How to Setup PiHole as DNS in Router While Keeping Clients Visible to Pihole

peuwayaqdq on 26/07/2024 - 19:39

Hi all, I am looking for some help in setting up my PiHole. I have been using it for years and it is great to keep all the ads and trackers away.

I set my router's DNS pointing to the PiHole IP address so I don't need to manually set the DNS of each device. Which works well, except the client visible to PiHole is only one, which is my router.

Is there a way to make PiHole see the device that making requests without having to set up DNS on each device? I hope that makes sense.

One or the reasons I want to do that is because I get this warning:

Client xxx.xxx.x.x has been rate-limited (current config allows up to 1000 queries in 60 seconds

But I also want to have visibility of each device's requests.

Thank you in advance.

Computing

Comments

  • askbargain on 26/07/2024 - 19:42
    +3

    you need to change dhcp settings not router dns

    • peuwayaqdq on 26/07/2024 - 19:49

      Do you mean to use PiHole as DCHP server? I am worried that my device (orange pi) is not powerful enough for that. Should it be fine?

      • askbargain on 26/07/2024 - 19:57
        +2

        step 3 here

        https://pi-hole.net/

        • peuwayaqdq on 26/07/2024 - 20:12

          Thanks

          • bamzero on 28/07/2024 - 03:28
            +1

            @peuwayaqdq: After setting your DHCP server to assign the Pihole as DNS you may also want to configure conditional forwarding (bottom of the Pihole DNS settings) so it can query your DHCP server for local network device names.

      • munecito on 27/07/2024 - 07:47
        +1

        I use an orange pi zero 2w and it is plenty powerful for pihole serving as dhcp

  • Switchblade88 on 26/07/2024 - 19:56

    Simplest option might be to swap to Pihole's DHCP server - enable and configure it in Pihole (settings -> DHCP tab), then DISABLE the DHCP server on your router.

    If you've got the same/similar IP ranges then you shouldn't lose much connectivity and clients should swap to the new DHCP server once their lease expires.

    You won't have any issues with the Orange Pi; it's not a CPU intensive task at all

    • peuwayaqdq on 26/07/2024 - 20:12
      +1

      Ah okay… I'll try that. Thanks.

    • peuwayaqdq on 26/07/2024 - 21:22

      Uhm, my router (TP-LINK X20) doesn't support turning off DCHP server. There is no way to turn it off :-(

      • Switchblade88 on 26/07/2024 - 21:44
        +2

        Oh NO! That sucks, and is terrible design

        One solution was to minimise the DHCP range on the X20 then set those addresses as reserved, so then they won't clash with the Pihole. Sounds like it should work, in theory…

      • ldd-mn on 26/07/2024 - 21:52

        Move from Pihole to AdGuard Home (it's better), and change the DNS server in your router DCHP settings to AdGuard Home. Don't change the DNS server under Network > Internet, change it under Network > DCHP Server.

        • peuwayaqdq on 27/07/2024 - 07:06
          +1

          Can I do the same (assign the DNS under DCHP Server if I still use PiHole?

        • brifog on 27/07/2024 - 09:16

          Ive been using Pihole for years, curious how Adguard is better?

          • ldd-mn on 27/07/2024 - 10:03

            @brifog: Better UI, native DoH and DoT support are the main ones for me. Also built in forced safe search and adult content filtering.

            • brifog on 27/07/2024 - 11:01

              @ldd-mn:

              adult content filtering

              I see this as a negative

          • Bruceflix on 27/07/2024 - 10:16
            -1

            @brifog: Used both, actually prefered pihole but too lazy to change back. None is better than the other and they both can do the same

  • Shifter0183 on 26/07/2024 - 20:40
    +2

    Since the others have given you the solution to the DHCP problem, the rate limiting problem can be fixed by going to Settings > DNS > Advanced DNS > Rate limiting. Just change the settings to the appropriate values (e.g. if you want 10k per minute before it blocks the client, change the first box value to 10000 and leave the second one alone).

    • peuwayaqdq on 26/07/2024 - 20:53

      Thanks @Shifter0183. I realised that setting can be changed, but I was wondering if the default 1000 is set for a reason. How do I know what's the best setting?

      • Shifter0183 on 26/07/2024 - 22:30
        +1

        I would hazard a guess the 1000 requests is just a conservative number that the devs thought wouldn't cause issues in 99.999% of deployments. Since I don't know your circumstances or setup, you could do trial and error and keep bumping it up until you see it affecting the other devices on your network. If you want, let me know via pm and I can try to find the limit on a pi-4 or on a R9 5950x until it breaks and give you a ballpark number. Generally DNS lookups are really lightweight and shouldn't cause too much strain on your device unless you are doing something like funneling hundreds of devices and each of them is seriously broken trying to DOS/DDOS someone.

        Also, if it is only 1 device that is causing you issues, you could try determining the root cause and fixing the issue (PM me if you need help with this).

        • peuwayaqdq on 27/07/2024 - 06:35

          Thank you for the offer to help @Shifter0183. I will raincheck, and PM you if I need help.

          For now I think the issue with rate limiting is just because all requests coming from one device, ie the router. I have increased it to 5000 and see how it goes.

  • peuwayaqdq on 02/08/2024 - 15:26

    I was waiting for the best time to make the changes by limiting the DHCP range of my Deco and change the DHCP > DNS. Because I know there will be time where everyone will get their internet cut off.

    And that happened. I limit the Deco DHCP to the smallest range it allows (20 IPs) and reserve one IP for my mobile phone where I have the Deco app installed and for the Pi Hole. I created custom IP reservation for the rest (non existence MAC addresses). Then I set the DHCP > DNS to Pi Hole.

    It didn't work. None of the devices (other than my phone and the PiHole) get an IP address and hence they can't get access to the network.

    I try the same set up with AdGuard Home and it is the same. And I know it is not that the DHCP server in Pi Hole or AdGuard Home doesn't work, because I tested it with an old router (where I can disable DHCP) and it works. IP address is issued to the devices connected to that router.

    Now I regretted buying Deco X20 :-( … is there anything else I can try?

    Btw, I like AdGuard Home. I agree it has better UI. And for me the thing that I really like is they have list of services (YouTube, Roblox, etc) that we can switch on and off. I am sure PiHole can do the same, just not as convenience.

  • peuwayaqdq on 04/08/2024 - 18:03

    Updates on this, I keep the AGH as my DNS server and also on my Deco I set my DHCP > DNS to AGH. I don't shorten the range of Deco's DHCP so there are more than enough to assign IP addresses for all my devices. I set the DHCP range in AGH not to overlap with Deco's. For some reason, I start seeing devices getting IP from AGH and I can see traffic from them now.

    Not sure what has changed, but it seems that it is now working as I want it to be.

  • peuwayaqdq on 07/08/2024 - 07:42

    Has anyone experienced login issue to AfterPay when using AGH? I can't login and get a message "Something went wrong" or along that line when I have AGH on. But all is fine once I turn off AGH or choose different DNS in my PC.

Login or Join to leave a comment
Login Join