6

Private Relay on macOS 15 Sequoia

I'm on macOS 15 Sequoia, M1 iMac. On macOS 14, prior to upgrade, everything was working fine with Private relay enabled.

Now, when I activate the nextDNS app:

  • the status on my.nextdns.io is: "This device is using NextDNS with iCloud Private Relay"
  • ads are blocked

However after about 90 seconds:

  • ads start appearing
  • my.nextdns.io status now says: "This device is not using NextDNS. This device is currently using ”Cloudflare” as DNS resolver."
  • If I click "view>"reload and show ip address" it says "All good! This device is using NextDNS with this profile." However ads are not being blocked!

The same behaviour happens when using a Configuration Profile instead of app.

(iOS 18, on the other hand, seems to work fine).

32 replies

null
    • Andrew_Vines
    • 3 mths ago
    • Reported - view
      • Andrew_Vines
      • 3 mths ago
      • Reported - view

      And actually, it seems that the fix was only temporary for me... it worked for a while and then the ads came back.

       

      So, not fixed yet.

    • Kim_R
    • 3 mths ago
    • Reported - view

    macOS 15.1RC also exhibits the same behavior. Can be triggered by opening Arc browser. Also, after some inactivity,  it also drops.

    • Human_Person
    • 3 mths ago
    • Reported - view

    In case folks were wondering, 15.1 final release is still busted.

    • Human_Person
    • 1 mth ago
    • Reported - view

    Good news! AFAICT, this is finally fixed in 15.2. I've had the firewall enabled for a few days now and everything is working great even with switching networks, rebooting, etc. 🙌

      • tnpapa.1
      • 1 mth ago
      • Reported - view

       Nope. Running the CLI in my router and as soon as I turn on Private Relay I get this.

      • Andrew_Vines
      • 1 mth ago
      • Reported - view

      The original issue was about using the nextDNS client installed in MacOS Sequoia. Now   24 hours into using  15.2  it's working for me.

       you may need to install nextDNS on your Mac to get compatibility with Private relay; my understanding is that Private relay is designed to bypass whatever dns is offered by the router.

      • jond_7
      • 13 days ago
      • Reported - view

      The NextDNS CLI uses standard (non-secure) DNS traffic between your devices and the router. iCloud Private Relay will never be compatible with that because it sees that traffic as vulnerable and routes DNS requests over one of several networks including Cloudflare.

      You have two options, which must be set on each Apple device:

      1. Disable iCPR for the network in question and rely on the NextDNS CLI for DNS and protections

      2. Install profiles as described in this thread (https://apple.nextdns.io) on each device. If you need local DNS for other devices on your lan, add an exception to the profiel for you home domain name (house.lan or whatever).

      Note: Bonjour connections (e.g. homepod.local) do not seem to be impacted by iCPR.

Content aside

  • 6 Likes
  • 13 days agoLast active
  • 32Replies
  • 1223Views
  • 16 Following