NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
While it's great that we can designate our own DNS servers on the routers, instead of just using the ones provided by our ISPs, it would be even better if you could integrate DNS-over-TLS and/or DNS-over-HTTPS into the firmware. This would allow us to query DNS servers (e.g., Cloudflare's 1.1.1.1 or Google's 8.8.8.8) without our ISPs being able to monitor our requests, giving us confidentiality from our ISPs and anyone along the path between our LAN and the DNS server; without our requests being able to be changed, ensuring integrity in the replies; and without having to run a separate service or piece of hardware on our networks for this purpose, increasing availability, at least from a certain perspective, as not everyone has the resources or ability to run their own local DNS server capable of using one of these two standards.
33 Comments
Agreed DoH would be a good feature to implement for both IPV4 and IPV6.
Would also add:
- Multiple DNS entries for redundancy and responsiveness- Allow Routers DHCP to hand out multiple DNS entries with leases for same reasons.
I wouldn't count on it, but the iOS 14 giving the following message, maybe this will enoucrage Netgear to actually do something sooner vs later. Even the new WiFI 6 routers aren't encrypting DNS traffic which is sad.
This is the message iPhones and iPads are displaying when there is a Netgear router handling DNS:
"Privacy Warning
This network is blocking encrypted DNS traffic.The names of websties and other servers your device accesses on this network may be monitored and recorded by other devices on this network"
Any response from Netgear regarding this feature ?
Agreed. DNS over TLS is a standard now, and open source software (stubby) has been in use now for a couple of years as the defacto standard for routers. It would be a relatively small work to add this into Advanced settings, at least for the more popular AC class routers and all of the AX class routers. It would also be nice if Netgear had an "enthusiast" version of their firmware and that would probably increase sales as pretty much everyone is using similar HW designs and chipsets. I have heard that the latest Netgear firmware is actually based on OpenWRT, can anyone confirm or deny if Netgear is using OpenWRT as a base?
Agree! It is a must have.
Still no news after the idea was posted almost 4 years ago now.... This is a basic feature that could be implements very quickly.
Orbi router are great but the support in general is the biggest downside.
This thread started four years ago. Now we're in March 2022 and there's still no support for secure DNS. All major software/hardware vendors, including Google, Apple, Microsoft, Samsung, etc., support multiple flavors of secure DNS out of the box. Thankfully, browser makers began including those features to compensate for the inept Netgear and others like it. Pathetic.
I’ve seen that in the latest firmware for my RAX10 router (https://kb.netgear.com/000064539/RAX10-Firmware-Version-1-0-11-112).
No option to activate it on the admin page though.
Thanks for pointing it out. I doubt it's active by default as it needs configuration, so not sure how useful this may be at the moment.
I have the AX4200 (RBK753) which hasn't had a firmware update since October 2021. Maybe it's coming too. And even maybe support for HTTPS in the admin console.
Netgear REALLY needs to provide DoH support.
