Just blogging this in case it hits anyone else.
I was previously using NextDNS with my internal DNS servers on a couple of Raspberry Pis. Recently I decided to simplify things (move the internal DNS server Docker container to a regular machine; get rid of the Pis for now etc.) and decided to run NextDNS from my router itself. I have an Asus router and run AsusWRT Merlin firmware. NextDNS can be installed on the router following the instructions here.
AsusWRT Merlin uses
dnsmasq for DHCP and DNS resolution. By default
dnsmasq listens on the router’s port 53 so NextDNS integrates with it along these lines (it listens on a different port and tells
dnsmasq to use it as upstream). It adds the following to
127.0.0.1#5342 line vary per deployment depending on what port NextDNS decides to listen on.
In my case I had the following line in
This tells it to forward any queries for my home domain raxnet.com to an internal DNS server.
In theory with this config DNS queries would be sent from my home machines to
dnsmasq who would forward them to NextDNS and NextDNS will forward any internal queries to the IP above. That didn’t work for me however! External queries were going to NextDNS but internal was returning an NXDOMAIN.
Spent a fair bit of time trying to figure out the reason. Finally I realized I had set a domain name for my router and so
dnsmasq had added a line like this to its config:
dnsmasq that the domain is local and so it must answer queries from
/etc/hosts – so
dnsmasq does not forward these to NextDNS and the latter never see these queries.
The workaround was to remove the domain name from the router config and now
dnsmasq and NextDNS can co-exist.