1

NextDNS Cli on OpenWRT - This device is using NextDNS with no profile

Suddenly no device connected via my router shows on NextDNS logs since 5th December 15:47.36. All other devices connected directly to NewtDNS are unaffected.

A DNS leak test proves that all router-connected devices are still using NextDNS but the app states "using NextDNS with no profile". This coincided with DNS issues resulting in me rebooting the router. No configuration changes have been made. Please advise?

https://test.nextdns.io  results (anonymised):

{
"status": "ok",
"protocol": "DOH",
"client": "IP here",
"srcIP": "IPv6 here",
"destIP": "IP here",
"anycast": false,
"server": "anexia-lon-1",
"clientName": "nextdns-cli",
"deviceName": "my device name",
"deviceID": "device ID here",
"deviceIP": "my device IPv6",
"deviceModel": "mac:xx:xx:xx"
}

12 replies

null
    • R_P_M
    • 2 wk ago
    • Reported - view

    There should be a "profile" response with https://test.nextdns.io

    Check the "nextdns config" on the router, make sure a profile option is there and set correctly to your configuration.

      • ellah
      • 10 days ago
      • Reported - view

       Thanks for responding. I've checked the router config and it looks as expected - I've not made any changes since before it stopped working on 5th December. 

      Here is the anonymised config:

      config nextdns 'main'
    option setup_router '1'
    option report_client_info '1'
    option hardened_privacy '0'
    option log_queries '0'
    option bogus_priv '1'
    option use_hosts '1'
    option control '/var/run/nextdns.sock'
    option mdns 'all'
    option max_inflight_requests '256'
    option cache_size '0'
    option cache_max_age '0s'
    option detect_captive_portals '0'
    option timeout '5s'
    option auto_activate '0'
    list listen 'localhost:53'
    option max_ttl '0s'
    option config '172.108.18.40/29=123xxa 172.108.18.192/27=123xxb 172.108.28.0/24=123xxc 172.108.38.0/24=123xxd 172.108.1.0/24=123xxe 172.108.48.0/24=123xxf 123xxg'
    option enabled '1'

      I have also now upgraded the openwrt NextDNS cli software to 1.39.4-1 but has not made any difference.

      Any other ideas please?

      • R_P_M
      • 9 days ago
      • Reported - view

      It does seem to look ok. Only one minor niggle "option config" was the older way of this setting, it's now been replaced with "option profile".  'config' is still accepted but it's something you will have to update in the future.

       

      Anyway, as to the problem I'm not really sure why it's behaving this way. Any chance it could be linked to IPv6 addressing?

      • ellah
      • 9 days ago
      • Reported - view

       Thanks - I'll change 'config' to 'profile' and see if that makes a difference. You may be right about IPv6. The problem occurred after I rebooted my router and fibre modem which may have changed IPv6 address. Can you tell me how I check this (or do I need to add additional IPv6 rules)?

       

      Thanks again, appreciate the help!

      • NextDNs
      • 9 days ago
      • Reported - view

      which version of OpenWRT are your running?

      • ellah
      • 8 days ago
      • Reported - view

       I'm running 21.02.3 at present.

      Thanks

      • ellah
      • 3 days ago
      • Reported - view

       Ok I have upgraded the router to OpenWRT 23.05.5 and am now running version  1.44.0-1 of the NextDNS cli. I'm still getting the same issue as originally reported. Please can you advise what else can be done? Thanks

      • NextDNs
      • 3 days ago
      • Reported - view

       your test result shows no profile. There is a configuration issue. What is the output of `nextdns config`.

      • ellah
      • 2 days ago
      • Reported - view

       

      log-queries false
cache-max-age 0s
report-client-info true
max-inflight-requests 256
listen localhost:53
profile 172.108.18.40/29=123xxa 172.108.18.192/27=123xxb 172.108.28.0/24=123xxc 172.108.38.0/24=123xxd 172.108.1.0/24=123xxe 172.108.48.0/24=123xxf 123xxg
hardened-privacy false
use-hosts true
control /var/run/nextdns.sock
cache-size 0
mdns all
detect-captive-portals false
auto-activate false
debug false
discovery-dns
bogus-priv true
timeout 5s
setup-router true
max-ttl 0s
      • NextDNs
      • 2 days ago
      • Reported - view

       there is something wrong with your `profile` config. Each conditional profile should be its own `profile` line, like this:


      profile 172.108.18.40/29=123xxa
profile 172.108.18.192/27=123xxb
profile 172.108.28.0/24=123xxc
profile 172.108.38.0/24=123xxd
profile 172.108.1.0/24=123xxe
profile 172.108.48.0/24=123xxf
profile 123xxg

      Try using `nextdns config edit` to fix your configuration

      • ellah
      • 2 days ago
      • Reported - view

       Ok to test I've simplified my config to a single profile ID and I can now see DNS traffic being passed successfully which is good! Thanks. I'll now set up the remaining profiles..... 

      On a side note I appreciate I was running out of date software but if there are incompatible / breaking changes implemented upstream how can I find out about these for future reference?

      • NextDNs
      • 2 days ago
      • Reported - view

       there was no breaking changes. I’m not sure how your configuration ended up in this state.

Login to reply

Content aside

  • 1 Likes
  • 2 days agoLast active
  • 12Replies
  • 111Views
  • 3 Following