[bogomipz]

Can't that only be done for a max of 10 seconds though? So beyond 10 seconds, you have the connection overhead all over again no?

https://dnsprivacy.org/wiki/display/DP/Configuring+Stubby

[gsich]

Yes. I run a bind on a server which forwards all queries to quad9 (udp) Then I stunnel that port and use stubby on my side.

The connection is open longer, but still closes occasionally, so I just resolve a name every x seconds. Not the best way.

[berti]

Yes. IIRC from my testing a while back, both 1.1.1.1 and 9.9.9.9 close TLS connections either immediately or after a short timeout. Short timeout could work if you're running a larger network, but not so much at home.