1

NextDNS issues with DoT on ASUS Merlin

Hello all,

Been having some issues for a while now when using the DoT functions natively supported in ASUS Merlin. Pages time out and often will sit with an "error not resolved" message for roughly 4-5 seconds before the page will refresh and load content.
(This happens with or without DNS Filter active; Model AX-88U)

I have done a complete reset of the router, and used the NextDNS CLI (which doesn't have errors, but resolves slower) but for whatever reason the NextDNS DoT implementation doesn't seem to like the ASUS Merlin firmware anymore, or there's a CDN issue with DoT for the Atlanta region.

I have since disabled any options within the Performance tab of the website, and still am having issues. To the point that many of the diagnostic services for NextDNS itself will not work or report well. Options on the router are minimal outside of factory defaults, with IPv6 and DoT setup being the only noteable changes.

My ISP is AT&T U-verse/Fiber.

I preferred the DoT implementation as hostnames from the CLI can flood the logs with various (blank) names, and the DoT doesn't have to be regularly updated.

57 replies

null
    • Austin_Clamon
    • 2 yrs ago
    • Reported - view

    @NextDNS can we please get an update? Its kind of hard to justify paying for a service that doesn't work properly on my devices.

    • NextDNs
    • 2 yrs ago
    • Reported - view

    The DoT issue has been fix months ago. If you have an issue it is probably a different one. Do not hesitate to open a new discussion.

    • G_Mobley
    • 2 yrs ago
    • Reported - view

    Actually, I disabled NextDNS on my ASUS RT-AX86 router ~ month ago. The family was howling quite loudly about "things not resolving and timing out". I was seeing far too many timeouts myself - refreshing pages several times - not pretty.   :(

    I also had to restart the router ~ 7-10 days for stability. (No it had not been upgraded in months and months). Monitoring the transactions (stubby -l), I saw a lot of "Fails" in that workstream. My https://ping.nextdns.io showed ranges from 25-50+ ms with most times hovering > 30ms!  Resolutions were getting painful and even the wife was complaining  and many know that saying.... ;)

    I've been using QUAD9  and/or Cloudflare since then as alternatives.   Complaints stopped and I've not seen a single timeout myself.   I was waiting to retry reconfiguring NextDNS again after I install the latest FW 386.5 beta which I did last weekend.  I want this change to settle a week or two "as-is" before I reconfigure the main router to use NextDNS - just to separate those changes/events clearly. 

    I've always used a manual NextDNS integration and never the NextDNS agent.      

    YMMV.   Stay safe, stay alive. Peace. G. Mobley

    • Stephan_Schulz
    • 2 yrs ago
    • Reported - view

    Hello,

    I am not entirely sure if my current issue is the same as being reported here in this thread but it am running AsusMerlin 386.5 on my Asus AC86U router with NextDNS configured through SSH as recommended in the NextDNS setup guide for that router model. I have noticed that after 12-18 hours I am losing web browsing functionality, it seems that external websites are not loading. I have included my router log file below, this is what was being captured just before the problem occurs.

    Once I perform a router restart, everything works fine again. What would be the current workaround to keep using NextDNS on the router without having to go through a restart?


    Apr 18 12:59:56 nextdns[6036]: Connected 116.204.183.61:443 (con=0ms tls=0ms, TCP, )
    Apr 18 13:00:37 nextdns[6036]: Connected 43.229.79.19:443 (con=6ms tls=9ms, TCP, TLS13)
    Apr 18 13:01:56 nextdns[6036]: Connected 43.229.79.19:443 (con=7ms tls=10ms, TCP, TLS13)
    Apr 18 13:02:36 nextdns[6036]: Connected 116.204.183.61:443 (con=4ms tls=0ms, TCP, )
    Apr 18 13:03:33 nextdns[6036]: Connected 43.229.79.19:443 (con=4ms tls=0ms, TCP, )
    Apr 18 13:04:43 nextdns[6036]: Connected 116.204.183.61:443 (con=4ms tls=12ms, TCP, TLS13)
    Apr 18 13:09:03 nextdns[6036]: Connected 43.229.79.19:443 (con=2ms tls=9ms, TCP, TLS13)
    Apr 18 13:13:29 nextdns[6036]: Connected 43.229.79.19:443 (con=5ms tls=11ms, TCP, TLS13)
    Apr 18 13:15:18 nextdns[6036]: Connected 43.229.79.19:443 (con=2ms tls=9ms, TCP, TLS13)
    Apr 18 13:17:53 nextdns[6036]: Connected 116.204.183.61:443 (con=19ms tls=14ms, TCP, TLS13)
    Apr 18 13:18:40 nextdns[6036]: Connected 43.229.79.19:443 (con=3ms tls=13ms, TCP, TLS13)
    Apr 18 13:20:56 nextdns[6036]: Connected 43.229.79.19:443 (con=2ms tls=394ms, TCP, TLS13)
    Apr 18 13:20:56 nextdns[6036]: Switching endpoint: https://dns.nextdns.io#116.204.183.61,43.229.79.19
    Apr 18 13:23:01 nextdns[6036]: Connected 43.229.79.19:443 (con=3ms tls=9ms, TCP, TLS13)
    Apr 18 13:23:51 nextdns[6036]: Connected 43.229.79.19:443 (con=3ms tls=9ms, TCP, TLS13)
    Apr 18 13:25:25 nextdns[6036]: Connected 43.229.79.19:443 (con=7ms tls=12ms, TCP, TLS13)
    Apr 18 13:32:54 wlceventd: wlceventd_proc_event(508): eth6: Disassoc 36:CD:DC:2B:52:B9, status: 0, reason: Disassociated because sending station is leaving (or has left) BSS (8), rssi:0
    Apr 18 13:32:55 wlceventd: wlceventd_proc_event(527): eth6: Auth 36:CD:DC:2B:52:B9, status: Successful (0), rssi:0
    Apr 18 13:32:55 wlceventd: wlceventd_proc_event(556): eth6: Assoc 36:CD:DC:2B:52:B9, status: Successful (0), rssi:0
    Apr 18 13:32:55 dnsmasq-dhcp[11800]: DHCPREQUEST(br0) 192.168.1.126 36:cd:dc:2b:52:b9 
    Apr 18 13:32:55 dnsmasq-dhcp[11800]: DHCPACK(br0) 192.168.1.126 36:cd:dc:2b:52:b9 
    Apr 18 13:35:26 kernel: httpd (1246): drop_caches: 1
    Apr 18 13:35:30 kernel: httpds (1245): drop_caches: 1

    • G_Mobley
    • 2 yrs ago
    • Reported - view

    Hi,  The behavior you report is similar to my early 2022 experiences.  I do not use the client but a  manual NextDNS setup for ASUS/Merlin.  My setup ran suitable for ~ 1-1.5 years as I was an early adopter.  Sometime ~ Jan/Feb 2022, I finally had to revert my setup to Quad9/Cloudflare b/c of symptoms similar to what you describe.  The router's DNS would behave for 1-3 days and then DNS resolution would start failing and keep failing which set the family screaming as we WAH.  This continued for a few weeks until I was forced to switch off NextDNS b/c of failing DNS.  The only solution I found was to reboot the router every 1-2 days which would fix it BUT that's not really a viable solution.    

    I have not retried to reconfigure NextDNS since Feb 2022 b/c things have been working so well - no screaming, "The internet is broken again..."   I continue monitoring this threads for answers.  

    Thanks!

    • Austin_Clamon
    • 2 yrs ago
    • Reported - view

    @NextDNS I will be testing this again tonight. Based on the info from other users it appears that this has not been fixed at all as stated on Feb,28th. What specifically has been done to correct the issues? I don't think anyone in this forum would mind reading a more technical overview of what has been tried.

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Austin Clamon the bug in feb was fixed and confirmed fixed. This is most likely as different issue, probably unrelated to DoT.

Content aside

  • Status Fixed
  • 1 Likes
  • 2 yrs agoLast active
  • 57Replies
  • 3000Views
  • 11 Following