Three years ago I was searching for an alternative that could serve us better than PI-Hole and can be used everywhere on a multiple of devices. This brought us to NextDNS, an online DNS service usable from any device and almost everywhere. Before NextDNS we were using OpenDNS that serves a free tire for home users, without blocking tracking and advertisements but with security in mind.
Why somebody could want NextDNS, well, maybe because there is a long list of options and possibilities than could serve al lot of people:
- Block tracking for better privacy
- Block advertisements on DNS level
- Works on almost any device everywhere
- Multiple configurations like one for kids, work or normal usage
- DNS history with configurable retention and saving geolocations
- Parental control
- Force Google Safe search
- Block tracking from Apple, Xiaomi, Microsoft, Samsung etc
- Block addresses prone to malware and fishing
- Block several services like porn, Snapchat or gambling
- AI-Controlled DNS protection
- Protection against crypto jacking
- Protection to Dynamic DNS host-names
- Protection against child abuse
- Block some individual apps/sites like Snapchat or Tinder
- and many more
The management website is easy to use and every option is explained. In the free version you are allowed up to 300,000/monthly requests before it falls back to a normal DNS service. A yearly subscription costs 19,95€. In our situation we have 1.2 million requests monthly serving up to 25 devices.
You can configure the NextDNS servers in your home router and bind your home ip-adres in the web-interface to make all un-configured internal devices use the service. In case of a firewall that uses a DNS cache, request for NextDNS are a lesser number.
In the past three years we never encountered any real problems. The only problem I had on my business laptop occurs when connecting/disconnecting the company VPN, but since the latest windows installer the problem does not occur anymore.
Sometimes some free WiFi services do not allow DNS-over-HTTPS. Another event that sometimes occurs is that a site is not working fully for something being in a blocking/privacy list, these are easy to track and overcome. Some url shortners are classified as unsafe for being prone to abuse.
Keep in mind that advertising and tracking is only blocked on DNS level, other advertising and web enabled tracking services still do come thru, so on browsers something like uBlock is stil needed.
The privacy lists we use are OISD (contains almost every list without breaking sites), Easylist China, AdGuard Russian Filter, Ru Add List and the Bulgarian List.
A secure and free alternative brought by the European Union and built in cooperation with NextDNS and others is dns0.eu. They offer different DNS services like DNS-over-TLS, DNS-over-HTTPS, DNS53 over ipv4 and ipv6.
They offer three different DNS services, one basic and secure service, one high secure service and one that is safe to use for kids, you can check on their pages to find the configuration to your liking.
- dns.eu basic @ dns.eu
- dns.eu secure @ zero.dns.eu
- dns.eu kids @ kids.dnso.eu
Reacties
Een reactie posten