Unidentified devices
Hello there,
I have configured almost all devices from my home network but it seems it's not everything configured as it should be. I am receiving a lot of queries from "unidentified devices". I can see my devices on the list but not my Synololgy NAS and Chromecast devices.
How can I identify these two as well? I am also using one profile because everything goes through router.
Also here are some results from testing:
"status": "ok",
"protocol": "DOT",
"anycast": true,
"clientName": "unknown-dot",
42 replies
-
Installing NextDNS CLI got an error message.
Don't know how to solve this either and don't know if I have curl on my router Asus ax4200.
-
Yes, the IP address the router is using. Report back what happens, do the unidentified stop etc.
-
nothing changed.
Now I have disabled the DNS from WAN sections and used in LAN section. There I have no option to select DNS-over-TLS. On WAN settings I have selected 8.8.8.8/8.8.4.4
After testing I got UDP result. Don't know what that means?
-
It means all your devices connecting to your router will be unidentified and unencrypted.
You can put back the DNS-over-TLS settings on their own, in other words keep the 8.8.8.8... as the same.
-
- I set the WAN DNS with 45.90.28.0, 45.90.30.0 instead with dedicated DNS IP's from NextDNS and identified the router using TLS Hostname.
- I set the LAN DNS with the IP's dedicated from NextDNS and identified devices using John--Router- or John's%20Firefox as DoT/DoH endpoint on the them.
- Now I don't recieve UDP anymore. The result is DOH and also got names for every device on Analytics page.
Now the router has own DNS and devices are identified.
Does that look better?
-
Better, yes. But what's the situation with the unidentified/unencrypted requests, are they down, stopped or still the same?
One change that might help is to set the first LAN DNS to the router's IP address, the second one you can leave as it is currently set.
-
yesterday started to fall down, later they grow up again and now falling down.
Honestly don't know what's happening. It's so confusing.
At LAN DNS settings both fields were empty so I add NextDNS addresses there.
-
OK, a simple way to look at things is like this.
Any time you use the DNS IP addresses you will get unidentified/unencrypted requests in the logs/analytics.
The only exception is when IPs are used with a DoT/DoH string. (Info: this is called bootstrapping and will result in an Anycast connection to the servers)
I can give you a setup to use in your router for best results, if you want it.
-
sure... send it. Thanks!
-
OK, lets start in the WAN section.
WAN DNS Settings:
DNS Server = 8.8.8.8 & 8.8.4.4 (or another public DNS, whichever one has the fastest response time for your location)
DNS-over-TLS = Use 45.90.28.0 & 45.90.30.0 + your DoT string with router name.
LAN DNS Settings:
DNS Server = (local IP address of router) - Second can be either left blank or duplicate the first.
-
Here is what I have done.
WAN settings - https://postimg.cc/ThnmTvPh
LAN - DHCP Servers settings - https://postimg.cc/vx76hfK5
IPv6 is also from address from NextDNS, despite don't having IPv6 connection.
Or should I delete the IP's from NextDNS under Server 1/Server 2 in LAN Settings and also IPv6 and leave those fields blank?
What is okay?
And numbers in "unidentified devices" are continuing to falling down.
-
and also I get this result on ping.nextdns.io
edis-bud error dns1.nextdns.io error (ultralow1) -
You can safely delete the IPs in the LAN DNS section, if it allows blank fields. It is already advertising the router's IP as a DNS server.
-
hello again. I have another question.
Firstly queries are starting to fall down rapidly as time goes by.
Secondly I am using only one profile inside my main profile for all devices in my home network. Is it better to separate these devices on different profiles? One profile for mobile phones (using different sets of filter lists), second profile for my PC's, third for smartTV, TVbox, Chromecast and etc? I don't know what is best option or to have best results from my NextDNS main profile.
Thanks again, you are very kind!
-
Hi again.
Hmm... It's usually easier to have just one configuration in terms of managing things (you only need to change a setting once!).
Having different configuration profiles is useful for when you need to have the setup a little different than the main profile (something like allowing a domain only for a specific device).
Whether to use more than one configuration profile or not is probably just personal choice, there's no right or wrong for this.
-
so now it's better to leave all devices under one setup?
-
If all devices need the same level of protection, then it would make sense to keep to one profile setup.
If however, you need something a little different for a device/a few devices, making an extra profile will help in this use case. The option of multiple profiles is there for this purpose.
In the interest of keeping things simple and easy to manage, the one profile setup is very much preferred.
-
thank you. Then I'll stick to one profile.
-
Content aside
- 2 wk agoLast active
- 42Replies
- 397Views
-
3
Following