A review of NextDNS

25 March 2023

About a month and a half ago I switched to NextDNS. I love it.

For years, I ran pi-hole on a server at home. At some point, however, it got old enough that upgrading was not going to be straightforward—this is entirely due to neglect; my bad.

But that's just the problem. What I want for this is something bullet-proof, something I don't want to think about. DNS is critical; it's in-band to everything my family does on the internet.

NextDNS is a SaaS solution that provides a service similar to pi-hole, but is much more powerful. And for me, the price of less than $20 per year is a no-brainer. (Really, I'm a sucker for anything that's less than $2/mo and has an annual purchase option, like TinyKVM.)

NextDNS pricing

Killer features

The features that push NextDNS over pi-hole for me are:

Profiles

NextDNS allows you to set up different profiles which you can use in any combination of devices. Do you want to set a different profile for your kid's iPad to make it even more locked down? You can do that easily.

Default blocklists

The default blocklists that NextDNS use have fewer surprises than those I found with pi-hole. Often I'd have to create an exception just so I could unsubscribe from some email list, or so my wife could finish her shopping. I never tracked it down, but Home Depot's online shopping cart was broken when I used pi-hole. Now I don't have that problem.

Parental Controls

This feature allows you to "restrict access to specific websites, apps and games", such as Reddit, Steam, Hulu, etc. They have a fairly comprehensive list that you can toggle. You can set Recreation Time for these.

NextDNS Parental Controls Screenshot

Recreation Time

For the apps/sites/etc blocked by Parental Controls (see above), you can allow these to be unrestricted for a particular time window.

NextDNS Recreation Time Screenshot

DNS-over-TLS/QUIC and DNS-over-HTTPS

NextDNS supports these out of the box. For pi-hole, it appears you can set this up via cloudflared, but is a manual process.

And the absolute #1 killer feature for me: It works everywhere, not just at home

Set up a configuration profile for your phone, tablet, computer, and you're protected from anywhere in the world. Before, with a pi-hole, I was often surprised by unwanted ads when I was outside my home. Now with NextDNS I never have that problem. No matter where I go, my sanitized DNS comes with me.

Setup is easy

Just like pi-hole, you can set up your gateway (e.g. your wifi router) to point to their DNS servers. This adds blanket protection for the devices in your home. This is great because not all devices can be configured to use custom DNS, such as a TV or smart speaker.

For the other devices, it's as simple as downloading a configuration profile, which is what gives you protection from any location, and provides stats on a per-device basis. It took me just a couple of minutes to set up my laptop, phone, and tablet.

Of course there are many ways to set up DNS on each device, and NextDNS's control panel has excellent guides for each platform.

If you are interested in signing up, consider doing so through my affiliate link.