Windows Insiders finally get client-side DNR support

Microsoft has announced support for client-side Discovery of Network-designated Resolvers (DNR) in the recently released Windows Insider build 25982 and higher. 

DNR is an upcoming IETF standard that allows devices to automatically discover and use encrypted DNS servers on local area networks. The Build itself is now live in the Canary channel.

This is a significant improvement over the current system, which requires users to manually configure encrypted DNS on their devices.

“From the user’s perspective, they joined a new network as they normally would and without any effort on their part, they are reaping the benefits of encrypted DNS,” Microsoft says in the official announcement.

When a device with client-side DNR enabled joins a new network, it queries the DHCP server for an IP address. It also requests special DNR-specific options. 

The DHCP server, if it is running server-side DNR, will respond with the IP address of the encrypted DNS server, a list of supported encrypted DNS protocols, their port numbers, and server authentication information. 

The client machine then sets up an encrypted DNS tunnel with the discovered server automatically.

Elsewhere in the newly-released build for the Canary channel, the Redmond-based tech giant is also rolling out the hotly-anticipated Copilot in Windows. The AI assistance tool will arrive “in the select global markets” in a gradual rollout – so if you’re on Canary and still not getting it, you don’t have to worry.