NextDNS Inc has announced today they are soft launching their private and secure DNS service globally. What is so special about NextDNS is that it’s not an ordinary DNS service. Sure, at its very core, it’s the same thing as Cloudflare DNS or OpenDNS. What separates it from the rest is their Anycast array of their own servers that are in charge for routing of traffic to nearest location, making them about as fast as Cloudflare.
What separates NextDNS from the rest
What really sets NextDNS apart is their extensive security and privacy feature set. When using NextDNS as public resolver, it logs nothing. It’s just a domain name resolver and that’s that. However, if you create an account, you can also make NextDNS filter traffic for you on multiple fronts, from security where it blocks phishing and malware to more privacy oriented wide selection of popular block lists like EasyList and EasyPrivacy for ads and trackers to manual block and whitelists to blocking of services, blocking of native trackers in common devices and operating systems, extensive configurable logs, statistics page as well as security/privacy settings where you can actually define where you want your DNS account logs stored when you opt for having logs. For now it can be USA, EU or Switzerland specifically. And if you want to keep logs, you can specify for how long and you can also filter things on a deeper level by only hiding IP’s in the DNS queries or even domains.
Wide support on various types of devices
Another amazing thing about NextDNS is native support for almost any type of device. Be it Android or iOS smartphone, Windows PC, Linux, Mac, browsers or even routers. Yeah, you can install NextDNS client directly on a supported router like ASUSWRT-Merlin powered routers and it’ll filter EVERYTHING that connects through that router. It’s freaking amazing service. I’ve been using it since quite early BETA and it has been amazing. It’s really not just a DNS service, it’s a full security suite where you can exactly control your privacy and security of all devices from mobile device to desktop PC or Android TV media device. Of course within limitations of DNS service. For more precise filtering you still need to use something like uBlock which actually combs through webpage code and filters out tracking junk, but it’s still doing pretty damn good job.
As far as pricing goes, regular DNS or DNS with DoT/DoH is entirely free and costs nothing to use just like any other public DNS. However, running extensive block/filter lists is only free for 300.000 queries and then it switches back to regular DNS without filtering if you get past this limit. If you want to use it for unlimited amount of queries, it’ll cost you 1.99€ a month or 19.90€ a year, giving you some discount.
NextDNS on Reddit: https://www.reddit.com/r/nextdns
My verdict on NextDNS
I’ve been using NextDNS for several months and even though there were few tiny issues, it was rock solid and reliable even during BETA. And what I like NextDNS the most is tracking protection. The amount of garbage devices want to send around that can and most probably does compromise your privacy, NextDNS blocks it at the “entry” point. Almost all communication outside of direct IP communication uses DNS resolving to convert fancy names into ugly numbers. And with their filter lists, you can keep a hand over excessive communication. An if none of the lists block what you want to block, you can do it manually. I run it on all my devices and it’s doing amazing job filtering all the garbage. There are bunch of apps for smartphones that cost as much as NextDNS for a single device. Here, you can basically control traffic of ALL your devices for 20€ a year. I think it’s quite worth it. Give it a try. It’s free for 300.000 queries a month which is quite a lot so in most cases even free plan should be enough to get through the month for most users.
As far as filter lists go, I highly recommend only using the following:
- All 3 “Disconnect” lists (very lite, only block most common trackers)
- LightSwitch05 (super extensive filter list that makes use of other lists pretty much obsolete)
I was really amazed by the performance of Lightswitch05 list. It blocks huge amounts of internet manure while causing pretty much no false positives. And its maintainer is really cool too, adding or fixing things really fast. There are tons of lists, but I wasn’t impressed by them, especially not by default NextDNS Recommended list. Just too many problems with a lot of lists where above ones work pretty much flawlessly.