NextDNS is set on the router but NextDNS says it’s using Cloudflare instead.
Everything is set properly. I can even see web traffic from my devices in a way, I can only see trackers not websites. For all of you who don’t understand Dutch, the image is saying it’s not connected to NextDNS at all.
12 replies
-
It confuses me.
-
Does anyone know why?
-
It means your "Laptop" and/or "Browser" using Cloudflare public DNS
-
Okay, how do I disable cloudflare on my browser/laptop? I thought that if i set NextDNS on the router it would automatically be on my device as well.
But it looks like that isn’t the case is it?
What is the difference between NextDNS on a device and a router?
And do I actually have to download the NextDNS app?
-
I leave my laptop network/DNS automatic. I just use nextDNS apps to handle my DNS and control it as I need on nextDNS dashboard. My sample set up on my laptop. The rest, depends on you.
-
But can you explain why it’s not working on my router with everything set up properly…?
-
I don't understand what you mean.. Did you access nextdns dashboard using router browser? handphone browser? or laptop browser?
The dashboard identify what device you use..
-
-
@Tijm if you like to continue in dutch then pm me.
on the laptop, which browser do you use?
-
I’m using the Brave browser on an iPhone right now. But how is that related to my original question? Just wondering. And how do I DM people?
-
honestly, I personally think you should keep using safari on your iPhone and no other browsers. In my opinion, like Chrome, brave browser is a battery-guzzling application, but never mind.
in your iPhone's settings under apps, you will have to go through the settings of Brave browser and disable secure dns there.Do you use a nextdns profile on the iPhone?
-
on the marked spot and use @ then the name you want to message ;-)
-
-
What I do to enforce system wide DNS.
1 - Configure DNS I want on router/firewall device as forwarder e.g. NextDNS.
2 - Set NAT rule that any outbound traffic to port 53 UDP and TCP that isnt your LAN DNS IP address, then forward it to your LAN DNS IP. This basically will forcefully redirect anything attempting to use unauthorised legacy DNS to your resolver which then forwards to NextDNS.
3 - For blocking unauthorised use of DoH is more difficult as it uses the https port which is an administrators nightmare to control, one option if you have local DNSBL capabilities such as pfblockerng is to load a DoH block list so anything going to a DoH server is blocked, and typically any software doing this will fall back to system DNS instead of failing the DNS query. Or you can do it in firewall directly if the firewall supports URL aliases to convert to IP's to block, block with a reject not a silent drop for fast fall back to system DNS, I prefer the firewall method. Obviously if you blocking DoH, you might need to whitelist/exclude any DoH you want accessible over your network, e.g. NextDNS.
Once you done all this, and assuming your DHCP is sending correct local DNS IP to clients, you dont need to worry about individual devices using unauthorised DNS services.
Content aside
- 12 days agoLast active
- 12Replies
- 183Views
-
4
Following