Microsoft has added support for the new Internet standard Discovery of Network-designated Resolvers (DNR) in Windows 11 Insider Preview Build 25982.
The new DNR functionality will soon allow Windows 11 users, when it rolls out in production versions, to automatically discover encrypted DNS servers on local networks from their clients.
Until now, users still have to manually enter the details of encrypted DNS servers on local networks in Windows 11’s network settings.
Operation
The advent of client-side DNR now helps Windows 11 users automatically configure their devices to reach such DNS resolvers and use encrypted DNS protocols. In the latter case, consider DNS over TLS (DoT), DNS over HTTPS (DoH) and DNS over QUIC (DoQ).
A device with client-side DNR, when it contacts a network, makes a query to the local DHC server for an IP address and DNR-specific options. The operating server-side DNR responds with encrypted DNS details, including server IP address, supported protocols, port numbers and authentication information. This enables the client to automatically set up an encrypted DNS tunnel using the enhanced information
The functionality is now available in Windows 11 Insider build 25982 and above. Non-Insider versions of Windows 11 do not yet have the specific functionality. Microsoft provides Insider users with a detailed roadmap for implementing DNR.
Other modifications Windows 11 Insider Build
In addition to DNR functionality, the latest Insider build also allows administrators to set mandatory SMB client encryption for all outbound connections. This allows them to prevent data eavesdropping and interception.
Furthermore, ReFS file system Block Cloning Support has also been added to the Windows copy engine. This should improve the performance of ReFS volumes when copying larger files.
Read more: Windows 11 adoption disappoints, but that’s only natural