DNS leak test showing USA cloudflare addresses instead of local NextDNS?
Hi there, I have been using the service for about a week now and have been enjoying the local fast queries and speeds. When I first got my service up and running I had 2 local dns servers powered by nextdns. Now when I am testing for dns leaks I am seeing entries for Cloudflare addresses back to USA - 172.70.37.108
Being in Aus this creates a noticable difference going from <10ms to ~330ms ping response times. Is this a cause of a setting ticked under the performance section in the settings? Again just seeking some clarity about what is causing this. Thanks.
Edit: I have just performed another leak test, no neither NextDNS servers are showing and am getting multiple Cloudflare addresses. I run a PiHole setup and force all traffic through it using the 2x servers provided under my https://my.nextdns.io/ page.
119 replies
-
Did you link your static public IP from your ISP? If not, you'll need to do that if ipv4 is your only option
If so, do you have more than one static DNS entry setup on your router's side? If so, pihole recommends only having one entry (setup to your pihole's IP)
https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245
Your NextDNS ipv4 DNS servers (from your dashboard) will need to be entered as the ONLY custom ipv4 upstream DNS entries via pihole
Or You can use Pihole as the DHCP server instead of the router
-
Myth0ne this is the theory, but testing would give answers at which point the problem starts.
-
DynamicNotSlow So with unblocking those IP's on my firewalll, The Pi's turned off I get no dns resolution (to be expected) until I turned them back on.
-
Myth0ne Okay. Now it would make sense testing without Pi's and adding NextDNS directly in your router. Start with non-encrypted version first
-
DynamicNotSlow Confirmed to still have cloudflare leaks even turning Pi's off and adding NextDNS directly onto the wan/lan dns pages.
-
Myth0ne then your router directly add this as fallback or your end device.
test with mobile phone but use mobile network instead of WiFi
-
DynamicNotSlow I wish you were right, when I change my dns on my pi's to others e.g. (OpenDNS) I don't get these leaks. Do you just get the 2x results for an extended test on dnsleaktest.com? I just tried using the preferred method on my Android phone below and getting multiple servers in the leak test still to back to USA. Seems like it may just be how nextdns is routing things.
Go to Settings → Network & internet → Advanced → Private DNS.
2. Select the Private DNS provider hostname option.
3. Enter xxxx.dns.nextdns.io and hit Save.
-
Myth0ne yes i only get one server:
-
DynamicNotSlow Hmm, sometimes I get 2 results from dns.nextdns.io
Othertimes I get the screenshot in the original post I submitted. More often than not however it is those pesky cloudflare addresses. It's a shame because I can't manually set that ip address either (e.g. in your case setting 95.179.134.211 -
NextDNS so we've confirmed this seems to happen even using the given ip directly on the router. Is this just where I'm located that I seem to get these others CloudFlare servers popping up when I test?
-
Myth0ne it has to be something with your setup, the location does not mater. What router do you have? If you install the nextdns app on your device, does it still happen?
-
NextDNS yes, I've confirmed I get it using private dns on android device using LTE. I got an Asus RT-AC68u running merlin 386.2_6 more info on the setup was in an earlier comment here - https://help.nextdns.io/t/q6hkgrc?r=35hk552
-
Myth0ne please run a https://nextdns.io/diag without nextdns configured on your network.
-
NextDNS Sure will report back in a moment. I'll use OpenDNS as my resolver instead for purposes of testing.
-
NextDNS Do I need to test with nextdns configured on the network with the diag tool?
-
NextDNS Any update on this? Seems I don't get these leak issues when using DNS over HTTPS when using Quad9 for example
-
-
Seems to be happening regardless of browser used, confirmed to have the same results across MS Edge, Chrome & Firefox with the same results. As some other threads show they have a google backbone mine seem to be cloudflare. Something funky going on.
-
So sometimes the leak test works 'as expected' and shows my primary and fallback as nextdns. Other times I'll get both nextdns and cloudflare addresses and sometimes just cloudflare as mentioned in the original post. Seems to be completely random every time I run a test.
-
I think that this service is used by hundreds of thousands of people and the few that have problems with it are thinking that the service is broken, it doesn't work. Isn't it funny?
Maybe some are expecting NextDNS to come to their house and fix it for them.They are offering instructions, apps, tools, recommendations... If you want to go your way, you should own it, you should know what you are doing.
-
losnad What does this comment achieve? You've already made your point several times on this post and have offered zero benefit lol. I've been working with NextDNS and running their diagnostic tool to look into it further. I don't expect them to come and fix it, just seeing a few people with similar queries I was hoping to find the root cause or if its perhaps if this is all intended by design.
-
By design it is like this on all my browsers and devices. Just different servers, but only from NextDNS. I just tested on Firefox, Brave, Opera and even on my TV browser.
-
losnad Too easy, do you know if the edns and cname flattening etc if queries surpass 300k queries on a free plan or are all those disabled as well as blocklists and whitelists?
-
Content aside
-
4
Likes
- 3 yrs agoLast active
- 119Replies
- 6271Views
-
17
Following