What's new

Need help configuring NextDNS

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

StrikerXXX

Occasional Visitor
Guys, I'm using nextdns in merlin, but I would like to know the correct form of nextdns configuration. This is the configuration I use:

xvxLGCj.png


Is this the correct way to set up nextdns in merlin right now? In nextdns panel control, what should I set up to get the most out of the merlin?

I did the downgrade to the .13, I found it well but stable that .14, heats less ac68u and slides no more bugs. The webgui works normally, very fast, now no longer has the choking as before as they occur in .14
 
Guys, I'm using nextdns in merlin, but I would like to know the correct form of nextdns configuration. This is the configuration I use:

xvxLGCj.png


Is this the correct way to set up nextdns in merlin right now? In nextdns panel control, what should I set up to get the most out of the merlin?

I did the downgrade to the .13, I found it well but stable that .14, heats less ac68u and slides no more bugs. The webgui works normally, very fast, now no longer has the choking as before as they occur in .14
In TLS Host name you should write devicename-yourID.dns.nextdns.io

For example:

ASUS-12a345.dns.nextdns.io

Then go to test.nextdns.io to see if it’s working.

Anyway, if you use Merlin, imho is better to use the NextDNS CLI client, that uses DoH instead of DoT.

 
In TLS Host name you should write devicename-yourID.dns.nextdns.io

For example:

ASUS-12a345.dns.nextdns.io

Then go to test.nextdns.io to see if it’s working.

Anyway, if you use Merlin, imho is better to use the NextDNS CLI client, that uses DoH instead of DoT.

It is configured as in its example, the DoT is functional. Is Doh better than dot? I always doubt what would be better than the two protocols to use.
 
I have now also installed “NextDNS CLI” on my AX86U with Asuswrt-Merlin and set it up so far. Unfortunately there are no detailed tutorials about it. Even on Github it is only explained very superficially, at least that's how I feel.

Should I set something in the WebGUI of the router under “WAN - Internet Connection” or “LAN - DNS Director” regarding NextDNS or should I leave everything as default?

What could be entered or changed under “/jffs/nextdns/nextdns.conf” or “/jffs/scripts/dnsmasq.postconf” that would improve performance and security?

I've been looking for answers like this for weeks and not everyone is born a professional. It can all be very complicated...

Translated with DeepL.com (free version)
 
Something I notice is that using the nextdns with the dns over tls really the connection with the sites takes a little longer, it should be by the question of crypto, correct? Using dns over htps is faster. I also have these doubts: AsusFreak, I would also like to know what to do in this situation. My knowledge of these matters is practically nil.
 
I have now also installed “NextDNS CLI” on my AX86U with Asuswrt-Merlin and set it up so far. Unfortunately there are no detailed tutorials about it. Even on Github it is only explained very superficially, at least that's how I feel.
The CLI is the best way to go. It is set it and forget it. No settings to change, nothing to configure. When you install the CLI it will ask some questions, say yes to all and you are done.
 
Does the NextDNS CLI support IPv6? Last time I ran it I only saw IPv4 hits in the NextDNS dashboard. I'll try again maybe some of the settings were off.

Edit -- nope - tried installing it again and it falls back to IPv4 NextDNS. I ran "nextdns uninstall" and it falls back IPv6 DNS.
 
Last edited:
It supports IPv6. I use it on my system with no issue. Just like IPv4, don't configure anything manually other than turning IPv6 on. The CLI takes care of the rest.
 
Speaking of CLI installation, what are the differences between dns over https and dns over tls in the nextdns? Which of the two protocols is more secure, stable?

I know that the installation in cli is DoH, the configuration in dot can only do it by the merlin webgui.
 
Unless a mobile device is connecting to an external public network, additional configuration is required. I'm not sure if this understanding is correct?

1727840838880.png



I only performed a basic DNS IP configuration without using CLI specifically.

for ipv4
1727840911325.png


for ipv6
1727841042776.png



The above configuration of NextDNS will be treated as an unrecognized device, but it won't affect statistics and protection.
1727841126982.png



However, a significant drawback is that devices in the home make tens of thousands of queries to dns.msftncsi.com daily, quickly exhausting the 300,000 free queries. I have currently installed unbound for local caching to reduce the query volume as much as possible, but I am still unable to prevent dns.msftncsi.com from querying upstream DNS.
 
I recall 2 options from my earlier setup
  1. There's a way in the router to send the "dns.msftnsci.com" DNS queries to a specific DNS and not use NextDNS... (I think).. but do not recall where that setting is OTOMH.
  2. If home user, pay their $19.90 / YR fee for the PRO version.
Please post your results with the latest NextDNS setup. I've been using NextDNS on/off for a couple of years and VERY early on there were stability issues with their developing client so it was a total manual configuration to get it working properly. One of the NextDNS guys use to frequent the Merlin forums but it's been a while since I've seen him answering questions. Have a good one!
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top