Battle NextDns vs ControlD DNS

Compare list
NextDNS
ControlD

windscribe

From Windscribe
Verified
Developer
Well-known
Dec 28, 2016
121
dns0 blocks

- Newly registered domains
- New active domains
- Domain generation algothrithms
- IDN homographs
- phishing sites
- DNS rebinding
- Dynamic DNSES
- Cryptojacking
- Parked domains
- High risk top level domains

so does NextDNS aswell

ControlD blocks
- new domains
- phishing
- malware


DNS wide, dns0 & NextDNS blocks much more categories than ControlD does. Also nextdns has more companies as friend and thats why nextdns & dns0 gets ai & better malware filtering

View attachment 273711

View attachment 273712



I still recommend you to trial both DNS resolvers and find the one that fits for you best
Control D has filters for every category you mentioned except "Parked domains", we may add this in the near future. As of this week, given all the recent updates, Control D has virtually every feature of NextDNS, with all the unique stuff on top (like traffic redirection). The only real "downside" is higher average latency vs NextDNS, which we're working on.

We're in VERY active development, so if there is something that you absolutely need - let me know. We may be able to build it rather quickly.
 

Trident

Level 29
Verified
Top Poster
Well-known
Feb 7, 2023
1,809
The only real "downside" is higher average latency vs NextDNS, which we're working on.
I’d switch to Control D just for your honesty 😀

NextDNS has mobile apps as well though. It is a very basic app but it makes turning on and off the secure DNS easy. That + the block page is something to think about. In terms of user experience, you already beat NextDNS. I believe you had the option (if I remember correctly) to quickly whitelist a blocked domain. NextDNS, despite having it requested times and times again, never implemented that.
 

windscribe

From Windscribe
Verified
Developer
Well-known
Dec 28, 2016
121
I’d switch to Control D just for your honesty 😀

NextDNS has mobile apps as well though. It is a very basic app but it makes turning on and off the secure DNS easy. That + the block page is something to think about. In terms of user experience, you already beat NextDNS. I believe you had the option (if I remember correctly) to quickly whitelist a blocked domain. NextDNS, despite having it requested times and times again, never implemented that.
Mobile apps for iOS and Android are available, as of yesterday (follow the new tutorials or see general docs: GUI Setup Utility). It's a much better idea to use DNS profile on iOS and native DOT on Android, but there are apps that offer 1 step up for those who don't want to install natively.

There is also a pretty sweet CLI available, also as of yesterday. Runs on all operating systems via a 1 liner install command. Works best on routers and has some pretty unique features: Command Line Daemon

Wait till you see what else we got in the release pipeline (except for latency improvements) :)
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,838
Mobile apps for iOS and Android are available, as of yesterday (follow the new tutorials or see general docs: GUI Setup Utility). It's a much better idea to use DNS profile on iOS and native DOT on Android, but there are apps that offer 1 step up for those who don't want to install natively.

There is also a pretty sweet CLI available, also as of yesterday. Runs on all operating systems via a 1 liner install command. Works best on routers and has some pretty unique features: Command Line Daemon

Wait till you see what else we got in the release pipeline (except for latency improvements) :)
Your latency improved enough (since a year ago) that I subscribed for a year, mostly for mobile ad blocking. So even though it is a weakness, the improvements being made are noticeable. Also, your straightforward explanations and honesty on a podcast I heard recently really gave me some confidence in your product.
 

windscribe

From Windscribe
Verified
Developer
Well-known
Dec 28, 2016
121
What is the least ad blocking/least powerful third party filter in ControlD? I have found the ControlD's own Ads & Tracker block list to be too powerful.
I want to configure my router to have the least possible filtering.
AdGuard one is the smallest blocklist, by far. It may not be 100% effective (well, nothing is), but it should be pretty "false positive" proof based on user feedback.
 

toto_10

Level 5
Verified
Well-known
Feb 12, 2017
245
I have added NextDNS to my Chromecast in the network settings. Why doesn't it block ads in the Twitch app? Under Blocklists I have added AdGuard DNS filter and Peter Lowe.

If I use AdGuard's public DNS server, it does block the ads. I guess NextDNS should do the same.

I have a dynamic IP address, so I'm using a DDNS hostname for my NextDNS - not sure if it is a issue.
 
  • Like
Reactions: oldschool

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,838
I have added NextDNS to my Chromecast in the network settings. Why doesn't it block ads in the Twitch app? Under Blocklists I have added AdGuard DNS filter and Peter Lowe.

If I use AdGuard's public DNS server, it does block the ads. I guess NextDNS should do the same.

I have a dynamic IP address, so I'm using a DDNS hostname for my NextDNS - not sure if it is a issue.
DNS ad blocking doesn’t work for blocking in stream ads.
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,838
Aaaaaaaand ControlD went bonkers today blocking a whole bunch of Apple owned URLs/IPs. Someone suggested it's from CNAME flattening. This broke the news feed and a couple other items. Maybe explains my intermittent issues with the weather app.

This is the reason I really don't like dealing with DNS blocking. Thank goodness I don't have it implemented on my whole network. The wife hates when this stuff breaks things.
 

zer0day

New Member
May 11, 2023
5
Only have experience with NextDns. I like the features and tracking blocklists. The TLD blocking is nice, just add a bad TLD and you're done. The only problem is on mobile for e-commerce sites in that it can block access to the apps and stop them from working properly.
A nice feature indeed. But what do you do about the most common TLDs? ( .com .net .org ) I can't add youtube.com to the allowlist for example because it will bypass the tracking blocklists altogether and let the ads right through. Any good wildcards we can add to the denylist that catch what the blocklists occasionally miss? Nothing is 100% but TLD blocking seems like the closest thing we have atm.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top