1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

NextDNS Installer

Discussion in 'Asuswrt-Merlin' started by Olivier Poitrey, Jan 3, 2020.

  1. Olivier Poitrey

    Olivier Poitrey Occasional Visitor

    Joined:
    Dec 23, 2019
    Messages:
    38
    I'm proud to announce NextDNS is now officially supporting Merlin. You can find the installation procedure on our Github Wiki.

    We are also working with @RMerlin to add a UI to this integration. Stay tuned.

    You can post your questions or concerns to this thread or contact us directly through our support chat on https://nextdns.io.

    Enjoy and happy new year.
     
    Last edited: Jan 12, 2020
    coolbeans2016, faria, AntonK and 14 others like this.
  2. adampk17

    adampk17 Regular Contributor

    Joined:
    Sep 17, 2013
    Messages:
    158
    Would this be used in concert with something like Diversion or would their functionality overlap?
     
  3. Olivier Poitrey

    Olivier Poitrey Occasional Visitor

    Joined:
    Dec 23, 2019
    Messages:
    38
    It overlaps.
     
    Kingp1n likes this.
  4. Mutzli

    Mutzli Senior Member

    Joined:
    Dec 22, 2014
    Messages:
    372
    https://nextdns.io/faq
     
    gattaca and adampk17 like this.
  5. gattaca

    gattaca Regular Contributor

    Joined:
    Feb 18, 2012
    Messages:
    186
    ^^^ There's nothing wrong (or right) with taking a layered or onion approach other than it might make debugging a bit more difficult...b/c who's the culprit?

    I hope NextDNS plans to do a DoT setup vs DoH only.
     
  6. thelonelycoder

    thelonelycoder Part of the Furniture

    Joined:
    Jan 23, 2014
    Messages:
    6,109
    Location:
    Switzerland
    The web interface is beautiful, simple to navigate and NextDNS worked right away.
    I'd have to figure out how this best cohabits with Diversion on the router. Working already with @Olivier Poitrey so both services are aware of each other.
     
    ZPGR, momall, QuikSilver and 8 others like this.
  7. Jack Yaz

    Jack Yaz Part of the Furniture

    Joined:
    Apr 20, 2017
    Messages:
    2,647
    The interface for the Merlin integration, or for their website? :O

    EDIT: the website is pretty slick!
     
    Last edited: Jan 4, 2020
  8. SomeWhereOverTheRainBow

    SomeWhereOverTheRainBow Senior Member

    Joined:
    Jun 4, 2019
    Messages:
    488
    web interface?
     
  9. thelonelycoder

    thelonelycoder Part of the Furniture

    Joined:
    Jan 23, 2014
    Messages:
    6,109
    Location:
    Switzerland
    Theirs, Diversion only has an abandoned project folder on my local hard disk for its own web ui. The last remains of it were removed from the code in Diversion 4.1.4.
     
  10. SomeWhereOverTheRainBow

    SomeWhereOverTheRainBow Senior Member

    Joined:
    Jun 4, 2019
    Messages:
    488
    I hope you plan to reinvent that wheel because no one has efficiently taken something as lightweight as pixelserv-tls and has optimized use and function with their own adaptations quite like you have. I feel there are a lot of miles left on those tires of yours. :cool:;)
     
    thelonelycoder likes this.
  11. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    949
    Their web interface is indeed really nice.

    In general I don’t like subscriptions that much, but this might be one I would consider, if I get it working properly on all my devices,
     
    dave14305 likes this.
  12. lukaszzsch

    lukaszzsch Regular Contributor

    Joined:
    Aug 7, 2016
    Messages:
    90
    Is nextdns installed compatible with diversion? I have instaled nextdns last night and internet connection with websites was gone.

    Came back when i removed nextdns....
     
  13. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    1,783
    Location:
    USA
    It can block the same lists as Diversion, so it is overlapping and redundant from that perspective. Diversion’s advantage is Pixelserv plus the dnsmasq logging it provides. And control is another aspect in Diversion’s favor.

    Offloading large memory footprint from the router is an advantage for Nextdns, not to mention the mobile clients to take ad-blocking with you away from your home network. But I am surprised that the nextdns client on the router claims to be taking ~782m virtual memory in top or htop.
     
  14. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    1,783
    Location:
    USA
    I would like to see a way to keep Diversion active for dnsmasq logging and Pixelserv, but disable the blocking lists.

    This is how I try to accomplish this today in dnsmasq.postconf:
    Code:
    pc_append "alias=0.0.0.0,192.168.1.2" "$CONFIG"
    pc_delete "addn-hosts=/opt/share/diversion/list/" "$CONFIG"
     
    gattaca likes this.
  15. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    949
    When they go out of beta, NextDNS will be free "up until about 300,000 DNS queries/month": https://nextdns.io/pricing

    I had no clue how soon I would reach that limit, but I just discovered that the Raspberry Pi which is fetching data from my smart electricity meter and uploading that to an Athom Homey is reaching that amount, in a single day...

    Shouldn't the router cache that DNS entry? (why are they all calls to NextDNS?)
     
  16. Olivier Poitrey

    Olivier Poitrey Occasional Visitor

    Joined:
    Dec 23, 2019
    Messages:
    38
    It is not. Both are competing to get dnsmasq's attention. Working with @thelonelycoder to make both installers aware of each others. I'm not sure it make sense to run both solutions in parallel tho as they somewhat fulfill the same task.
     
  17. TNCS

    TNCS Occasional Visitor

    Joined:
    Aug 16, 2019
    Messages:
    39
    While it seems a good initiative, it riddles too many question if privacy is the main focus concern. Admittedly it a hard thing to do and very difficult to strike a balance and in no way I'm targeting anyone/anything in personal way, but here're my two cents:

    1. Like any privacy centric service, it really still a 'good faith' putting up front. Example 'user data that shall not be logged, it is discarded as quickly as possible' - who decide what type type of data shall not be logged? I would personally rather have a master 'completely no logging' option. I know under the faq 'Some features require some sort of data retention. In that case, our users are given the option, control, and full access on what is logged and for how long' may have clarity for some people, it still riddles around 'good faith' IMHO.

    2. Despite the claimed crypto currency support, but E-mail based login only.

    3. Surprised to see Hong Kong is up there in the Hardened Privacy mode. It true HK has PDPO similar to the GDPR, but it much less refined as it doesn't define clearly of the accountability and governance, no prior consent, no mandatory breach notification, etc. And not to raise anything, but I think the situation now in HK is pretty self-explanatory to put anyones imagination as to the potential regulation changes in the future.

    These are just the few and most upfront ones. Hope NextDNS can improve and strike for a better balance.
     
  18. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,831
    Location:
    Canada
    I would expect the router's dnsmasq to cache these repeated queries (unless they have a very short TTL).
     
  19. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    949
    That's what I hoped, but apparently not. How can I check the TTL?
     
  20. Olivier Poitrey

    Olivier Poitrey Occasional Visitor

    Joined:
    Dec 23, 2019
    Messages:
    38
    To @TNCS questions:

    1. We only log if you enable logging, it's only used for your own analytics. In settings you can disable all form of logging.
    2. Email is required for billing, even with crypto. Anonymity has to be managed by the email service of choice.
    3. HK is only used for people outside of China and we are actively following the situation.