What's new

Pihole DNS

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Add CleanBrowsing addresses to Custom 1 and Custom 2, if not available in pre-selected servers already. Uncheck everything else to use CleanBrowsing only. You guys really need to read more about Pi-hole uses and configuration. This looks like random clicking and trying if you still have Internet.
 
Add CleanBrowsing addresses to Custom 1 and Custom 2, if not available in pre-selected servers already. Uncheck everything else to use CleanBrowsing only. You guys really need to read more about Pi-hole uses and configuration. This looks like random clicking and trying if you still have Internet.
I can list a few methods to configure pihole and the router. There are atleast 3 or 4 different methods I have used in the past that have all worked well. But now I have by far the cleanest method, but most people new to this get easily confused so I try not to share to prevent the onset of confusion. @bennor Typically has the atypical recommended method that piholes site recommends as the "default" method over LAN DNS, it works well but can have leaks with devices that don't accept the dhcp configuration advertised by the router. Then users have to resort to using the firewall to force clients to use pihole, those requests appear as though they are "the router" as the client.
 
Can you be so kind to explain what is difference of adding the dns sever in custom 1..2 or just having 192.168.1.1 which is telling pihole to use the same upstream dns server?
 
I saw a comment from Merlin https://www.snbforums.com/threads/pihole-dns-server.82129/post-806428
he say there:

If you want to cover the whole LAN:

1) WAN set to ISP DNS - - - different with me is i use clean browsing, not isp
2) PiHole upstream DNS set to router IP <------ HERE
3) DNS Director set to force the use of the PiHole IP (per client or globally), or LAN DNS set to PiHole IP

this is how mine is set. are you saying this is wrong?
 
I saw a comment from Merlin https://www.snbforums.com/threads/pihole-dns-server.82129/post-806428
he say there:

If you want to cover the whole LAN:

1) WAN set to ISP DNS - - - different with me is i use clean browsing, not isp
2) PiHole upstream DNS set to router IP <------ HERE
3) DNS Director set to force the use of the PiHole IP (per client or globally), or LAN DNS set to PiHole IP

this is how mine is set. are you saying this is wrong?
I wouldn't say it is wrong; however, it is one way it can be configured. All request that get sent via DNS Director will have no client information. They will appear as though the router made the request. If you are fine with that, feel free to go on your merry way.
 
Not sure how helpful this is but I have my setup as follows:

  • Primary DNS: RPI running dietpi with adguard home and unbound setup (mainly automatically configured/setup managed)
  • Secondary DNS: NextDNS on a their free service (<300k lookups/mth i think) - this is used to catch stuff that does go through primary (e.g. if i need to reboot primary). Also allows me to use nextDNS app to block ads on my iphone when off the LAN
  • WAN DNS: set to google DNS or my ISP (don't care really as not really used - only by router f/w stuff)
  • DHCP DNS: set to primary and secondary as outlined above. All clients using DHCP...
  • DNS Director: Off (not needed for me. I have local client name lookup/resolution by adding the following to unbound config) - [//50.168.192.in-addr.arpa/lan/local/]192.168.50.1:53
 
I saw a comment from Merlin https://www.snbforums.com/threads/pihole-dns-server.82129/post-806428
he say there:

If you want to cover the whole LAN:

1) WAN set to ISP DNS - - - different with me is i use clean browsing, not isp
2) PiHole upstream DNS set to router IP <------ HERE
3) DNS Director set to force the use of the PiHole IP (per client or globally), or LAN DNS set to PiHole IP

this is how mine is set. are you saying this is wrong?
Here is my method

Post in thread 'Pihole DNS Server' https://www.snbforums.com/threads/pihole-dns-server.82129/post-806485
 
I wouldn't say it is wrong; however, it is one way it can be configured. All request that get sent via DNS Director will have no client information. They will appear as though the router made the request. If you are fine with that, feel free to go on your merry way.
ok. at least I feel good to know the way I have it is not incorrect, specially if Merlin say to use it :)
I knew was correct way just not sure what was the difference comparing both ways.

thank you for helping.
 
ok. at least I feel good to know the way I have it is not incorrect, specially if Merlin say to use it :)
I knew was correct way just not sure what was the difference comparing both ways.

thank you for helping.
It is the most preferred method since most people don't feel comfortable using custom scripts and having a simple webui method makes it easy to explain.
 
@bennor hello, I notice if I set "Router" as the global Redirection.. Safari browser on iOS is able to bypass the router's DNS settings...but If I set it to use USER Define DNS 1 (which has the Pihole IP), then it fixes the issue and Safari browser does not bypass pihole.

I have Pihole set in the LAN DCHP and Advertise router's IP in addition to user-specified DNS set to "No".. so everything on this guide is the same except the Global Redirection, which I had it as you said, but noticed this issue with Safari.. only safari browser bypassing the Pihole.. but this was fixed after using User Define DNS 1... is this OK to use or, what is the difference between using Router and User Define DNS 1?
 
No difference from the router’s perspective. The rules in both scenarios redirect queries to the PiHole IP, since LAN DHCP DNS1 is not blank.
That's what I thought.. I wonder why Safar browser on my iphone is able to bypass the Pihole when set to Router...no other app or device can as they are all forced to use Pihole, but for some reason only the safari browser is able to...very strange.
 
Maybe some suggestions here might help:
And maybe here:
 
I think I found what the issue was. I had set Pihole for only devices listed in the DNS Director list. But recently decided to make it so all devices use Pihole by adding DNS server under LAN DHCP. Since my iPhone was listed under DNS Director list and sometimes iOS would switch MAC addresses, I think is the reason Safari would bypass the filtering.

Now that I have removed the iPhone from the DNS Director list, the issue is gone and I have not been able to replicate it.
 
and sometimes iOS would switch MAC addresses

You can disable randomized MAC addresses for your network. Settings, Wi-Fi, tap on i next to the SSID, disable Private Wi-Fi Address.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top