NextDNS

From LinuxReviews
Jump to navigationJump to search

NextDNS is a DNS server provider based in California, USA that offers DNS resolution with advertisement filtering, logging while at the same time promising privacy, adult content filtering and other services.

Confusing Promises

NextDNS promises to "Protect your privacy" while at the same time logging DNS queries. The log is publicly available to any computer on the same local network at their website - with no login or other authorization. They could focus on offering privacy OR focus on offering big brother surveillance. They seem to be promising both.

The Network

NextDNS has, as of mid 2020, a world map with locations indicated on them titled "OUR NETWORK" in the bottom of their nextdns.io websites front page. Many of the locations are marked as being anycast location. A large amount of anycast servers all over the world should, in theory, result in low DNS query times all over the world. That is, in practice, not so.

Performance

DNS lookup times using NextDNS varies between acceptable to completely unacceptable depending on your location.

A short test of DNS lookups from Germany using NextDNS resulted in query times between 300 ms and 500 ms. Slow, but acceptable.

DNS lookups from Sweden gave DNS query times between 700 and 1100 ms. That is extremely slow. For comparison, Cloudflares 1.1.1.1 / 1.0.0.1 anycast DNS services resolves domains in 15-20 ms from the same location.

It is hard to say how the NextDNS DNS servers perform in different parts of the world without actually testing from a lot of locations. What we can say is that performance can be poor or outright unacceptable depending on your location. Do not blindly configure your network use NextDNS without testing how it performs from your location.

Additional Features

NextDNS allows you to configure blacklists from different sets of pre-defined blacklists if you sign up and pay for their service.

Verdict And Conclusion

NextDNS may be an alternative if you do not want to simply configure your own DNS server using unbound and you don't want to pick one or more of the many publicly available hosts blacklist files and install that locally. It may also be a disastrous non-alternative that will noticeably hamper your networks performance. DNS query times above 1000 ms are simply totally unacceptable. How slow queries to NextDNS are depends on your location. You should absolutely do some testing before you even consider paying money for their services.

avatar

Anonymous user #1

4 months ago
Score 0++
Logs can be disabled and are NOT available to anybody on the LAN, you need to authenticate.
avatar

Anonymous user #1

4 months ago
Score 0++
Contact the support if your latency is over 50ms, they will fix it for you. In most places it’s below 10-30ms.
Add your comment
LinuxReviews welcomes all comments. If you do not want to be anonymous, register or log in. It is free.