FlooydDNS+ Setup guide
Follow the instructions below to set up FlooydDNS+ on your device, browser or router.
Android
Private DNS Android 9 or higher
Go to Settings → Network and internet → Advanced → Private DNS.
Select the Private DNS provider hostname option.
Enter 37b96c.dns.nextdns.io and tap Save.
iOS
Configuration profile iOS 14 or higher
Select FlooydDNS+ or FlooydDNS+ Kids
Windows
DNS over HTTPS for Windows 11
Open the Settings app.
Go to Network & internet.
Click on Wi-Fi (or Ethernet).
Click on Hardware properties, or ignore this step if you clicked on Ethernet.
Click the Edit button next to DNS server assignment.
Select Manual.
Enable IPv4.
Enter 45.90.28.0 as Preferred DNS, then select On (manual template) and enter https://dns.nextdns.io/37b96c.
Enter 45.90.30.0 as Alternate DNS, then select On (manual template) and enter https://dns.nextdns.io/37b96c.
Click Save.
IPv6 Support for Windows
Click on the Start menu, then click on Control Panel.
Click Network and Internet, then click Network and Sharing Center.
Click Change adapter settings.
Right-click on the Wi-Fi network you are connected to and click Properties.
Select TCP/IP Protocol Version 6 (TCP/IPv6).
Click on Properties.
Click Use the following DNS server addresses.
Replace the current addresses (if any) with 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c.
Click OK, then Close. You may need to restart your browser.
IPv4 (with linked IP)
Click on the Start menu, then click on Control Panel.
Click Network and Internet, then click Network and Sharing Center.
Click Change adapter settings.
Right-click on the Wi-Fi network you are connected to and click Properties.
Select TCP/IP Protocol Version 4 (TCP/IPv4).
Click on Properties.
Click Use the following DNS server addresses.
Replace the current addresses (if any) with 45.90.28.139 and 45.90.30.139.
Click OK, then Close. You may need to restart your browser.
macOS
Configuration profile macOS Big Sur or higher
Select FlooydDNS+ or FlooydDNS+ Kids
IPv6 Support for macOS
Open System Preferences and click on Network.
Select the network you are connected to and click on the Advanced button.
Go to the DNS section.
In the list of DNS servers, remove all addresses (if any) and add 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c .
Click OK and then Apply.
IPv4 (with linked IP)
Open System Preferences and click on Network.
Select the network you are connected to and click on the Advanced button.
Go to the DNS section.
In the list of DNS servers, remove all addresses (if any) and add 45.90.28.139 and 45.90.30.139 .
Click OK and then Apply.
Linux
systemd-resolved
Use the following in /etc/systemd/resolved.conf
or IPv6 Support for Linux
Change your DNS servers to 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c.
or IPv4 (with linked IP)
Change your DNS servers to 45.90.28.139 and 45.90.30.139.
or dnsmasq
Use the following in dnsmasq.conf
or Stubby
Use the following in stubby.yml
⚠️ Make sure that Stubby is linked to OpenSSL 1.1.1 or higher, as earlier versions will not work with FlooydDNS+
or DNSCrypt
Use the following in dnscrypt-proxy.toml
or Knot Resolver
Use the following in /etc/kresd/custom.conf
or cloudflared
Use the following in /usr/local/etc/cloudflared/config.yml
or Unbound
Use the following in unbound.conf
⚠️ As a recursive resolver, Unbound looks for CNAMEs. This can result in unexpected behavior when used in conjunction with a blocking DNS resolver like FlooydDNS+. See github.com/NLnetLabs/unbound/issues/132
Chrome OS
Secure DNS
Open the Settings app.
Go to Security and Privacy.
Enable Use secure DNS.
Select With: Custom, then enter https://dns.nextdns.io/37b96c.
IPv6 Support for Chrome OS
Change your DNS servers to 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c.
IPv4 (with linked IP)
Change your DNS servers to 45.90.28.139 and 45.90.30.139.
Browsers
Go to Settings.
In the Privacy and security section, click Security.
In the Advanced section, enable Use secure DNS.
Select With: Custom and enter https://dns.nextdns.io/37b96c.
Open Preferences.
Scroll down to the Network Settings section and click Settings.
Scroll down and check Enable DNS over HTTPS.
Select Custom, enter https://dns.nextdns.io/37b96c and click OK.
Enter "about:config" in the address bar (and click I accept the risk! if prompted).
Set network.trr.mode to 3.
Open Settings.
Go to the privacy, search and services section.
Under Security, enable Use secure DNS to specify how to look up the network address of websites.
Choose a service provider, type https://dns.nextdns.io/37b96c.
Open Settings.
In the Privacy and security section (under Additional settings), go to Security.
In the Advanced section, turn on Use secure DNS.
Select With: Custom and enter https://dns.nextdns.io/37b96c.
Routers
IPv6 Support for Routers
Open your router's preferences. You can usually access them from your browser via a URL (such as http://192.168.0.1/ or http://192.168.1.1/).
Locate the DNS settings within the interface.
Remove all addresses (if any) and add 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c.
Click Save (or similar).
⚠️ Some routers may not support the IPv6 notation above. In this case, use 2a07:a8c0:0000:0000:0000:0037:b96c and 2a07:a8c1:0000:0000:0000:0037:b96c.
IPv4 (with linked IP)
Open your router's preferences. You can usually access them from your browser via a URL (such as http://192.168.0.1/ or http://192.168.1.1/).
Locate the DNS settings within the interface.
Remove all addresses (if any) and add 45.90.28.139 and 45.90.30.139.
Click Save (or similar).
dnsmasq
Use the following in dnsmasq.conf
Stubby
Use the following in stubby.yml
⚠️ Make sure that Stubby is linked to OpenSSL 1.1.1 or higher, as earlier versions will not work with FlooydDNS+.
pfSense
Go to Services → DNS resolver and on the General settings tab scroll down to the Custom options box.
Enter the following lines
DNSCrypt
Use the following in dnscrypt-proxy.toml
Knot Resolver
Use the following in /etc/kresd/custom.conf
Unbound
Use the following in unbound.conf
⚠️ As a recursive resolver, Unbound looks for CNAMEs. This can result in unexpected behavior when used in conjunction with a blocking DNS resolver like FlooydDNS+. See https://github.com/NLnetLabs/unbound/issues/132
MikroTik
Run the following
Use FlooydDNS+ as a global nameserver
Use FlooydDNS+ as a global nameserver to route DNS queries from all devices on your tailnet to NextDNS.
To add FlooydDNS+ as a global nameserver:
Open the DNS page of the admin console.
Go to Nameservers, then select NextDNS from the Add nameserver drop-down list.
Enter 2a07:a8c0::37:b96c and 2a07:a8c1::37:b96c for your NextDNS profile. This address is available in the Endpoints section of the setup tab of the NextDNS web console.
Click Save. The NextDNS profile will save as a global nameserver for your profile ID. One NextDNS IPv6 address will automatically add all IPv6 addresses for that profile.
Select Override local DNS to force devices to use NextDNS as a global nameserver instead of what is locally configured on each device.
Last updated