First, let me say that I have searched SNB and other fora, and gotten too much conflicting and out-of-date information. I am tired or running around in circles. So I am posting my needs here, in the hope of getting consolidated latest and greatest guidance.
I have a home network, based on an Asus RT-AC68U router, running Asuswrt Merlin 386.7_2. There are two pi-holes on the local network, which both include Unbound resolvers. Here is my wishlist:
1. Devices connecting to the LAN, including guests, should be issued the addresses of both pi-holes for DNS. If one pi-hole is unavailable, the other will provide redundancy.
2. The pi-holes should see queries as originating from the requesting devices, and not from the router.
3. Any DNS requests attempting to bypass the pi-holes (hard-coded, DoT, DoH, Google, etc.) should be intercepted, except,
4. The pi-holes' Unbound resolvers should naturally have WAN access to work.
5. All the above for both IPv4 and IPv6.
6. Router DDNS, NTP should work. Personally, I do not need AiProtection, VPN or other services that may(?) depend on router DNS control.
I think a concise guide to achieving each of the above would be a boon to the community! Ideally, all configuration should be possible with the GUI. I hope I am not asking too much!
I have a home network, based on an Asus RT-AC68U router, running Asuswrt Merlin 386.7_2. There are two pi-holes on the local network, which both include Unbound resolvers. Here is my wishlist:
1. Devices connecting to the LAN, including guests, should be issued the addresses of both pi-holes for DNS. If one pi-hole is unavailable, the other will provide redundancy.
2. The pi-holes should see queries as originating from the requesting devices, and not from the router.
3. Any DNS requests attempting to bypass the pi-holes (hard-coded, DoT, DoH, Google, etc.) should be intercepted, except,
4. The pi-holes' Unbound resolvers should naturally have WAN access to work.
5. All the above for both IPv4 and IPv6.
6. Router DDNS, NTP should work. Personally, I do not need AiProtection, VPN or other services that may(?) depend on router DNS control.
I think a concise guide to achieving each of the above would be a boon to the community! Ideally, all configuration should be possible with the GUI. I hope I am not asking too much!