What's new

Suggestion: DNS Director, add optional compatibility with DOT

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Linuxer

Occasional Visitor
Hi. I'm using nextdns on my entire LAN, through nextdns CLI on an RT-AX86U Pro. Nonetheless, I noticed that nextdns is bypassed by explicit plain DNS queries.

For instance, a query on the likes of

Code:
[xxx@xxxxx ~]$ nslookup google.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   google.com
Address: 216.58.215.174
Name:   google.com
Address: 2a00:1450:4003:803::200e

don't appear in nextdns logs.

Activating DNS Director in Merlin is a workaround, but doing so nextdns DoT on my android phone doesn't work anymore in my LAN (obviously, as DNS Director blocks port 853).

Is there a way to avoid plain dns queries to bypass nextdns CLI without relying on DNS Director (or even using it)?
As a suggestion, could an option/checkbox to avoid blocking port 853 be added to the GUI?
In this case, blocking port 853 should be the default. Then most "offending" DoT addresses should/could be filtered by an external blocklist.

Alternatively, is there a manual way to open port 853 even with DNS Director active?

Thanks a lot in advance.
 
Last edited:

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top