@Yesrab 

Kevin_Z wrote

Hello @Yesrab, thank you for asking the community.

 

How about choosing the built-in DNS servers? Will they work?

 

If the built-in DNS servers are working as expected but the NextDNS doesn't work, please provide a screenshot of the page when it indicates a failure. Thanks.

 

Who is your internet provider? Are you able to access the internet properly without the DoT/DoH configuration?

  @Kevin_Z there's no solution here, why is it marked as a solution?

It's more likely NextDNS is not supported.

raven-au wrote

Kevin_Z wrote

Hello @Yesrab, thank you for asking the community.

 

How about choosing the built-in DNS servers? Will they work?

 

If the built-in DNS servers are working as expected but the NextDNS doesn't work, please provide a screenshot of the page when it indicates a failure. Thanks.

 

Who is your internet provider? Are you able to access the internet properly without the DoT/DoH configuration?

  @Kevin_Z there's no solution here, why is it marked as a solution?

 

It's more likely NextDNS is not supported.

  @raven-au which is kind off odd really.

All that should be needed is to specify a custom DoT or DoH host name.

Kevin_Z wrote 

 

 

@raven-au I believe my response was marked as a solution by the OP or a colleague because the OP didn't get back with a result.

 

I agree that it should work by simply entering the hostname in the DoH or DoT settings page. However, we cannot come to a conclusion why it's not working since the OP hasn't verified.

 

We suggest choosing the built-in host names on the router to help clarify whether DoH or DoT is working. Then we can confirm if this is caused by our router or the DoH/DoT server.

  @Kevin_Z yeah, that's probably the first step but it probably doesn't answer the question of why client information is not available.

I don't have a NextDNS subscription any more so I can't check how to setup DoT or DoH but it likely involves including the user config name in the lookup host name and when I last used it that was enough.

Yesrab wrote

TP-Link Archer BE230 V1 - DoH/DoT Not Working Properly with NextDNS

Device: Archer BE230 V1
Firmware Version: 1.1.3 Build 20241211 rel.47943(5553)

I'm experiencing issues with DoH/DoT on my Archer BE230 V1 when using NextDNS. The router either fails to connect entirely, or on rare occasions when it does, it does not send the client list properly.

Issues Observed:

1. Intermittent Connection: The router only connects to NextDNS once in a while (if at all).
2. Unidentified Devices: Even when connected, NextDNS does not recognize individual clients, despite enabling "Authorize Third-Party Services Client Identification" in the settings.
3. No Error Feedback: The DoH/DoT settings page does not indicate whether the connection is failing, making troubleshooting difficult.

Steps Taken:

• Enabled DoH/DoT with NextDNS
• Verified NextDNS setup via CLI on other devices (works fine) but not on this router so the dns itself is functional
• Enabled "Authorize Third-Party Services Client Identification" (no change)
• Checked logs for DoH/DoT failures (no clear errors shown)

Is anyone else experiencing similar issues? Any workarounds or potential fixes? Would appreciate any input from the TP-Link team as well.

Thanks!

  @Yesrab so the actual problem is the intermittent name resolution when Using the NextDNS servers, right?

What did you use for the router DNS settings?

Are you also saying that you have seen other routers for which some sort of client name knowledge is transmitted to NextDNS by the router?

If so where does it say that on the NextDNS web site?

Or are you saying that specific client encrypted dns configurations meant to include the client name in the DNS server name are not working?

You may be right there ... I've subscribed to NextDNS once again and I can say that the Windows app does transmit the client name and the iOS profile setup also does this OK too but Android is yet to work.

I can't check the encrypted DNS router behaviour because the router I'm using doesn't have that feature.

Yesrab wrote

HI yes tplink's DOH and DOT implementation is quite bad and it sometimes works and sometimes uses google's dns and for the other question i think only openwrt sends client info to next dns i could not find any commercial routers that do it appart from GLInet but thats okay since i started to use BE230 as a AP and Mikrotik E50UG as router and its DOH is robust

  @Yesrab or on each client you use the NextDNS app, or encoded name with DoT or DoH, or a NextDNS profile with iPhone, iPad, tvOS, but Android seems anti-encrypted DNS for some unknown reason ...

Network client name handling is very much hit and miss for most routers I have played with ...

I also had problems with the encrypted DNS on GE800 when I was using it ... so IMHO you are quite right about the stability.