NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
While it's great that we can designate our own DNS servers on the routers, instead of just using the ones provided by our ISPs, it would be even better if you could integrate DNS-over-TLS and/or DNS-over-HTTPS into the firmware. This would allow us to query DNS servers (e.g., Cloudflare's 1.1.1.1 or Google's 8.8.8.8) without our ISPs being able to monitor our requests, giving us confidentiality from our ISPs and anyone along the path between our LAN and the DNS server; without our requests being able to be changed, ensuring integrity in the replies; and without having to run a separate service or piece of hardware on our networks for this purpose, increasing availability, at least from a certain perspective, as not everyone has the resources or ability to run their own local DNS server capable of using one of these two standards.
33 Comments
That’s a very naïve and honest way to look at it, privacy wise. I do not trust ISP that will sell you data. The purpose of encrypted DNS is to block your ISP from viewing your queries, and ensuring your data is not intercepted. The profitable information is in the metadata. DNS is transmitted in plaintext or cleartext, by default. Even if I choose a a different DNS provider it is still transmitted through their infrastructure and can be seen by ISP unless it’s encrypted. The most important thing to me is make it an opt in feature, let me choose if I want to use it.
"DNS-over-TLS and/or DNS-over-HTTPS" - Most of that is handle by browsers or features with in browsers. Also can use custom DNS servcies and there IP addresses with in the router configuration. Nothing would need to be added here.
Most likely something NG may not want to get involved with.
Agreed, please add this to Orbi AXE11000 and AXE10000.
Netgear REALLY needs to provide DoH support.
Thanks for pointing it out. I doubt it's active by default as it needs configuration, so not sure how useful this may be at the moment.
I have the AX4200 (RBK753) which hasn't had a firmware update since October 2021. Maybe it's coming too. And even maybe support for HTTPS in the admin console.
I’ve seen that in the latest firmware for my RAX10 router (https://kb.netgear.com/000064539/RAX10-Firmware-Version-1-0-11-112).
No option to activate it on the admin page though.
This thread started four years ago. Now we're in March 2022 and there's still no support for secure DNS. All major software/hardware vendors, including Google, Apple, Microsoft, Samsung, etc., support multiple flavors of secure DNS out of the box. Thankfully, browser makers began including those features to compensate for the inept Netgear and others like it. Pathetic.
Still no news after the idea was posted almost 4 years ago now.... This is a basic feature that could be implements very quickly.
Orbi router are great but the support in general is the biggest downside.
Agree! It is a must have.
Agreed. DNS over TLS is a standard now, and open source software (stubby) has been in use now for a couple of years as the defacto standard for routers. It would be a relatively small work to add this into Advanced settings, at least for the more popular AC class routers and all of the AX class routers. It would also be nice if Netgear had an "enthusiast" version of their firmware and that would probably increase sales as pretty much everyone is using similar HW designs and chipsets. I have heard that the latest Netgear firmware is actually based on OpenWRT, can anyone confirm or deny if Netgear is using OpenWRT as a base?
