Does NextDNS really support DNSCrypt?
- Pro Subscriber
When I copy the DNSCrypt (sdns) address showing under https://my.nextdns.io and paste it into https://dnscrypt.info/stamps/ it translates into an ordinary DoH-address pointing to my profile. Is this correct?!
Does NextDNS support true DNSCrypt-protocol/connections since this seems to be a "shortcut" just doing DoH?
11 replies
-
The DNSCrypt client supports the DoH protocol. The DNSCrypt protocol never took off. It is unlikely we ever support it.
-
- Pro Subscriber
NextDNS Got it and 100% agree... Was mostly curious if it was a "bug" and not planning to use it.
- Pro Subscriber
-
Hi. So I manage six Unifi sites for my family across the US. Unifi's latest release supports DNS over HTTP. I have a custom NextDNS profile for my brother's UDR. I copied the CryptDNS Stamp from his profile's setup page, and pasted all of the settings in the appropriate spot. I got an error initially, but that resolved after rebooting the UDR.
I did the same thing for my UDM Pro Max, with my own custom NextDNS profile. Received the same error. But on mine, the error did not resolve with reboot. I've been using https://dnscrypt.info/stamps/ to generate new stamps, with no success.
Can you please explain the exact settings I need to plug into the website to generate the correct CryptDNS Stamp?
Thank you for your help.
-
Interesting. For me it is as simple as entering the stamp info on the right place.
I get it directly from setup/router/DNSCrypt
The only time I use the stamp calculator is when I want to identify and ID to identify the device.
From my experience all I can tell you is to make sure you are running the latest version of DNSCrypt and follow the docs for your device on how to properly enter the necessary stamp info.
-
Hmmm From my experience DNSCrypt is going strong, it has gotten more robust and added support for DOT, DOH and Anon-DNS and DNSCrypt ver3 is coming strong. Truly a great solution. It would be very nice and welcomed if NextDNS were to truly support it.
-
I think you are confusing dnscrypt-proxy software and the dnscrypt protocol. We fully support dnscrypt-proxy via the compatible protocols.
-
You know, I think you are right. I surely am confusing or misunderstanding some technical aspects. I am referring to the dnscrypt protocol per se rather than DOH by way of dnscrypt. The specs for dnscrypt sound much better than those of doh or dot. To my understanding doh over dnscrypt is just doh where actual dnscrypt communication introduces more security.
-
Meh, the spec might sound better *for you*, but try listing any popular browser or OS (more than 1% of market share) that have native dnscrypt protocol support. Nobody else care about dnscrypt protocol.
-
There is no security advantage of DNSCrypt over DoH/DoT, other than the fact that it does not rely on a CA. The protocol itself, being UDP-based, is much simpler and specifically designed for DNS. However, the industry has not adopted the DNSCrypt protocol, and you won’t see any major client implementing it. Adding support for new protocols requires maintenance and can introduce new attack vectors for a platform like ours. To onboard a new protocol, we need a critical mass of adoption, which DNSCrypt lacks.
-
I am unable to duplicate my Nextdns profile when i try to Duplicate my Profile i get an error message ( Network Error Unable to post profiles). This problems happens only when i try to duplicate my nextdns profile but not when i Create a new profile. All the domains are enabled and i also tried using different dns but the issue remains unsolved. This issue started from the last month.
-
Is this synonymous with dnscrypt-proxy2 as well?
I really enjoyed my experience with the following:
Install Guide: https://www.snbforums.com/threads/dnscrypt-installer-for-asuswrt.36071/
GitHub: https://github.com/thuantran/dnscrypt-asuswrt-installer
-
Content aside
-
1
Likes
- 2 mths agoLast active
- 11Replies
- 2211Views
-
7
Following