NextDNS CLI vs. native DOT?

RMerlin

Asuswrt-Merlin dev
One is a third party app that may break at any time (it has happened in the past), while the other is built-in in the firmware and removes one extra layer of complexity.
 

iJorgen

Regular Contributor
I left the CLI a few months ago since it stopped doing DNS-requests for 30 seconds exactly every 30 mins. Not a clue why and the NextDNS-team couldn't understand it either. Just like @RMerlin wrote, third party apps may break and adds complexity.

Now I'm using the native DoT support with NextDNS instead and it has delivered rock solid DNS-performance for months. All settings the CLI have can be made using DNSmasq/Stubby configs instead and has even more tweaks than the CLI offers. The only thing I don't get is client names in the log-files, but not a big issues for me. If something is blocked I will see it in the first 10 entries on the log-page. Don't need to see exactly which of my Google speakers did the DNS-request. If you really need client-names in logs for some devices you can always use their app or install the Apple Configuration Profile.
 

treeskygrass

Occasional Visitor
The only thing I don't get is client names in the log-files, but not a big issues for me. If something is blocked I will see it in the first 10 entries on the log-page. Don't need to see exactly which of my Google speakers did the DNS-request. If you really need client-names in logs for some devices you can always use their app or install the Apple Configuration Profile.
Their app or Apple Configuration profile will show you which speaker does an inquiry? How?
 

iJorgen

Regular Contributor
No, the opposite... Devices that can install the app /profile will report it's name otherwise it will look like the router made the request.
 

iJorgen

Regular Contributor
How would you do that on non-iOS/macOS devices like a speaker?

Their app or Apple Configuration profile will show you which speaker does an inquiry? How?

No, like I wrote in post #6... Devices that support installation of the app/profile (PC, Mac, iOS/iPadOS etc.) will report their names, but the other bulk of devices on the network won't.
There is an integration with Dnsmasq to get client reporting, but haven't looked into it and don't know if it works together with DoT. I like to "keep it simple" with zero issues, so I'm satisfied with my current setup.
 

treeskygrass

Occasional Visitor
I like to "keep it simple" with zero issues, so I'm satisfied with my current setup.
Simple is good, but client identification is really handy in troubleshooting issues. I've used NextDNS CLI for a long time and I never had an issue either... and I cannsee what devices make quarries which is great for troubleshooting.

RMerlin do you know if DNSFilter set to "router" will work with the NextDNS CLI?
 

RMerlin

Asuswrt-Merlin dev
RMerlin do you know if DNSFilter set to "router" will work with the NextDNS CLI?
I don't know how their implementation works, sorry. If they interface with dnsmasq then it should be fine, otherwise no.
 

SomeWhereOverTheRainBow

Part of the Furniture
Simple is good, but client identification is really handy in troubleshooting issues. I've used NextDNS CLI for a long time and I never had an issue either... and I cannsee what devices make quarries which is great for troubleshooting.

RMerlin do you know if DNSFilter set to "router" will work with the NextDNS CLI?
you should try adguardhome, and get the best of all worlds and have full setup control at your finger tips. otherwise use @RMerlin internal implementation of stubby. As for NextDNS CLI , I think they did a good job for how far they got, but I also feel for a paid for service, they had a lot of hiccups along the way-i.e. hiccups they should have gotten rid of while they were still free.
 
Last edited:

treeskygrass

Occasional Visitor
On a side note,
you should try adguardhome, and get the best of all worlds and have full setup control at your finger tips. otherwise use @RMerlin internal implementation of stubby. As for NextDNS CLI , I think they did a good job for how far they got, but I also feel for a paid for service, they had a lot of hiccups along the way-i.e. hiccups they should have gotten rid of while they were still free.
Thanks but it's Russian. Go !
 

SomeWhereOverTheRainBow

Part of the Furniture

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top