=94.140.14.14 dohtemplate=https://dns.adguard-dns.com/dns-query autoupgrade=yes udpfallback=no
netsh dns add encryption server=94.140.15.15 dohtemplate=https://dns.adguard-dns.com/dns-query autoupgrade=yes udpfallback=no

He was talking about Adguard Public servers which do not provide IP addresses to use in Windows 11 native DoH.

Im using Windows 11 native DoH. I'm considering Technitium btw

@Divine_Barakah @rashmi Use 94.140.14.49 and 94.140.14.59 as the IPv4 address for Windows DoH for AdGuard account DNS.

I meant to ask how @Divine_Barakah is using AdGuard DoH, whether it is public or private, and if it involves third-party software, scripts, or other methods.

 

[Divine_Barakah]

I meant to ask how @Divine_Barakah is using AdGuard DoH, whether it is public or private, and if it involves third-party software, scripts, or other methods.

Private Adguard DNS using Windows built-in DoH.


I was using YogaDNS but since it's gone paid (the price is unreasonable for me), I ditched it.

 

[SeriousHoax]

I meant to ask how @Divine_Barakah is using AdGuard DoH, whether it is public or private, and if it involves third-party software, scripts, or other methods.

I understood. Just saying that, 94.140.14.49 and 94.140.14.59 should work with Windows's native DNS with private AdGuard profile for @Divine_Barakah

Private Adguard DNS using Windows built-in DoH.


I was using YogaDNS but since it's gone paid (the price is unreasonable for me), I ditched it.

It's still free to use for single DNS server.

 

[LinuxFan58]

For blocking policies, my Cloudflare Gateway setup has three regex patterns (simplified, efficient ad/tracker blocking) and then several security/content categories.

Even with all these policies disabled, I get 65 ms using the same tool as you. I just recently moved to a rural area surrounded by nature and will still be here for another few months. I might have better fortune when I live somewhere more urban again.

Would you share your regex patterns?

 

[rashmi]

Would you share your regex patterns?

(advert|adserv|adsystem|doubleclick|2mdn|truecaller|uberads|206ads|360in|360yield|3lift|a2z|aarki|ad2iction|adcolony|addthis|adform|adhaven|adlooxtracking|admicro|adnxs|adpushup|adroll|adsafeprotected|adsbynimbus|adspruce|adsrvr|adswizz|adtelligent|adventori|adzerk|aerserv|amplitude|aniview|anzuinfra|apester|aralego|atdmt|atwola|bannersnack|batmobi|bluecava|blueconic|carambo|casalemediacriteo|crittercismriteo|crittercism|revcontent|ijinshan|imrworldwide|inmobi|marketo|moatads|moatpixel|mookie|perfectaudience|permutive|pubmatic|pushwoosh|rayjump|revcontent|revjet|rfihub|richrelevance|rqmob|rubiconproject|onetag|samba|scopely|scorecardresearch|shareaholic|sharethis|sharethrough|smaato|snapads|speedshiftmedia|supersonicads|swrve|taboola|tremorhub|unity3d|vertamedia|videohub|vungle|wzrkt|xiaomi|yieldlove|yieldmo|yieldoptimizer|baidu|chinanet|yandex|googlesyndication)

 

[Marko :)]

Sure. I worked with a couple of chatbots to maximize blocking of prevalent ad/tracker websites with very few false positives. The first pattern targets OS analytics in Windows and Samsung Android, but it requires exceptions for a few legitimate functions. I'll just offer the two patterns for targeting web ads/trackers, including the majority of those on mobile platforms.

Perfection not guaranteed—it will certainly miss some sources of ads, especially niche ones—but LLMs have combed through them multiple times:

Primary Ads & Trackers

(?i)(?:^|\.)(2mdn\.net|33across|6sense|a1\.srp|abmr\.net|accountkit|acuityplatform|adaptv|ad4game|ad6media|adblade|adbooth|adbrite|adbutler|adcash|adcolony|addfreestats|addthis|addtoany|adfalcon|adform|adfox|adglare|adhigh|adikteev|adition|adjust\.com|adkernel|adlightning|adman|admantx|admarvel|admaster|admax|admedia|admob|adnxs|adpushup|adrecover|adriver|adroll|adscience|adsense|adservice|adspirit|adsrvr|adsterra|adswizz|adtech|adtegrity|adtelligent|advangelists|adversal|advertising|adview|adzerk|affec\.tv|agkn|akamaihd|akstat|amazon-adsystem|amplitude|anura|appboy|applovin|appnexus|atdmt|atp\.io|bidr\.io|bidswitch|blueconic|bluekai|braze|bsw\.sync|c1exchange|casalemedia|cloudfront\.net.*ads|comscore|contextweb|crazyegg|criteo|crwdcntrl|cxense|demdex|districtm|dotomi|doubleclick|doubleverify|dyntrk|e-planning|emxdgt|everesttech|exoclick|eyeota|facebook\.net|fbcdn|flashtalking|gemius|googlesyndication|googletagmanager|googletagservices|gstatic.*ads|histats|hotjar|hs-analytics|iasds01|imrworldwide|inmobi|innity|intercom\.io|ipredictive|iqm|krxd|lijit|liveintent|liveramp|lotame|matomo|media\.net|mediago|mediamath|mgid|moatads|mparticle|mookie1|myvisualiq|narrative|newrelic|nr-data|nsstatic|onesignal|openx|optimizely|outbrain|parsely|posthog|pubmatic|pusher|qualtrics|quantcast|quantserve|revcontent|rlcdn|rubiconproject|scorecardresearch|serving-sys|sharethrough|simpli\.fi|sitescout|smaato|sovrn|spotx|statcounter|stickyadstv|supertag|taboola|tapad|teads|tealium|tremorhub|tradelab|tradedesk|treasuredata|truoptik|turn\.com|unityads|vidazoo|visualwebsiteoptimizer|vungle|webpush|webtrends|yieldlab|yieldmo|yimg.*ads|zedo|zemanta)(?:\.|$)

Secondary Ads & Trackers

(?i)(?:^|\.)(ad4mat|ad6media|adblade|adcrowd|adhood|adiply|adjal|adk2|adland|adlantis|adless|adlive|adlook|admixer|admost|adnet|adnetwork|adnxs|adobe\.(?:demdex|omniture|sc|tt|visitor)|adperium|adplus|adrecover|adriver|adsafeprotected|adsrvr|adswizz|adthrive|adtima|adtonos|adtrue|aduptech|advids|adxpose|affiliate|affiliates|affiliatly|afy11|agkn|alexa|alexametrics|anura|appboy|audtd|ayl|bidgear|bids|bidswitch|bizible|blismedia|bloomreach|bombora|bounceexchange|bugherd|buzzoola|captify|carbonads|cedato|chartbeat|clickcease|cloudflareinsights|clrstm|confiant|convert|convertkit|cpx|cxense|deepintent|delvenetworks|disquscds|dotmetrics|dynad|effectivemeasure|ezoic|fastclick|fastlylb|fontawesome.*analytics|fullstory|gemius|getrockerbox|getsitecontrol|histats|hotjar|hsadspixel|hsappstatic|hubspot|impression|infolinks|innovid|insidegraph|inskin|intergi|iprom|ixiaa|kissmetrics|klaviyo|leadlander|lijit|linkpulse|liveramp|loggly|logrocket|luckyorange|madisonlogic|marketo|mathtag|mixpanel|mouseflow|mparticle|mythings|nanigans|netmng|npttech|o333o|optimizely|optmnstr|outbrain|owneriq|parsely|piano\.io|pingdom|plista|postrelease|proximic|pulseinsights|pushcrew|quora.*pixel|redshell|reson8|revenuehits|revsci|rhythmxchange|richaudience|rocketfuel|rtmark|sail-horizon|sailthru|salesloft|semasio|servedby|shareaholic|sharethrough|shopify.*s|simplifi|sitemeter|skimresources|smartlook|snapchat.*sc|snowplow|sonobi|statcounter|survata|taboola|taptica|thebrighttag|thrtle|tiktok.*pixel|tiqcdn|trackjs|tradplusad|traq|treasuredata|tritondigital|truffle|trustarc|tubemogul|tvpixel|undertone|unpkg.*analytics|upsight|usabilla|userreport|veinteractive|vidible|viglink|visualiq|woopra|yahoo.*pixel|yandex.*metrika|yellowblue|yieldify|yieldlove|yieldmanager|yieldmo|yieldoptimizer|yieldpro|zemanta|zeotap|zxq\.net)(?:\.|$)

Isn't it better to just use a blocklist like HaGeZi one?

Sure this blocks ads and trackers, but the list isn't as big and it definitely misses a lot of them. From what I understand, this covers only popular ad companies, not the less popular ones.

 

[Sampei.Nihira]

Be careful.
AI is not capable of recommending efficient configurations that block trackers, nor is it capable of recommending the best filter lists to subscribe to.

 

[Miravi]

Isn't it better to just use a blocklist like HaGeZi one?

Sure this blocks ads and trackers, but the list isn't as big and it definitely misses a lot of them. From what I understand, this covers only popular ad companies, not the less popular ones.

It's not comprehensive, and I only intended for it to supplement comprehensive adblocking in my browser. The regex patterns were meant to be performant while referencing major entries in popular blocklists. They did grow bigger than originally intended. I could get away without them.

I encountered some difficulty with Python in my setup when fiddling with scripts, but I also read multiple anecdotes of people experiencing extreme latency when maxing out their domain count by importing large blocklists. That doesn't seem to be the case for people here, though?

 

[Marko :)]

It's not comprehensive, and I only intended for it to supplement comprehensive adblocking in my browser. The regex patterns were meant to be performant while referencing major entries in popular blocklists. They did grow bigger than originally intended. I could get away without them.

I encountered some difficulty with Python in my setup when fiddling with scripts, but I also read multiple anecdotes of people experiencing extreme latency when maxing out their domain count by importing large blocklists. That doesn't seem to be the case for people here, though?

There can be slight latency, but nothing drastically, completely normal and it mostly depends on your internet connection. I haven't noticed any latency between normal 1.1.1.1 DNS and my Zero Trust with HaGeZi Pro++ and bunch of categories from Cloudflare though.

Difference between my Zero Trust and ControlD was too obvious.

 

[LinuxFan58]

Try this test:

Fastest DNS Speed Test - Find Optimal DNS Server | No Install

In my case, Cloudflare is consistently the fastest DNS of all the others you have considered.

Thanks, for the link. for me the major DNS players always come on top. Strangely when I switch DNS Quad9 and Cloudflare seem to resolve a bit faster than NextDNS and ControlD. While DNS4EU feels the slowest. I have not tried others, but my feel seems to be inconsistent with this synthetic test. Based on feel my rank would be 1-Quad9, 2-Cloudflare, 3-Google, 4-NextDNS, 5-ControlD, 6-DNS4EU . With numbers 1 to 3 feeling the fastest (with minimal difference between them) and numbers 4 to 6 feeling a bit slower (also with minimal differences between them). The Ziggo (postal code) area divider box is in my front yard (Ziggo is with KPN the largest broadband provider in the Netherlands) and Amsterdam is a major network hub in the world. This might explain why all major DNS providers score extremely fast.

 

[Marko :)]

Amsterdam is a major network hub in the world. This might explain why all major DNS providers score extremely fast.

UK, Netherlands, France and Germany.

These countries would have the fastest internet in Europe if ISPs wanted to update their servers and infrastructure. Pretty much every single networking company has their server in those 4 countries as these countries make one-third of Europe's population. Germany is known as data center powerhouse in Europe as it has the largest amount of them than any other European country.

 

[FALLEN]