I’m not extremely versed in internet security, so this may be a stupid question.
I have Next DNS on my router, and I have a VPN on my phone. Is one bypassing the other?
I want some tracking prevention on my router because my family members refuse to use the VPN that I’m paying for.
As many have already pointed out, using a VPN would mean using the VPN-provided DNS server too.
However, if you’re on Android, you can use the Private DNS feature to use NextDNS alongside your VPN.
Your DNS requests would be tunneled through the VPN to the NextDNS server. This would also mean NextDNS would see your traffic as coming from the VPN server.
Actually VPN with nextdns is really ideal and that’s what I use. Because I don’t want my vpn provider to be tracking what I do thru their DNS servers no thanks.
I use a different nextdns profile for my mobile phones and use the android native DOT private dns alongside with nordvpn. It overwrites the dns of nordvpn which is what I want. I don’t want nordvpn to do my dns queries.
Now on some networks like at work or at my gym I cannot use the android native DOT private dns feature (the port is blocked) so I have to use the nextdns app. So what I do is connect with the VPN first and then enable the android private DNS feature. Works really great.
At home I am not using a VPN on the router (asus gt-ax16000) but I am kind of curious to try. I like the nextdns app you can install on the router if you have a asus router with merlin firmware which I do but I kinda prefer DOT instead of DOH.
I am using NextDNS with Torguard, Windscribe, PIA and Proton VPN without issue. All on Android and desktop. (sorry, not an Apple user here). You either have to turn off the dns in the vpn or set a custom dns server in the vpn.
You can even set it up with AdGuard and its version of a VPN. It is not really difficult.
Get a router that will run your vpn! then your whole network will be on the vpn
Depends on the phone and how you set it up but most likely you are not hitting nextdns on your phone because of the VPN. Most VPN providers set their own DNS to prevent you from being tracked via DNS requests, this will usually override the nextdns on your phone.
It’s not a stupid question. In fact, using a VPN with NextDNS is somewhat complicated if you’re not well versed in network security. I’m not going to attempt to explain it, but you might want to look at discussion at https://help.nextdns.io, because there’s a fair number of threads about trying to do what you’re asking. Also, I’m pretty sure it’s quite difficult, especially if you’re using iOS. As someone else mentioned, many VPNs providers do NOT support using custom DNS.
EDIT: changed last sentence to NOT.
Your VPN DNS has priority over your Android DNS, which has priority over your router DNS. So if you use a VPN, you’re basically using your VPN DNS.
However, you can set NextDNS on your Android browser specifically, which will have priority over your VPN DNS when you browse the Web (only). Note that all your other apps will still use your VPN DNS.
If you can, I’d recommend changing your VPN DNS to Adguard DNS so you can at least block ads in your other apps.
For Android, in my case most of the VPNs I’ve been using gonna Android 10+ will be using the DNS of the VPN…and in my case I’ve seen some of them have bee. Just Google Public DNS. Now since Android 9 and higher tho there is Private DNS which when I enable it after the VPN makes it use whatver Private DNS I have there.
Altho switching VPN exit nodes gave me issues which is why I always reccomendnd turn it Private DnS connection off. Switching vpn node then turning it back on
I don’t think that’s correct. I’m using a vpn on Android right now and have Adguard as the dns on my router and ControlD as my private dns. But ipleak.net and DNS Test show I’m using my VPN’s dns which is as it should be.
Hi! I know you posted this comment two years ago but I bumped into this thread after searching around on Google.
Using Android’s private DNS feature alongside NextDNS is actually really smart. In addition to the advantage of your VPN provider not being able to see what you’re doing since they don’t handle your DNS queries, does it also mean that NextDNS would not even know who you are since the DNS queries they resolve would be tunneled through your VPN first, meaning the queries would be associated with your VPN’S IP address instead of yours? That, in addition to disabling logs would make it nearly impossible for NextDNS to know it’s you, I suppose. Unless they can associate the DNS queries with your NextDNS account, be it with or without VPN. But then again, if they don’t even have logs because you disabled them, chances are close to zero.
That is strange. I’ve been using Proton VPN with NextDNS configured in Private DNS for months now and my DNS queries have always been going to NextDNS. I also have peers that confirmed that Private DNS does indeed bypass the VPN-specified DNS.
It’s depends on the VPN configuration, normally android private DNS is going over VPN DNS. For privacy what I researched is that VPN with 3rd party DNS is better. Because the VPN ISP doesn’t know what you’re doing and the 3rd party DNS ISP neither, because it’s viewing the VPN ISP IP. But if you use the DNS of your VPN ISP it can see what you’re doing, if it want to. Using https can mitigate it with the new protocols but not for sure in all websites.
Might be your phone is screwey i been playing with NextDNS and DNS over the last 7 days as trial to see if I wanted to go with it. I mostly had issues when the Private DNS was enabled while a reconnection to different VPN server was done where Private DNS would give me an error about being unable to connect. Though otherwise in my testing which includes testing 4 hours ago after going premium I’ve have my VPN on with Private DNS NextDNSS being used according to dnsleaks
Does Proton allow you to use a custom dns? Because Windscribe does, so maybe that’s the difference.
Nothing wrong on my end. That’s been my set up for a couple of years. I think the vpn provider also makes a difference. Mine allows me to use any dns I want.
Proton does not, so that could very well be the reason.
Proton does on desktop but not in android app so you add it to your android settings.