Private DNS or default in DNS server over VPN?

To take good advantage of DNS filtering users would have to disable features like Proton’s Netshield or custom DNS in Mullvad. This would allow to use configured private DNS. F.x. when using Rethink DNS, Controld, or NextDNS this could give a more of what is being blocked. I often find that usinig the DNS filtering of the VPN providers is rather limitted.

I wonder what your thoughts are on this.

I definitely agree. Until Proton VPN comes up (sometime this year) with an update to their NetShield feature providing stats and more control, I’ll still use a combination of NextDNS + ProtonVPN.

Maybe they will someday implement custom encrypted DNS into their clients, that would be great to. One or the other.

  • Android: ProtonVPN (NetShield enabled) + NextDNS in Private DNS (NetShield is overriden)
  • iOS: ProtonVPN (NetShield enabled) + NextDNS in a Configuration Profile (Configuration Profile is overriden by VPN but will be used when you disable the VPN)
  • Windows 10: ProtonVPN (NetShield enabled) + NextDNS DoH in my browsers (since NextDNS Windows client can’t connect under ProtonVPN)
  • macOS: ProtonVPN (NetShield enabled) + NextDNS DoH in my browsers (since Configuration Profile is overriden by VPN. But I guess you can also set the Configuration Profile to be used device-wide when you disable the VPN)

didn’t yet tested Windows 11.

1 Like