I’m using DNS Policies to block domains related to ads with Cloudflare Gateway.
I compared Gateway’s DoH resolution time against AdGuard and NextDNS using dnslookup tool from ameshkov on GitHub.
I also measured network latency with ping.
Cloudflare 1.1.1.1 (no filtering)
dnslookup example.com https://1.1.1.1/dns-query 1.1.1.1
Average resolution time is 40ms.
Average network latency is 5.8ms.
Cloudflare Gateway (with filtering, aka DNS policies)
dnslookup example.com https://<custom>.cloudflare-gateway.com/dns-query 162.159.36.20
Average resolution time is 350ms.
Average network latency is 5.1ms.
AdGuard (public server, with filtering):
dnslookup example.com https://dns.adguard.com/dns-query 94.140.15.15
Average resolution time is 80ms.
Average network latency is 17.7ms.
NextDNS (with filtering)
dnslookup example.com https://dns.nextdns.io/<custom> 193.168.204.73
Average resolution time is 45ms.
Average network latency is 5.7ms.
Measured network latencies do not show an important difference.
However, measured DNS resolution time from Cloudflare Gateway is much higher than the others. I guess the filtering engine is the main bottleneck, but why the resolution time is so much higher than the other DNS providers which are also using a filtering engine.
Do other customers from this community are experiencing the same result?