MacOS profile not working in Ventura 13.1
Hello,
I've configured my home router to distribute by default the NextDNS IPv4 DNS servers through DHCP.
Then I've generated and installed a MacOS profile for my MacMini M1 running Ventura 13.1.
No matter whether the profile is correctly installed, the OS is still using the NextDNS IPv4 servers.
sudo /usr/bin/profiles -P
Marco [1] attribute: profileIdentifier: io.nextdns.xxxxx.profile
There are 1 configuration profiles installed
scutil --dns
DNS configuration
resolver #1
search domain[0] : router
nameserver[0] : 45.90.28.32
if_index : 13 (en1)
flags : Request A records
reach : 0x00000002 (Reachable)
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 301000
DNS configuration (for scoped queries)
resolver #1
search domain[0] : router
nameserver[0] : 45.90.28.32
if_index : 13 (en1)
flags : Scoped, Request A records
reach : 0x00000002 (Reachable)
Connecting to test.nextdns.io using Safari
{
"status": "ok",
"protocol": "UDP",
"profile": "xxxxxxxxxxxxx",
"client": "xxxxxxxxxxxxx",
"srcIP": "xxxxxxxxxxxxx",
"destIP": "45.90.28.32",
"anycast": true,
"server": "zepto-mil-1",
"clientName": "unknown"
}
Connecting to test.nextdns.io using Microsoft Edge with manually configured NextDNS DoH
{
"status": "ok",
"protocol": "DOH",
"profile": "xxxxxxxxxxxxx",
"client": "xxxxxxxxxxxxx",
"srcIP": "xxxxxxxxxxxxx",
"destIP": "192.145.127.148",
"anycast": false,
"server": "zepto-mil-1",
"clientName": "chrome",
"deviceName": "Edge MacOS",
"deviceID": "xxxxxxxxxxxxx"
}
What's wrong? How can I set up MacOS to use NextDNS DoH across all the OS?
-
I was also not able to get NextDNS to work properly on an M1 Mac with macOS 13.1, using profiles. Using the NextDNS app however seems to be doing the trick. Pro: Quick access to disable NextDNS/change profile. Cons: No automated exclusion of wifi SSIDs, no hardcoded client name.
-
ionos isn't the NextDNS app setting up a persistent VPN tunnel? It's a bit more invasive than just setting up a DNS profile :(
-
Marco You're right, on macOS it still does that (iOS seems to have a dedicated OS-supported DNS-proxy mechanism).
-
-
The same problem here with the Mac Profile, it doesn't work properly on an M1 Pro MacBook with macOS 13.1.
The VPN tunnel with the NextDNS Mac App works fine but as said above by ionos it's a bit too invasive for my taste.
-
Thanks for your inputs here! I hope NextDNS can chime in and clarify whether the issue is already known and they are working on a fix.
-
Please could anybody from NextDNS support us here? Thanks
-
I am having the same problem too. Profile not working, only Mac app is working.
Still no fix after 2 months?
-
Same here.
-
Use Adguard Home + Custom DNS to use NextDNS on a mac, then you have a pause/off button you can use when need be.
Superior solution and its developed more rapidly. -
Having the same problem on Ventura 13.4. Any solutions to this?
-
Some applications, such as Cisco AnyConnect, install their own profiles that automatically launch and interfere with the NextDNS profile, you should disabling it.
You can check this by going to the settings section: Networks → VPN & Filters → and at the bottom, there will be a section called VPN & Proxies. Disable all profiles, especially those related to DNS, and activate the NextDNS profile.
-
SimWhite I just have only one profile - NextDNS. It still doesn't work. I've restarted my router and Mac multiple times.
-
-
Correct, only one can be enabled at one time. Since I am using Symantec (SEP) Antivirus, I cannot enable any other DNS / DoH etc. This happen to any DoH including AdGuard, so this is not NextDNS problem.
