I am lost in a rabbit (Pi-) hole.

Jump to latest Follow Reply
IncrHulk

IncrHulk

Ars Praefectus
3,460
Subscriptor++
  • #1
    For the longest time I've run a Windows DNS configuration on my home network. I'm semi-retiring that as I re-arrange my lab setup at home. Inspired by the Doing DNS... article and the odd way white lists are (sort of) configured in Unifi's UDM (P-SE) networking app, I moved DNS to Pi-Hole and Unbound. Except I need help to resolve FQDN on my internal network.

    DHCP is handled by the router now and not the (retired) Windows servers. DNS is configured to direct all queries to the Pi-hole IP, and I have a firewall rule set to allow traffic from the local networks to port 53 on the Pihole. Upstream DNS requests are passed to Unbound.

    Pinging a device with hostname.local works, but pinging hostname.my.local.domainname doesn't work. It returns "ping could not find host..." (or the equivalent error in MacOS).

    How do clients register DNS with (I'm guessing) unbound, or have unbound query my router for DNS for the local domain name? Google-fu isn't helping much.
     
    Last edited:
    IncrHulk

    IncrHulk

    Ars Praefectus
    3,460
    Subscriptor++
  • #3
    brendan_kearney said:
    not sure how you can do this, but the DHCP instance on your router needs to perform DDNS updates to your DNS server (pi-hole). that is probably why you are not getting A <-> PTR mappings. you could turn off DHCP on your router, and enable it on your pi-hole, so that you get that done natively, all within the pi-hole.
    Click to expand...
    I've been eying that as a possible route (ha!). I don't see anything pointing to Pi-Hole being well-equipped to handle multiple VLANs/subnets. I have three currently, not including the default. Workstations/Servers, IOT, Lab. Pi-Hole only seems to be able to handout DHCP for a single subnet.

    I may wind up walking through the exercise Lee put together and stand up Bind for local, and Pi-Hole and unbound for recursive. Which also means having to logic that out. I think it would looks something like this:

    client->pi-hole->BIND->unbound->the wilds.

    EDIT: stuck Bind in wrong place.
     
    Last edited:
    S

    spiralscratch

    Ars Tribunus Militum
    2,379
    Subscriptor
  • #4
    That should work. It's similar to, but a bit different from, my setup.

    I have FreeIPA (uses BIND for DNS FWIW) for my LAN. All nodes are set up to use the Pi-Hole for DNS, which is then configured to point to FreeIPA for the local domain via the Conditional Forwarding option at Settings>DNS. The Pi-Hole forwards any non-local queries to an Unbound resolver (which then uses DNS over TLS to get answers from Cloudflare/Quad9). DHCP is a separate ISC server.
     
    • Like
    Reactions: continuum and IncrHulk
    asbath

    asbath

    Ars Legatus Legionis
    14,170
    Subscriptor++
  • #6
    This is not a solution for your issue, but have you considered AdGuard Home? I just recently switched to AGH, and for the most part it's a drop-in replacement for my Pi-Hole.

    Some other people also say that AGH is easier to configure with reverse proxy services. I don't have any experience in that, so I can only relay their anecdata to you via this game of online broken telephone.

    I was very happy with Pi-Hole and have nothing but accolades for it. I just wanted to try something new, and find AGH to be easier to configure than Pi-Hole.
     
    You must log in or register to reply here.
    Jump to latest Follow Reply
    Jump to latest Follow Reply