2

Different Blocklists/Settings per Device

First of all, Hello World!
Secondly, is it meant to be for users to create a new account for help.nextdns.io rather than using the one already created for nextdns.io service? I'm new to nextdns thus I'm kind of lost. :)
......

TOPIC
I've been testing NextDNS and thus far I'm happy. I wish there were more block list, specially some specific/niche one. Glad that blocklist can be recommended to dev.

That brought me to this question.

Is it possible to have different settings for difference home devices connecting to the home router?

and/or

I see that it is possible to identify devices via the DoH/DoT address. Can this identity be used to assign different blocklist/setting per device?

 

I'm coming from a pihole/router environment where this can be easily done via dedicated IPs,MAC.  I can see the router handling DNS for all DoH/DoT being an issue as NextDNS will see only one query-address.
Which is why I hope that perhaps query-address containing an identity can/could be used to assign different settings/blocklist to different devices.

I saw the NextDNS CLI which has further pushed me in favor of NextDNS. I don't know if this would provide anything that could further assist on this matter. On the next couple of days, I will be testing it on my router.

Thanks

4 replies

null
    • R_P_M
    • 1 yr ago
    • Reported - view

    Hi there,

    It’s not necessary to use same login info for the forum, it’s up to you if you see it as a security risk or not. 

    It is possible to use different settings for different devices, you can use multiple configuration profiles for your account. The NextDNS CLI can help in this by using the “conditional configuration” setup, where you can assign a different profile to IPs or MAC addresses. 

      • A_T
      • 1 yr ago
      • Reported - view

      R P M Hello and thank you for your reply.

      I mentioned the login as I was coming directly from the my.nextdns.io web panel, I expected to be automatically logged into the community. At the moment I was confused that perhaps some browser/cookie setting was the issue but I opted to just create a new account for the nextdns community. Now I see that I didn't do anything wrong.

       

      NextDNS CLI Conditional Profiles

      Doing some research on the mentioned Conditional Profile, I found this post that oh look it is by you :)

      https://help.nextdns.io/t/p8hcwwg?r=h7hcw7k

      which brought me to the NextDNS CLI github wiki.

      https://github.com/nextdns/nextdns/wiki/Conditional-Profile

       

      It took me a bit but just now I figured out NextDNS Profiles. At least  for me this was not clearly expressed/explained on the nextdns webpanel nor the nextdns CLI wiki. On the settings penel it just presents you the option to name/delete profiles. It would be helpful if it had a footnote letting users know that each profile has its own unique dns-query url ID. As a new nextdns user I thought profiles were a way to save different setups to save users the trouble of going over settings over and over to enable/disable features. Anyways, thus far I've figured this much out.

      On the wiki we are given this Conditional Profiles example: 

      If for instance, we want:
Clients in the 10.0.4.0/24 subnet to have the 12345 profile
The host with the 00:1c:42:2e:60:4a MAC address to have
the 67890 profile
The rest of the network to have the abcdef profile
The install command would be as follow:


sudo nextdns config set     -profile 10.0.4.0/24=12345     -profile 00:1c:42:2e:60:4a=67890     -profile abcdef
sudo nextdns restart

       

      So based on this setup

      1. What is referred  to as "profile" is this where I would insert the endpoint ID attach to X or Y nextdns profile?
      2. Can I setup host/clients by way of static IP rather than MAC address? If so, is there any benefit to using MAC address over static IP?

      Thank you

      • R_P_M
      • 1 yr ago
      • Reported - view

      A T 

      1) Yes, that’s correct, just add the config for each, 6 characters made from letters or numbers ID.

      2) It should work with a static IP (add the address as /32). MAC option is for when the IP might change. There’s no real difference between static IP and MAC, just a matter of preference. 

      • A_T
      • 1 yr ago
      • Reported - view

      R P M  Cool. Thank you very much for you help.

Login to reply

Content aside

  • 2 Likes
  • 1 yr agoLast active
  • 4Replies
  • 754Views
  • 2 Following