1

MacOS profile not working in Ventura 13.1

Hello,

I've configured my home router to distribute by default the NextDNS IPv4 DNS servers through DHCP. 

Then I've generated and installed a MacOS profile for my MacMini M1 running Ventura 13.1.

No matter whether the profile is correctly installed, the OS is still using the NextDNS IPv4 servers.

sudo /usr/bin/profiles -P
Marco [1] attribute: profileIdentifier: io.nextdns.xxxxx.profile
There are 1 configuration profiles installed

 

scutil --dns
DNS configuration

resolver #1
  search domain[0] : router
  nameserver[0] : 45.90.28.32
  if_index : 13 (en1)
  flags    : Request A records
  reach    : 0x00000002 (Reachable)

resolver #2
  domain   : local
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300000

resolver #3
  domain   : 254.169.in-addr.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300200

resolver #4
  domain   : 8.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300400

resolver #5
  domain   : 9.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300600

resolver #6
  domain   : a.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 300800

resolver #7
  domain   : b.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records
  reach    : 0x00000000 (Not Reachable)
  order    : 301000

DNS configuration (for scoped queries)

resolver #1
  search domain[0] : router
  nameserver[0] : 45.90.28.32
  if_index : 13 (en1)
  flags    : Scoped, Request A records
  reach    : 0x00000002 (Reachable)

 

Connecting to test.nextdns.io using Safari

{
"status": "ok",
"protocol": "UDP",
"profile": "xxxxxxxxxxxxx",
"client": "xxxxxxxxxxxxx",
"srcIP": "xxxxxxxxxxxxx",
"destIP": "45.90.28.32",
"anycast": true,
"server": "zepto-mil-1",
"clientName": "unknown"
}

 

Connecting to test.nextdns.io using Microsoft Edge with manually configured NextDNS DoH 

{
"status": "ok",
"protocol": "DOH",
"profile": "xxxxxxxxxxxxx",
"client": "xxxxxxxxxxxxx",
"srcIP": "xxxxxxxxxxxxx",
"destIP": "192.145.127.148",
"anycast": false,
"server": "zepto-mil-1",
"clientName": "chrome",
"deviceName": "Edge MacOS",
"deviceID": "xxxxxxxxxxxxx"
}

 

What's wrong? How can I set up MacOS to use NextDNS DoH across all the OS?

13 replies

null
    • ionos
    • 1 yr ago
    • Reported - view

    I was also not able to get NextDNS to work properly on an M1 Mac with macOS 13.1, using profiles. Using the NextDNS app however seems to be doing the trick. Pro: Quick access to disable NextDNS/change profile. Cons: No automated exclusion of wifi SSIDs, no hardcoded client name.

      • Marco.2
      • 1 yr ago
      • Reported - view

      ionos isn't the NextDNS app setting up a persistent VPN tunnel? It's a bit more invasive than just setting up a DNS profile :( 

      • ionos
      • 1 yr ago
      • Reported - view

      Marco You're right, on macOS it still does that (iOS seems to have a dedicated OS-supported DNS-proxy mechanism).

    • Enrico_Bellato
    • 1 yr ago
    • Reported - view

    The same problem here with the Mac Profile, it doesn't work properly on an M1 Pro MacBook with macOS 13.1.

    The VPN tunnel with the NextDNS Mac App works fine but as said above by ionos it's a bit too invasive for my taste.

    • Marco.2
    • 1 yr ago
    • Reported - view

    Thanks for your inputs here! I hope NextDNS can chime in and clarify whether the issue is already known and they are working on a fix.

    • Marco.2
    • 1 yr ago
    • Reported - view

    Please could anybody from NextDNS support us here? Thanks

    • mango_mountain
    • 1 yr ago
    • Reported - view

    I am having the same problem too. Profile not working, only Mac app is working.

    Still no fix after 2 months?

    • David_P.1
    • 1 yr ago
    • Reported - view

    Same here. 

    • RandomThing223
    • 1 yr ago
    • Reported - view

    Use Adguard Home + Custom DNS to use NextDNS on a mac, then you have a pause/off button you can use when need be. 

    Superior solution and its developed more rapidly. 

    • SimWhite
    • 1 yr ago
    • Reported - view

    Some applications, such as Cisco AnyConnect, install their own profiles that automatically launch and interfere with the NextDNS profile, you should disabling it.

    You can check this by going to the settings section: Networks → VPN & Filters → and at the bottom, there will be a section called VPN & Proxies. Disable all profiles, especially those related to DNS, and activate the NextDNS profile.

    • mango_mountain
    • 1 yr ago
    • Reported - view

    Correct, only one can be enabled at one time. Since I am using Symantec (SEP) Antivirus, I cannot enable any other DNS / DoH etc. This happen to any DoH including AdGuard, so this is not NextDNS problem.

    • Himanshu.1
    • 1 yr ago
    • Reported - view

    thank god, i didn't purchased the paid plan. I've been experiencing this issue since more than a year now, previously on big sur, now its same on ventura. I saw countless threads online and not a single nextdns support team member bother to reply, such a PATHETIC service by nextdns. I am glad i didn't pay to these frauds.

    • Tom.15
    • 10 mths ago
    • Reported - view

    same issue

Content aside

  • 1 Likes
  • 10 mths agoLast active
  • 13Replies
  • 866Views
  • 8 Following