Disappearance of NextDNS from your website?

mrbot · 2021-10-19T13:41:43.511Z

I noticed that you have deleted NextDNS from all your product informations on your website and that from now on they only highlight Cloudflare. NextDNS only exists on ./solutions/nextdns/.
Can we know why? Is there a problem with NextDNS or is it just something else (e.g. non-renewal of contract or exclusivity of CloudFlare)?

For example, on the Beryl (GL-MT1300) file dated Nov 1, 2000:

Screenshot WayBack GL-MT1300 Beryl1842×421 90.1 KB

(source)
today:

Screenshot Today GL-MT1300 Beryl1842×484 92.3 KB

(source)

I know there are some DNS-related issues in the firmware (thanks to Henry), so I would love to have more information.

Notes:
I posted in general because beyond the software-related problem, it shows a lack of clarity regarding your communication.
Also, I did not find a topic related to this problem on the forum, but if it exists, I’m sorry for the duplication and please give me a link.

Thx

alzhao · 2021-10-19T15:33:24.751Z

NextDNS is one function, far from a solution now.

There is a stability issue not be able solve until now as well.

Max3 · 2021-10-20T12:27:04.128Z

I was curios if there’s a way to run DNS over TLS with NextDNS in a stable way at the moment.
During this month I was using Unbound with Dnsmasq and to my surprise, it just works like a charm.
I installed Unbound, I configured Dns forwarding in DNSmasq to 127.0.0.1#1053, then I configured Unbound listen port to 1053, I enabled DNS over TLS and configured the forward zone as “xx.xx.xx.x#My--GLinet--Router-xxxxxx.dns1.nextdns.io”.

I’ve stressed the connection like crazy over the past weeks, tested a lot of times for leaks and it just works without problems in any situation (never had a freeze or a reboot), wich really surprised me becasue even in the NextDNS settings page they warn you it can have some problems (github.com/NLnetLabs/unbound/issues/132).

I also tried Doh with Https-dns-proxy and it also stops resolving after some days of use, just like your DNS over TLS solution with stubby (it seems this is the problem: https://github.com/openwrt/packages/issues/16058).

So I’ll stay with Unbound but I hope you’re able to find a solution sooner or later.

alzhao · 2021-10-20T15:00:14.593Z

Good to hear that unbound works for you.

mrbot · 2021-10-21T13:18:39.822Z

I tried several options but always failed to have something stable enough in the long run.

I modified Stubby on my Slate, and I thought it worked for a while but with some annoying leaks (I eliminated the need I had with the base configuration to reboot the service almost every day). I didn’t persist as I don’t have much time, and I never tried Unbound but surely will on my next router.

At the moment, I’m using different configurations, even if they’re all connected through my router. “Private DNS” on android, the official app on Windows, and “systemd-resolved” for Linux. I find it easier to maintain and log.

My travel router is up to date and connects me through a VPN. I consider that a win, with a tiny disappointment.

alzhao · 2021-10-22T03:59:51.086Z

When use NextDNS, turn off “DNS rebinding protection” and it can works for like 1 week.

pps781 · 2021-10-23T18:51:36.360Z

NextDNS had some connection failures with Stubby (see TLS Connection Failures - Stubby - Bug Reports - NextDNS Help Center) which might explain some of the reliability issues that have been observed.

Personally, I’d like to see two features in future versions of the GL.iNet firmware:

The ability to specify customer DoT resolvers. Sure, we can edit /etc/stubby/stubby.yml, but it’d be nice to be able to do it from the GUI
Support for DoH (using, e.g the https-dns-proxy package). Since DoH uses tcp/443, it’s less likely to be blocked than tcp/853