As Lenny_Fox request a NextDNS guide with pictures, here we go - based on Your NextDNS settings thread.

First, info about NextDNS can be read at: official Website & GitHub

I use and recommend using their service in easiest way you can implement. For me that is on router level so i don't need any software on Clients.

Setup Webinterface:
setup.png
The red marked is the one i use in my Fritzbox router DNS settings. Also you should add both DNSv4 from right side ("DNS Servers") and DNSv6 from left side ("IPv6") into your router if for some reason the encrypted DNS has problems.
If that's done, take a look at top and if "All good!" is listed, your setup is finished! (y)

Now we will increase the setup to maximum protection
Security Webinterface:
security.png

Privacy Webinterface:
privacy.png

Parental Control Webinterface:
parental control.png

Denylist Webinterface:
denylist.png

Allowlist Webinterface:
allowlist.png

Settings Webinterface:
settings.png

Done!

Also don't forget to activate 2FA for your account!:
account.png
 
Last edited:

JoyousBudweiser

Level 9
Verified
Do you use only NextDNS' own filterrs?
At the beginning use only lesser number of filters. Add filters only when you are comfortable with the existing filters. You will be in need of populating the "allow list" at certain point of your usage and once you have had the allow list cover all your essential items, you can add any number of filters without any issue. I have around 30 or so items in my allow list, and I have enabled around 10 filter lists without any issue. But it took me more than a month to fine tune my allow list.
 

JoyousBudweiser

Level 9
Verified
I'm using the NextDNS app on my laptop, not on my modem because it's an ISP device. It seems like my browsers run better without Secure DNS lookups flag enabled.

What are other users doing with this flag? :unsure:
Dnssec ie secure dns lookup will take extra time to get the verification done, that's why you feel it slow. You don't need to enable it unless you are in need of ultra secure dns query replies.
 
Last edited:

JoyousBudweiser

Level 9
Verified
Is there any way to set custom DoH of NextDNS on Simple DNSCrypt?
It can be done, but simple dnscrypt requires you to set dns ip address as 127.0.0.1 and windows 10 will then say there is no internet connection, then windows 10 apps from store will not work. Select nextdns from list then...
1.Navigate to C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy.
2. Open the dnscrypt-proxy.toml file in your notepad application. ( Open notepad with admin privileges)
3.Scroll to the bottom where it says [sources] and add the following:
[static."nextdns-custom-name"]
stamp='sdns://[your key from your dashboard]
server_names = ["nextdns-custom-name", "second_dns_reslover"]

example...

server_names = ['NextDNS-764621']

[static]
[static.'NextDNS-764621']
stamp = 'sdns://AgEAAAAAAAAACjQ1LjkwLjI4LjAADmRucy5uZXh0ZG5zLmlvBy42NjY2MjE

you can get this sdns number in your nextdns account, just go to setup >setup guide> choose routers...scroll down...to dns crypt...
 
Last edited:
Top