Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

NextDNS has been a game changer. I highly recommend it if anyone wants something similar.


I agree with you.

I had nextdns, moved to pihole but the maintenance was frustrating- and I couldn’t use it outside of my home network (without more work with setup).

So went back to nextdns - I have set up different profiles depending on who is using it (so my wife is on a light version, no logging whereas my 9 year old son is on a lockdown down version with logging).

It just makes things simpler and is very reasonably priced


> I had nextdns, moved to pihole but the maintenance was frustrating- and I couldn’t use it outside of my home network (without more work with setup).

Maintenance? What maintenance?

I set up my PiHole a couple years ago and haven't touched it since.

Granted, I didn't set mine up on a Pi, I set it up on my EC2 box in AWS. That way, I could have ad blocking on my phone without needing to expose my home network.


I made the same pihole to NextDNS transition. My pihole worked well for 3 years or so. Well enough that I allowed it to become inaccessible without moving lots of furniture.

Then the SD card died. Instead of digging it out to fix it I tried NextDNS and found it works as good or better while also being less work. Well worth $20 to me.


Worth mentioning that the free plan is well enough, been on it for the past 2 years on all my devices and never reached the paid quota!


That's impressive. A Pi-Hole outage in the middle of Thanksgiving prompted me to sign up for NextDNS the next day, and since then my household has already used 150k of the 300k available for the free tier.

NextDNS' unlimited queries for its paid plan is also a large reason why I picked it over AdGuard with its 10m queries/mo limit. Even if I'll likely never hit that limit, I don't even want to worry about it.


How do you use NextDNS with hard-to-configure devices? A lot of its config seems to require DNS-over-HTTPS which I'm not sure my Smart TV would support.


You run a DoH or DoT proxy on your edge device or a caching resolver that supports DoH on your edge device, serve DNS from the edge device over DHCP and block outbound DNS from other devices on the network at the firewall. Doesn’t fix evil Google devices that intentionally use DoH to bypass DNS blocking, but there are ways (more complicated, unfortunately) to fix that too.


I use unbound as my edge resolver, and you can use this to help prevent _some_ rogue DoH clients

  # nx domain for disabling firefox DoH, so we can still get adblocking
  # https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
  local-zone: "use-application-dns.net" always_nxdomain


I have my home router pointing to their DNS servers, and then NextDNS links your public IP to your account. This ensures all your local devices are using it.

But what if your IP changes? NextDNS provides a URL you can call manually to resync your IP address. I recycled my PiHole with a cron job to just call it every minute.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: