1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Using next DNS: possible DNS attack rebind detected issue

Discussion in 'Asuswrt-Merlin' started by kannanni, Feb 27, 2020.

  1. kannanni

    kannanni New Around Here

    Joined:
    Jun 15, 2017
    Messages:
    8
    Hi there,

    Using latest Merlin on my ac68u

    Managed to connect manually to nextdns via DoT using my nextdns ID

    However my sysinfo is constantly flooded with errors: possible DNS rebind attack detected.. false positives Screenshot_20200227-073411_Samsung Internet.jpg

    This does not happen when using Google or Cloudflare..

    Any cure to this without having to turn off DNS rebind protection from router?
     
  2. Dabombber

    Dabombber Regular Contributor

    Joined:
    Apr 29, 2016
    Messages:
    151
    Looks like nextdns is filtering ad sites for you. Your options are to disable it on their website, turn off rebind protection, or block the hosts on your router as well. They put their blocked hosts lists on their github if you want to take the third option, which you should be able to dump straight into diversion.
     
  3. Zastoff

    Zastoff Senior Member

    Joined:
    Nov 21, 2017
    Messages:
    453
    Not sure i am correct on this but think it has been a lot of issues when using NextDNS with DoT
    Some options:
    NextDNS with DoH is working well from DNSCrypt installer (how to)
    NextDNS also have their own installer (DoH)for Asuswrt-Merlin
     
  4. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    1,081
    NextDNS does not work great with Stubby (used for DoT) indeed.

    However, for this particular issue it should be enough to turn off "Enable DNS Rebind protection" in the router GUI.

    (NextDNS already performs DNS Rebind protection on their servers for you)
     
    dave14305 likes this.