Any recommendation for DNS service/app that can used on the Apple ecosystem. I don’t want to setup pihole BTW since it won’t work when I’m outside my network
Requirements (may be it’s too much to ask, but I’ll still list):
, one-time payment)I use and like NextDNS, which has an Apple specific configuration profile generator:
However, it’s not for you, since it requires a (fair) subscription? (€19,90/year)
(They have servers running, need to maintain hardware/software/network/blocklists etc.)
EDIT: I forgot that this service is free if you have a low number of DNS requests per month
If you want free, then Cloudflare will work (1.1.1.1) of Google (8.8.8.8).
However, I can’t confirm that they don’t log.
I’m also a NextDNS user and pay for the service. I think it’s a reasonable cost, and it ticks the other boxes (though note that you have to turn off the logs). I haven’t, as I find it interesting, but I can choose to host in a GDPR compliant location, rather than the US.
Once you have made your decision I suggest you test your network speed using both your new DNS server and your ISP’s recommended DNS server. With and without Private Relay turned on (if you plan to use PR)
I would also test your streaming services. Apple, Netflix, and occasionally other services place cache servers inside the network of partner Internet Service Providers so they can provide “the highest-quality viewing experience possible”.
AFAIK if you do not use your ISP’s DNS you cannot take advantage of these cache servers.
There is also a possibility for using https://uncensoreddns.org
They do only support dns-over-tls or dns-over-https.
There is a profile for that at https://dl.arendtsen.dk/uncensoreddns.mobileconfig
I’ve used Cloudflare (1.1.1.1) for years, mainly for its speed (I compared services some years ago, and don’t know what they are like now). Just checked and they offer a VPN tunnel called WARP Client for DNS requests or all traffic (user selectable). Cost is free for DNS and VPN does have a paid tier that they claim is faster in some cases.
Their privacy policy is described here https://www.cloudflare.com/privacypolicy/ It is extensive as it covers not only the 1.1.1.1 service.
No, there are other options to take advantage of them:
AFAIK Cloudflare 1.1.1.1 doesn’t log, but of course Google does
Cloudflare also has apps that create secure tunnels for DNS queries to prevent hijacking and poisoning, though it’s not as complete a solution as a VPN
That looks interesting and I can see how it would be able to route me to the closest CDN on the open Internet. But I’m a Comcast customer and when I stream “Ted Lasso” from an Apple cache server located in a Comcast datacenter they know who I am.
Thanks for sharing! do you know if we can add filter lists to the DNS (to block ads domains)