Guide 2 - configure a custom dns

Guide to Configuring a Custom DNS on Linux#

Introduction: What is DNS and Why It Matters#

The Domain Name System (DNS) is like the internet’s phone book, translating easy-to-remember domain names (like google.com) into IP addresses that computers use to locate each other on networks. When you visit a website, your device sends a DNS request to locate the corresponding IP address, allowing you to load the site. By default, your Internet Service Provider (ISP) usually handles these DNS requests, meaning your ISP can track which websites you visit. To protect your privacy, configuring a custom DNS service can help shield your online activity from prying eyes, filter out unwanted tracking, and improve security.

This guide will show you how to set up a custom DNS on Linux to enhance your privacy, specifically using NextDNS, a highly customizable DNS service (and free for average users).

Steps to Set Up a Custom DNS on Linux#

Step 1: Create an Account on NextDNS#

Sign Up for NextDNS:
- Go to NextDNS and create an account. You can sign up using an alias email for added privacy.
- The free plan allows for up to 300,000 DNS queries per month, which is sufficient for most users.
Access Your User Dashboard:
- After registering, log in to your NextDNS dashboard. The dashboard offers settings to customize your DNS filtering, including blocking trackers, ads, and malware domains.

Step 2: Install NextDNS on Your Linux Device#

Open the Terminal:
- Run the following command to install NextDNS:
```
sh -c "$(curl -sL https://nextdns.io/install)"
```
Configure NextDNS Settings:
- During the installation process, you’ll be prompted to enter specific details:
  - Enter “i” for install and type your password if prompted.
  - Copy your NextDNS Profile ID from your dashboard and paste it when prompted.
  - Enable caching by entering “y” for faster access.
  - Enable “local DNS hosts” for improved speed and reliability.

Step 3: Enable and Start NextDNS Service#

Start the Service:
- After installation, use the following command to start NextDNS:
```
sudo nextdns start
```
- Use the following commands to stop, start, or restart the service as needed:
```
sudo nextdns stop
sudo nextdns restart
```
Set NextDNS to Start on Boot:
- To ensure NextDNS runs every time your device starts, add it to your system’s startup applications. Open your Linux startup applications manager, add a new entry for NextDNS, and specify nextdns start as the command.

Step 4: Customize Your DNS Filters#

Block Trackers and Ads:
- In the NextDNS dashboard, go to the Privacy tab and enable the “NextDNS Ads & Trackers Blocklist.” This blocklist prevents connections to domains associated with tracking, ads, and known malware sources.
Check Your DNS Logs:
- The Logs tab in your NextDNS dashboard shows all DNS queries made from your device. This feature lets you see what’s being blocked and refine filters as needed.
- Disable logging once you’re satisfied with your setup if you prefer not to retain this information.
Additional Configuration:
- Add domains to a custom “Denylist” if you see connections you’d like to block.
- Conversely, if you notice an essential domain is blocked, add it to your “Allowlist.”

Step 5: Test Your DNS Setup#

Verify Encryption:
- Open a browser and visit test.nextdns.io. If the DNS protocol displays as “DOH” (DNS over HTTPS) or “DOT” (DNS over TLS), NextDNS is encrypting your DNS traffic.
Check the Filtering:
- Visit an ad-heavy website, such as yahoo.com. With NextDNS active, you should notice fewer ads and trackers on the site.

Conclusion#

Configuring a custom DNS is a powerful way to enhance privacy and security on Linux. By using a service like NextDNS, you gain control over the internet traffic that reaches your device, reducing unwanted tracking and boosting your online anonymity. Now that you have your custom DNS in place, you can browse with peace of mind, knowing your activity is more private and secure.