I’ve been a Mullvad user for a long time, and while they’re an amazing service, I can’t get past the fact that their custom dns support is, frankly, utter rubbish from my experience with providers like nextdns. I’m looking for a new solution to plug this frustrating hole. Selfhosting a vpn is also technically an option I suppose, any ideas?
I have also had the same issues with Mullvad and NextDNS. NextDNS is such great service but Mullvad says that it leaks whereas their own DNS doesn’t. Also only IPv4 support, not DoT or DoH or anything else, which is a shame. You could try using the Wireguard application as I believe that has custom DNS support, and import the Mullvad Wireguard profiles/server configurations.
I did try this, it unfortunately didn’t work, hence why I’m looking for a new solution altogether.
I don’t know any in particular that work well.
However, it is worth noting that, in terms of privacy this setup could (I believe) increase the risk of your real IP leaking.
If you can content filtering/blocking (similar to what NextDNS offers/, you may want to take at Windscribe, specifically it’s “R.O.B.E.R.T” feature which allows you to block different categories and allows for a custom whitelist & blacklist although you cannot import that from a filter list.
More info: https://windscribe.com/features/robert
Check out ControlD and see if it might suit your needs for DoH/DoT on its own. Made by Windscribe, actually. ControlD is expressly not a VPN, but I wanted to mention it anyway.
IVPN is kind of like a more customizable Mullvad, give it a try, they have a 1 week option. I’ve been impressed with all the documentation on their site.
What issues are you facing? I’m not on Mullvad anymore, but never really had an issue with their Custom DNS.
My old configuration was Mullvad, with a custom DNS of “127.0.0.1”. From there, I had two methods to use NextDNS:
- The old YogaDNS install, with it managing the NextDNS connection. This was good for quite some time, purely because I couldn’t find a decent alternative, until…
- Portmaster. Hook NextDNS’s DNS-Over-TLS into Portmaster’s DNS. I found it far more reliable than with Yoga, and never had any issues with it. It also helps that Portmaster works on Linux.
The reason I stuck to these two methods was because I kept having issues with NextDNS’s own app, and their other configuration options (with a VPN). Sites haven’t noticed a DNS leak… they’re all recognizing NextDNS servers. Not my ISPs, or Mullvads.
Interesting, I’ve never heard those methods, may give those a try; although I would prefer a solution that could work on mobile as well, since I also use my vpn there.