You're overcomplicating this.
Set DHCP on router to hand out PiHole IP as DNS via LAN DHCP DNS field.
Set PiHole to use router IP as forwarding DNS Server.
Configure router with DoT and your preferred DoT resolvers.
Can you or anyone else help me getting Pi-Hole running correctly on 86U with latest Merlin?
Router 192.168.0.1 (DHCP on with 40 static IP's assigned one of which is the Pi-Hole @ 192.168.0.5)
Pi-Hole 192.168.0.5 (DHCP off)
No matter what settings I try I either can't resolve addresses or I can resolve and ads don't block....haha
I've completely removed Diversion but left Skynet on the router. Not sure if this is possible running Pi-Hole though?
Router Page;
LAN > DHCP Server > DNS and WINS Server Settings >
DNS Server 1 = 192.168.0.5
Advertise router's IP in addition to user-specified DNS = ?
WAN > WAN DNS Settings >
Connect to DNS Server automatically = No
DNS Server 1 = ?
Forward local domain queries to upstream DNS = ?
Enable DNS Rebind protection = Yes
Enable DNSSEC support = Yes
Validate unsigned DNSSEC replies = Yes
Prevent client auto DoH = Auto
DNS Privacy Protocol = DoT
DNS-over-TLS Profile = Strict
Preset servers = 1.1.1.1, 1.0.0.1
Pi-Hole Page;
Settings > DNS
Upstream DNS Servers = ?
Never forward non-FQDNs = Yes
Never forward reverse lookups for private IP ranges = Yes
Use DNSSEC = No
Use Conditional Forwarding = No
Where am I going wrong? Do I need to open ports or something?