0

Ubiquiti Router DNS Stamp

Ubiquiti just released a feature on their router allowing the use of Custom Secure DNS. What DNS Stamp does NextDNS use? What should I enter into that field? I have a paid NextDNS account.

15 replies

null
    • Calvin_Hobbes
    • 4 mths ago
    • Reported - view

    I’d never heard of dns stamp until now.  A quick search reveals 

    what it is: https://dnscrypt.info/stamps-specifications/

    along with an easy to use interface to create your own stamp for the dns protocol and server of your choice 

    https://dnscrypt.info/stamps/

      • Marty_Boyle
      • 4 mths ago
      • Reported - view

       - LMGTFY.....I get it. I saw that as well before posting this message, but it leaves out critical information that I need like Protocol which I assume is DOH, but the IP is it their IP or mine? Host name is what? Port number? Other settings?

      • R_P_M
      • 4 mths ago
      • Reported - view

       Some of the options listed are not required. When you copy the stamp from the setup page, you can paste it into the calculator page and what’s contained will populate in the other sections. You can add a device name to the path option with adding “/devicename” , the stamp will change to include this. 

    • Marty_Boyle
    • 4 mths ago
    • Reported - view

    Ok so I followed this website with the settings I think it wants (nobody can tell me for sure) and it did not work. I had to login to the UniFi portal with an IP to get back in as it brought down the entire network.

      • Calvin_Hobbes
      • 4 mths ago
      • Reported - view

       Unify doesn’t just have a place to enter the DOH address?  Seems that would be much simpler.   I think the stamp is intended for a service to give out to users rather than have users try to figure it out for themselves.  

       

      [FWIW, I bought Unify Dream Machine and returned it quickly because its configuration seemed overly convoluted (and required creating an account with them just to use it).   I’m not sure what model you have.   I ended up with the edge router X and put NextDNS on the devices I care about rather than on the router.   This has the major advantage of being able to quickly disable NextDNS temporarily if something doesn’t work right, rather than having to login to the server and chase down the problem.   That’s just me though, some people find my way appalling.   Then again I prefer stupid TVs and Stupid light bulbs and stupid doorbells, stupid refrigerator and most recently a stupid washing machine and no voice assistant.  Rant over]
       

      TLDR, ubiquity should just give you a way to enter the DOH (or DOT) information directly.   Perhaps some day NextDNS will provide the stamp on their configuration page which they already customize for each profile..

      • Marty_Boyle
      • 4 mths ago
      • Reported - view

       Screenshot attached. I hear ya on the stupid devices. Everything in my house is dumb and I have actually been setting each browser to use custom secure DNS, but would be nice to figure this out since it's a newly released feature.

      • Calvin_Hobbes
      • 4 mths ago
      • Reported - view

       is there a different place to configure DNS where you can use IPv4 or DOH or an iPv6 address like just about everyone else does?   This feels convoluted 

      • NextDNs
      • 4 mths ago
      • Reported - view

       a stamp for each profile is available on the setup page under linux > dnscrypt.

      It is a very odd choice to use DNS stamps in the UDM UI. It feels like they are leaking an implementation detail of their choice of underlaying software (dnscrypt-proxy).

      Stamps only made sense for the dnscrypt protocol which couldn’t easily fit its connection info in a simple URL (DNS stamp was invented for dnscrypt and only used by dnscrypt-proxy). The dnscrypt protocol never took off and unlikely will, so DNS stamps should just go away in our opinion.

      • Amit_Saini
      • 3 mths ago
      • Reported - view

       Thank you! This saved me a lot of time!

    • wprivera.1
    • 4 mths ago
    • Reported - view

    Thank you! This answer helped tremendously. I just copied and pasted into the correct spot.

    😃

    • ISSkiGeek
    • 3 mths ago
    • Reported - view

    I have done all of the above. Should I also still have the IPV4 and IPV6 addresses for NextDNS in the WAN interface and Local network settings as well?

      • headinthecloud
      • 3 days ago
      • Reported - view

       old discussion, but I think you should be able to just set them to auto. How do you like using it so far? I was thinking of switching over from my PiHole to Unifi + NextCloud, but I have to take the plunge. One thing I will miss is being able to segment out devices (since the PiHole is able to see my private IPs).

    • Daniel_Taylor
    • 21 hrs ago
    • Reported - view

    Hey, Just found the Stamp details are under NextDNS-Setup>Linux>DNSCrypt As soon as I entered them here it was picked up. No Device Identification though. 

      • Daniel_Taylor
      • 20 hrs ago
      • Reported - view

       needed to remove some brackets and apostrophe too. Incase that is of some use. Been running now for some time, but not change for all internal traffic. Shows as 127. or ALBO? 

       

      I couldn't get CLI to work at all for some reason. No errors on install. No worky.

      • headinthecloud
      • 19 hrs ago
      • Reported - view

      what was your issue with the CLI? I installed it recently and had no issues at all.

      How long ago did you make the change in the UI? It sometimes takes time for clients to renew dns.

Login to reply

Content aside

  • 19 hrs agoLast active
  • 15Replies
  • 864Views
  • 7 Following