6

Private Relay on macOS 15 Sequoia

I'm on macOS 15 Sequoia, M1 iMac. On macOS 14, prior to upgrade, everything was working fine with Private relay enabled.

Now, when I activate the nextDNS app:

  • the status on my.nextdns.io is: "This device is using NextDNS with iCloud Private Relay"
  • ads are blocked

However after about 90 seconds:

  • ads start appearing
  • my.nextdns.io status now says: "This device is not using NextDNS. This device is currently using ”Cloudflare” as DNS resolver."
  • If I click "view>"reload and show ip address" it says "All good! This device is using NextDNS with this profile." However ads are not being blocked!

The same behaviour happens when using a Configuration Profile instead of app.

(iOS 18, on the other hand, seems to work fine).

32 replies

null
      • Andrew_Vines
      • 5 mths agoMon, October 14, 2024 at 10:21 PM UTC
      • Reported - view
        • Andrew_Vines
        • 5 mths agoMon, October 14, 2024 at 11:25 PM UTC
        • Reported - view

        And actually, it seems that the fix was only temporary for me... it worked for a while and then the ads came back.

         

        So, not fixed yet.

      • Kim_R
      • 5 mths agoTue, October 22, 2024 at 1:43 PM UTC
      • Reported - view

      macOS 15.1RC also exhibits the same behavior. Can be triggered by opening Arc browser. Also, after some inactivity,  it also drops.

      • Human_Person
      • 4 mths agoWed, November 6, 2024 at 7:09 PM UTC
      • Reported - view

      In case folks were wondering, 15.1 final release is still busted.

      • Human_Person
      • 3 mths agoThu, December 19, 2024 at 8:15 AM UTC
      • Reported - view

      Good news! AFAICT, this is finally fixed in 15.2. I've had the firewall enabled for a few days now and everything is working great even with switching networks, rebooting, etc. 🙌

        • tnpapa.1
        • 3 mths agoThu, December 19, 2024 at 1:10 PM UTC
        • Reported - view

         Nope. Running the CLI in my router and as soon as I turn on Private Relay I get this.

        • Andrew_Vines
        • 3 mths agoFri, December 20, 2024 at 5:20 AM UTC
        • Reported - view

        The original issue was about using the nextDNS client installed in MacOS Sequoia. Now   24 hours into using  15.2  it's working for me.

         you may need to install nextDNS on your Mac to get compatibility with Private relay; my understanding is that Private relay is designed to bypass whatever dns is offered by the router.

        • jond_7
        • 2 mths agoMon, January 27, 2025 at 3:03 AM UTC
        • Reported - view

        The NextDNS CLI uses standard (non-secure) DNS traffic between your devices and the router. iCloud Private Relay will never be compatible with that because it sees that traffic as vulnerable and routes DNS requests over one of several networks including Cloudflare.

        You have two options, which must be set on each Apple device:

        1. Disable iCPR for the network in question and rely on the NextDNS CLI for DNS and protections

        2. Install profiles as described in this thread (https://apple.nextdns.io) on each device. If you need local DNS for other devices on your lan, add an exception to the profiel for you home domain name (house.lan or whatever).

        Note: Bonjour connections (e.g. homepod.local) do not seem to be impacted by iCPR.

    Content aside

    • 6 Likes
    • 2 mths agoMon, January 27, 2025 at 2:52 PM UTCLast active
    • 32Replies
    • 1340Views
    • 16 Following