NextDNS is a service you should consider using. It blocks malicious websites, ads, and trackers, gives you complete control over your privacy, bypasses censorship mechanisms, makes your requests more secure, lets you enable parental controls, provides real-time analytics, and more. Plus, NextDNS is open source, which is always a big plus for software you trust with your data.
What is NextDNS?
NextDNS is a DNS service focused on providing a secure browsing experience while enhancing your privacy in the process.
Yes, you have options like Cloudflare — but they’re all managed options that don’t give you custom control over what you want to block and how you want to secure your internet activity.
NextDNS is more like a network firewall than a regular DNS service.
Advantages of NextDNS over other DNS services
Here are some advantages of NextDNS over other DNS services:
- Support server in Vietnam (Hanoi), because the DNS server is located in Vietnam, when querying the domain name, it will return CDN (CDN is a cache server to support website loading speed) in Vietnam, much better than if using Google DNS service, it will return CDN Singapore. Some websites that support CDN are: Facebook, Youtube, Google, Bilibili, TikTok…
- Supports blocking, advertising, tracking. Has Parental control function to manage, limit devices to use only certain services or times (Free package is limited to 300,000 requests per month, after this limit, NextDNS is just a normal DNS service like other services).
- DNS over HTTP/3 support.
You can start for free and set it up on an unlimited number of devices, but there is a monthly quota limit. Specifically, the information about NextDNS’s plans is as follows:
- Registering a free ID will have a limit of 300,000 queries/month, reset at the beginning of the month, when reaching the limit NextDNS will still resolve normally without causing network failure.
- Price 45,000 VND/month and 450,000 VND/year. (Fake IP to Turkey for only 180,000 VND/year!)
How to install NextDNS
Before you proceed with the installation, you need to register your own NextDNS account by visiting the NextDNS Home page. Once you have registered, you will see an account management page with the information as shown in the screenshot below.
Note : Each person will have different information and the information in the image below has also been changed for security reasons. Later, in the installation steps, please use your own ID.
Install on Windows
1. Google Chrome Browser
Step 1 : Open Google Chrome then go to chrome ://settings/security. Scroll down and find and enable Use secure DNS then select With, press the arrow and find and select Custom.
Step 2 : In the box to enter DNS service, enter https://dns.nextdns.io/2a6276. In which, 2a6276 is the user ID , please replace 2a6276 with your ID .
For other browsers using the Chromium core such as Opera, Brave and Microsoft Edge… the installation is similar. You just need to go to the browser settings, find DNS and you will see the Use secure DNS section .
2. Mozilla Firefox browser
Step 1 : Open Firefox browser then type about:preferences in the address bar and press Enter.
Step 2 : Click on General on the left sidebar then scroll down to find Network Settings then click on the Settings button.
Step 3 : In the network settings window that just appeared, scroll down and then click to activate the Enable DNS over HTTPS section , select Custom in the User Provider section and paste https://dns.nextdns.io/2a6276. Here you still need to replace the ID with your ID as installed with Chrome.
Step 4 : With Firefox, you need to do one more thing: go to about:config then type network.trr.mode in the search box. Click on the pen icon, enter the number 3 instead of 0 or 2 and then click save.
This is a necessary step because every time you change the DNS over HTTPS configuration Firefox will automatically change network.trr.mode to 2, you must change it to 3 otherwise DOH will sometimes not work.
Install on Android
1. Install on the entire Android system using DNS-over-TLS (DOT)
When you install NextDNS on your entire Android system, you can not only block ads on your browser, but also block ads in some apps relatively well.
a. With stock Android
You just need to go to Settings > Network > Private DNS > Paste the DOT link as shown in the picture and you’re done. Note, the DOT link will be in the style 2a6267.dns.nextdns.io different from the DoH link above and you need to replace your ID.
b. With Android versions that have had their interfaces revised such as MIUI, ColorOS, OneUI…,
On these Android versions, the Private DNS item will be hidden. Depending on the version, it will be located in a different region. If you can’t find it, you need to use a third-party application to open this setting.
For example, with MIUI, you can use an app called Hidden Settings For MIUI.
c. For Android version 8 and below
For older Android versions you will have to download and use the NextDNS app, there is no other way.
2. Settings for browser
The settings for the browser on Android are the same as what you do on Windows. For Firefox, you also need to note that you have to change network.trr.mode to the value 3.
Install on iPhone
You need to access the page https://apple.nextdns.io to download the DNS profile to your device and follow the instructions on your device to activate it.
Install on router
Installing on the router will help you apply NextDNS to all devices connected to the internet through that router. However, this can easily lead to unexpected errors or unstable connections due to routing problems from the network operator… Therefore, you need to consider before doing it.
1. Simple setup
First, you need to log in to the router’s admin page. Each type of router will have a different admin page and different accounts and passwords. You can search online or call the hotline to ask your network operator how to access your router.
After accessing, you find the DNS section and then adjust the DNS to the following address:
45.90.28.91
45.90.30.91Then, you access the NextDNS account management page and click the reset button in the Linked IP section. Note that every time the IP address changes (if anyone uses a dynamic IP, each time the router is restarted, there will be a new IP), you will have to click the reset button again in Linked IP.
2. Set up DDNS if your router supports it
The advantage of setting up DDNS is that every time you restart the router, you don’t need to press reset at Linked IP, but the setup is more difficult. In addition, not all router models support DDNS. In this section, you can use Google to find out if your router supports DDNS and how to set up DDNS in detail.
Once completed, if the NextDNS account management page shows the status as shown below, you have successfully installed.
How to check which NextDNS server is fastest and how to choose a server
1. How to check which NextDNS server is the fastest
For each different internet connection, there will be NextDNS servers that provide the most optimal connection speed. To check which NextDNS server is most optimal for your network, you can visit the following page: https://ping.nextdns.io/.
You will see the information appear as shown above. The green column is ping and the red column is server. Usually, choosing the server with the lowest ping is best.
2. How to choose NextDNS server
In fact, choosing a NextDNS server is quite simple. You just need to change the link you paste into the DoH or DOT configuration.
For example, for an ultralow server, you can use the link https://ultralow.dns.nextdns.io/2a6267 or https://ultralow2.dns.nextdns.io/2a6267. An ultralow 2 server can be shortened to https://dns2.nextdns.io/2a6267. You can do the same with anycast servers.
With DOT, you can only choose between ultralow servers, not anycast servers. Therefore, the links you can use will be:
- 2a6267.dns.nextdns.io
- 2a6267.dns1.nextdns.io
- 2a6267.dns2.nextdns.io.
3. How to enable DNS over HTTP/3 (DOH3) protocol
DOH3 is a new protocol that is advertised as faster and more secure. You can try it out using the following links:
- https://doh3.dns.nextdns.io/2a6267
- https://doh3.dns1.nextdns.io/2a6267
- https://doh3.dns2.nextdns.io/2a6267
Additionally, you can learn how to use DNSProxy for your entire system running DNS-over-Quic, DNS-over-HTTP/3.
NextDNS features you can customize on the home page
Security
Here, NextDNS lets you choose a list of websites you want to block, from constantly updated threat feeds, to sites with misspellings or using international characters to masquerade as other sites.
Using these default settings is a safe choice, but they may accidentally block a legitimate site that you want to visit. In that case, you don’t need to disable the protections, just add the site to the whitelist.
Privacy
The top option here is the ad and tracker blocker list, which essentially blocks ads from appearing on websites and stops third-party trackers from communicating with its servers. The default blocklist is pretty comprehensive, but if you find it lacking, you can add a stricter blocklist from the built-in options.
NextDNS gives you the cool ability (in beta) to block device-level trackers on Samsung, Xiaomi, and some other supported devices. This is especially useful if you don’t want your device manufacturer to track you.
Here are the filters you should use to block ads or scam sites:
NextDNS Ads & Trackers Blocklist
AdGuard DNS filter
AdGuard Mobile Ads filter
EasyList
AdGuard Base filter
ABPVN List
hostsVN
AdAwayParental Controls
If you don’t want someone on your network to access a particular website, app, or game, or even all of them, you can choose from a pre-compiled list here, to block apps like Tik Tok, Fortnite, Steam, Netflix, and Amazon, as well as entire categories of websites, including porn, piracy, and social media.
You can even force search engines into safe search mode, block mature YouTube content, and prevent people online from using “circumvention” methods like VPNs or Tor.
Blacklist/Whitelist
If you want to access a domain but can’t, put it on the Whitelist. If you don’t want to access a domain but can, put it on the Blacklist.
Analysis/Logging
Depending on your logging settings, you may have a record of every site you visit or a completely blank slate. However, if you have logging enabled, analytics will show you which pages your machine is making the most requests to, how many requests are being blocked (and where the blocked requests are headed), which device is making the requests, where the traffic is coming from, and how many requests are secured.
There’s even a GAFAM meter that shows you how much traffic is going to properties owned by Google, Microsoft, Facebook, Amazon, and Apple. Even if you want to maintain your privacy, leaving logging enabled for a month or so can yield some interesting insights about your browser.
This can be a great feature that gives you more clarity on what is being blocked or allowed. You can easily check the percentage of blocked queries out of the total queries made and detailed logs for all your devices. If you have multiple devices set up, the analysis can be filtered accordingly.
In addition to the data displayed for analysis, you can also choose the storage location for your logs and whether you want to enable log storage in the first place.
Unlimited Configurations & Unlimited Devices
Regardless of whether you are a paid subscriber or a free user, you can create multiple profiles (i.e. different rules and options for a group of devices) and can also connect to an unlimited number of devices.
This gives you the potential to secure multiple devices at home and work, which can be extremely useful if you have a number of devices at your disposal.
Speed up web browsing
With NextDNS, you can also try to improve your browsing experience. You get a number of options to tweak.
For example, you can cache DNS queries to improve load times.
