Advice Request NextDNS thoughts and experiences?

Please provide comments and solutions that are helpful to the author of this topic.

F

ForgottenSeer 85179

Nextdns took over google DNS

8ndg3ghohfv51.png


(y) :emoji_beer:
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,872
It varies from location to location though. Even ISP to ISP. Here I get exact same ping for Cloudflare, NextDNS, OpenDNS, Adguard DNS, Cleanbrowsing DNS which 66 on average now. Pinging Google's main DNS server shows better at result at 39 but the server it actually connects if I use it is worse, 80+.
 
F

ForgottenSeer 85179

It varies from location to location though. Even ISP to ISP. Here I get exact same ping for Cloudflare, NextDNS, OpenDNS, Adguard DNS, Cleanbrowsing DNS which 66 on average now. Pinging Google's main DNS server shows better at result at 39 but the server it actually connects if I use it is worse, 80+.
Sure that depends on own location. That's why the "World" statistic is nice.
 

valvaris

Level 6
Verified
Well-known
Jul 26, 2015
263
I am relatively new to NextDNS but a veteran in Networking. ;)

What I like in terms of NextDNS allot is offloading the Adblock features from "PFblockerNG" / "Pihole" to NextDNS. That just gave my network a nice boost. Not that I run a potato Firewall but how PFblockerNG handles massive amounts of packets to look in to. Just imagine a Proxy to Proxy service - So traffic comes from one port and needs to travel thru the Rules and PFblockerNG then it can go to the Uplink servers.

In my case it was Cloudflare Sec. DNS over TLS - 1.1.1.2 and 1.0.0.2 @853 TCP

Had major DNS spikes from 10ms - xxxxxms

So the idea was to offload everything that has to do with DNS filtering to NextDNS -> Here is my Guide for Pfsense firewall boxes. <- MalwareTips Guides Forum :D

In the Guide I mention a Client that handles DNS over HTTPS very good without clogging Windows 10 Event logs! Offload DNS to your Router or other network device. That will handle Dynamic IP registration and verification to NextDNS services.

Why not use DNS over TLS like stated in the Guide I had DNS Leaks and will research this in the future. To make a second Guide with DNS over TLS config. Here for the MalwareTips Community!!!! ^^

If more information is needed I am happy to help out.

Sincerely
Val.
 

valvaris

Level 6
Verified
Well-known
Jul 26, 2015
263
Is it true? Privacytools says something else.
View attachment 248180

Here is a Video that explains DoH and DoT:

->

AND

->

To sum it up DNS is Encrypted with DoH or DoT - What makes you anonymous? Not even VPNs are anonymous coz like DNS Traffic it has to come from somewhere? That is the reason I hate VPN Providers that claim it makes you anonymous that is not right!

Example:

PC ----> Router (VPN Client IP) ========VPN Tunnel====== (VPN IP Client Information) VPN Gateway Provider (Forwarding to Pulic IP of VPN Provider) -------- (Destination Server)

So the one that knows it all is the VPN Provider. Now if the VPN Provider supports DNS Encrypted traffic passing thru. It will look something like this.

Router (With DoH or DoT and VPN Client) =====VPNTunnel===(VPN IP Client Information) VPN Provider (Forwarding to Pulic IP of VPN Provider) ===DoH or DoT Traffic === DNS Provider === Site

Now the VPN Provider can not see DNS Requests since they are encrypted but as all things in the internet still can see from who it came from and were its going to.

1603966890650.png


My verdict is for Home use DoH or DoT is good enough. For Geo unblocking content VPN is the solution. Since the ISP can not look inside the DoH or DoT traffic. Plus the overhead for VPN is gone = Faster internet speeds...

If more information is needed I am here to help.

Best regards
Val.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
Then NextDNS is a good step for you
NextDNS is working with Edge and Brave Nightly because they both have the Secure DNS setting. It's not working in Brave Release with the secure DNS lookup flag enabled. It still shows my system DNS as Cloudfare. I'm using the Next DNS app but no go. Any ideas? 🤔
 
  • Like
Reactions: Protomartyr
F

ForgottenSeer 85179

NextDNS is working with Edge and Brave Nightly because they both have the Secure DNS setting. It's not working in Brave Release with the secure DNS lookup flag enabled. It still shows my system DNS as Cloudfare. I'm using the Next DNS app but no go. Any ideas? 🤔
You can config your router using NextDNS. Even if encrypted DNS isn't supported, you still can use their system with filtering. Encrypted DNS is just a nice to have feature.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,701
You can config your router using NextDNS. Even if encrypted DNS isn't supported, you still can use their system with filtering. Encrypted DNS is just a nice to have feature.
I can't customize my DNS since my ISP doesn't allow it.

But, I figured out the problem was OS hardening: disallowed Elevation of Unsigned Executables. Now the NextDNS app works.

Even simple OS hardening is not always problem-free.
 

valvaris

Level 6
Verified
Well-known
Jul 26, 2015
263
Same issue is for me with NextDNS App. You should use YogaDNS App or Adguard Home with NextDNS.
Hi - Since some updates on Windows 10 ago.... Try to launch the NextDNS App as Admin in Windows. Then the issue should be gone. Or if you use a browser with its own DNS Settings try to point them to NextDNS first. :D

Sincerely
Val.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top