I’m not a networking expert, so please bear with me. I’ve got a self hosted Pi Hole at 192.168.1.10 and added some entries to Local DNS. E.g. I added “pi.nl” to point to my Pi Hole server.

In my router at 192.168.1.1 , I’ve configured 192.168.1.10 as DNS server, and in the DHCP settings I’ve set 192.168.1.1 as DNS Reason for this is that I’ve got a Guest WiFi which does not have local LAN access, so those clients wouldn’t be able to use 192.168.1.10. I also don’t want to set a public DNS server as second in DHCP as I’ve noticed that then clients may start using that one if the Pi Hole doesn’t respond quickly enough.

On clients, Pi Hole ad blocking works fine, e.g. blocked entries are not resolved. However, the local DNS entry does not resolve. See command output below. Why doesn’t that work?

C:\Users\admin>nslookup pi.nl 192.168.1.10
Server:  pi.hole
Address:  192.168.1.10

Name:    pi.nl
Address:  192.168.1.10

C:\Users\admin>nslookup pi.nl
Server:  smart.mesh
Address:  192.168.1.1

*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for pi.nl

For adblocked entries, the response is slightly different. Pi Hole responds with 0.0.0.0 whereas via the router I just don’t get an empty response:

C:\Users\admin>nslookup 2no.co 192.168.1.10
Server:  pi.hole
Address:  192.168.1.10

Name:    2no.co
Addresses:  ::
          0.0.0.0

C:\Users\admin>nslookup 2no.co
Server:  smart.mesh
Address:  192.168.1.1

Name:    2no.co
Address:  ::

Isn’t it possible what I want to do?

  • dzaffaires@sh.itjust.worksEnglish
    5·
    1 year ago

    Well, your Guest Wi-Fi can either have access to the pihole server and have its benefits, or point them to a public DNS. You can’t block access to the dns server for your guest network and hope it works - because it’s blocked. Personally I’d give Guest Wi-Fi a public DNS, as you won’t have much fun when an app of your friend’s stop working and you have to fiddle and work it out.

    If you point the guest network’s dns to the gateway, that gateway needs to know what to do with those requests. Either it has a resolver locally or it mist forward it elsewhere.

    • sylverstream@lemmy.nzOPEnglish
      1·
      1 year ago

      If you point the guest network’s dns to the gateway, that gateway needs to know what to do with those requests. Either it has a resolver locally or it mist forward it elsewhere.

      Yep, you’re correct, and that’s working as expected except for Pi Hole Local DNS entries. I’ve configured DNS in DHCP to the Gateway and I can successfully access the internet on my Guest WiFi network. It resolves ALL DNS entries correctly, except for Local DNS entries configured in Pi Hole.

    • eroc1990@lemmy.parastor.netEnglish
      1·
      1 year ago

      Depending on the hardware, you could totally allow access to port 53 via a firewall rule. Unifi does this transparently if you configure a DNS server running on a vlan other than the one you’re connected to.

      • sylverstream@lemmy.nzOPEnglish
        1·
        1 year ago

        My router is very basic, so it’s all or nothing, i.e. can’t configure VLAN or firewall rules.

  • 9krpm@sh.itjust.worksEnglish
    1·
    1 year ago

    I am not sure but I think I saw somewhere you need to set your pi hole as the DHCP server in order successfully resolve your local DNS entries, can’t remember where.

  • redemon@lemmy.worldEnglish
    1·
    1 year ago

    Do you have conditional forwarding enabled in pihole settings? I think you need that.