Should I set the LAN/DNS Filter mode to Router if using NextDNS

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Dan567

New Around Here
I am using NextDNS installed in Merlin to handle the DNS. I read in another thread that the LAN/DNS Filter mode should be set to Router. Should I do that if using NextDNS?

I noticed that the settings for Custom DNS 1,2,3 are set to 8.8.8.8. Should I leave them set to that? I am not sure when they are used for since I am using NextDNS.
Thanks
 

eibgrad

Very Senior Member
By default, the clients will be directed to the router for DNS. All the DNS filter (as Router) does is force any attempt by those clients to use any other DNS server, back to the router.

The custom DNS servers are used by DNSMasq to configure the public DNS servers it will use on behalf of those clients. But if you're using NextDNS, it actually doesn't matter anymore. The NextDNS installer will redirect all DNS traffic (via DNSMasq) to its own local proxy, and to its own DNS servers using DoH. IOW, all other public DNS servers become irrelevant.
 
Last edited:

MvW

Senior Member
I have "Enable DNS-based filtering" disabled, and use only the NextDNS CLI.

IOW, all other public DNS servers become irrelevant.

Almost completely agree with you, but although not mentioned by the topic starter, the WAN DNS server field(s) should remain populated in WAN Settings, with DNS-servers of choice (which can even be NextDNS) as far as I'm aware. The router always needs these, if only it were to get NTP synced, because NextDNS can't resolve anything before time has synced. As soon has that has happened, NextDNS takes over.

 
Last edited:

eibgrad

Very Senior Member
I have "Enable DNS Filter" disabled, and use only the NextDNS CLI.



Almost completely agree with you, but although not mentioned by the topic starter, the WAN DNS server field(s) should remain populated in WAN Settings, with DNS-servers of choice (which can even be NextDNS) as far as I'm aware. The router always needs these, if only it were to get NTP synced, because NextDNS can't resolve anything before time has synced. As soon has that has happened, NextDNS takes over.


Good point. I wasn't really considering any *bootstrapping* issues wrt NextDNS, but just the clients and custom DNS settings on the LAN side.
 
  • Like
Reactions: MvW

miniterror

Regular Contributor
Force everyrhing to the router, clients are getting there own DNS servers hardcoded.
Think of android devices having 8.8.8.8 hardcoded.
Setting it to router mode will catch those queries too and force the devices to use your NextDNS.
Also if you choose to setup Diversion the devices with hardcoded DNS will not have addblocking if you dont set it too router mode.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top