0

2024 Ubiquiti DNS Shield Configuration Issue

I noticed that Ubiquiti now allows the use of DNS Shield which allows DNS over HTTPS within the Dream Machine Pro's Controller software. I also noticed that NextDNS has 3 entries in the UniFi control panel by default (see attached screenshot). I have a paid NextDNS Pro account. How do I force Ubiquiti's settings to use my specific paid account? In other words, how do I set it to use "https://dns.nextdns.io/XXXXXX" as an entry?

31 replies

null
    • Brian.13
    • yesterday
    • Reported - view

    Are there any benefits of this UI option in UDM or does CLI still perform everything and then some?

      • NextDNs
      • yesterday
      • Reported - view

       which shouldn’t be a concern as it requires a reinstall on firmware updates

      • Eric.9
      • yesterday
      • Reported - view

       Even if it needs to be reinstalled with each firmware update, it makes me reticent to use it because I'm afraid installing it on a fresh firmware update will break things.

      There's enough reason to doubt continued development of the CLI since development of NextDNS is stagnant and the developers/founders seemed to have shifted their entire focus to dns0.eu instead.

      • NextDNs
      • yesterday
      • Reported - view

       the founder and maintainer of the CLI is using UDM at home with the CLI, so you are guaranteed any issue would be noticed quite quickly with this setup. The CLI is quite stable and never created any issue on UDM's firmware.

      • Brian.13
      • 17 hrs ago
      • Reported - view

       thanks Staff! I can concur I've been using CLI for years with ZERO issue, just reinstall after update. So no qualms there. Sounds like CLI is the way to go for now since I like have my devices identified. and Console offers no feature advantages.

      • JWARE
      • 15 hrs ago
      • Reported - view

       Yes, by having this in the OS of the UDM, you can use Policy-based routing to do things like Domain name-based routing of specific domains to a VPN tunnel.  For me, its well worth this function vs the "nice to have" of seeing what client name made a specific request from a site. YRMV

      • Eric.9
      • 7 hrs ago
      • Reported - view

      Does it use DoH or DoT?

Login to reply

Content aside

  • 7 hrs agoLast active
  • 31Replies
  • 8146Views
  • 15 Following