Closed BillyJoeJimBob closed 1 week ago
You're right @BillyJoeJimBob , using 0.0.0.0 is the standard and generally recommended method for blocking content in iOS. It effectively prevents devices from connecting to unwanted domains.
Thats why we recommended to use default (0.0.0.0 response) blocking mode, because NXDOMAIN is a DNS response signaling a non-existent domain, not a mechanism designed for content blocking.
Using 0.0.0.0 for content blocking on iOS is indeed more reliable than returning DNS errors (NXDOMAIN) . This is because returning 0.0.0.0, while technically an invalid IP address, doesn't count as a DNS failure and won't negatively impact the DNS server's fail rate. This approach helps maintain a more stable and reliable DNS resolution experience for users on iOS.
Thank you for clarifying the issue.
Please answer the following questions for yourself before submitting a question.
Ask a question
Is the default blocking mode (0.0.0.0) currently the best practice for blocking content in iOS or is there any reason to use NXDOMAIN? I am asking because I have seen conflicting information on this recently regarding apple devices, see
https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay
https://github.com/AdguardTeam/AdGuardDNS/issues/60#issuecomment-543079239
Thank you.