Please evaluate my device VPN+DNS setup

Hello everyone, I’ve been using NextDNS for about a year now and love how good it is and the granular control it provides. I bought proton VPN about a month ago and have been struggling to find an effective way to use it alongside NextDNS.

Threat model - power user who wants more control over my data.

Recently, I was recommended this setup for both my android devices and windows main PC: system wide private DNS off, ProtonVPN with netshield on, and nextdns DOH setup in each browser individually. I’ve done DNS leak tests several times and NextDNS shows up everytime.

For more information, this was my previous workaround: system wide private DNS on (nextdns), ProtonVPN with netshield off, and nextdns DOH setup in each browser individually.

Please evaluate the recommended setup for my use case.

Hi!

That’s not a threat model, and I think your misunderstanding there is what’s leading you to be asking for this help, as these are questions you would already have the answers to if you really threat modeled it (you might still need help answering questions while making one, to be clear). Luckily, the knowledge base has a great article to help you start

Depends on your threat model . But really, no one can answer your questions without knowing what you want to protect, who you are protecting it from, the likelihood you consider that it will come under attack, the cost of a compromise to you, and the lengths you are willing to go to in order to prevent a compromise. Again, I strongly recommend starting at the knowledge base article and working on creating one.

You should check out YogaDNS if you want to use NextDNS with a VPN.