How to Setup PiHole as DNS in Router While Keeping Clients Visible to Pihole

peuwayaqdq on 26/07/2024 - 19:39

Hi all, I am looking for some help in setting up my PiHole. I have been using it for years and it is great to keep all the ads and trackers away.

I set my router's DNS pointing to the PiHole IP address so I don't need to manually set the DNS of each device. Which works well, except the client visible to PiHole is only one, which is my router.

Is there a way to make PiHole see the device that making requests without having to set up DNS on each device? I hope that makes sense.

One or the reasons I want to do that is because I get this warning:

Client xxx.xxx.x.x has been rate-limited (current config allows up to 1000 queries in 60 seconds

But I also want to have visibility of each device's requests.

Thank you in advance.

Computing

Comments

  • askbargain on 26/07/2024 - 19:42
    +2

    you need to change dhcp settings not router dns

    • peuwayaqdq on 26/07/2024 - 19:49

      Do you mean to use PiHole as DCHP server? I am worried that my device (orange pi) is not powerful enough for that. Should it be fine?

  • Switchblade88 on 26/07/2024 - 19:56

    Simplest option might be to swap to Pihole's DHCP server - enable and configure it in Pihole (settings -> DHCP tab), then DISABLE the DHCP server on your router.

    If you've got the same/similar IP ranges then you shouldn't lose much connectivity and clients should swap to the new DHCP server once their lease expires.

    You won't have any issues with the Orange Pi; it's not a CPU intensive task at all

    • peuwayaqdq on 26/07/2024 - 20:12
      +1

      Ah okay… I'll try that. Thanks.

    • peuwayaqdq on 26/07/2024 - 21:22

      Uhm, my router (TP-LINK X20) doesn't support turning off DCHP server. There is no way to turn it off :-(

      • Switchblade88 on 26/07/2024 - 21:44
        +2

        Oh NO! That sucks, and is terrible design

        One solution was to minimise the DHCP range on the X20 then set those addresses as reserved, so then they won't clash with the Pihole. Sounds like it should work, in theory…

      • ldd-mn on 26/07/2024 - 21:52

        Move from Pihole to AdGuard Home (it's better), and change the DNS server in your router DCHP settings to AdGuard Home. Don't change the DNS server under Network > Internet, change it under Network > DCHP Server.

        • peuwayaqdq on 27/07/2024 - 07:06
          +1

          Can I do the same (assign the DNS under DCHP Server if I still use PiHole?

        • brifog on 27/07/2024 - 09:16

          Ive been using Pihole for years, curious how Adguard is better?

          • ldd-mn on 27/07/2024 - 10:03

            @brifog: Better UI, native DoH and DoT support are the main ones for me. Also built in forced safe search and adult content filtering.

            • brifog on 27/07/2024 - 11:01

              @ldd-mn:

              adult content filtering

              I see this as a negative

          • Bruceflix on 27/07/2024 - 10:16

            @brifog: Used both, actually prefered pihole but too lazy to change back. None is better than the other and they both can do the same

  • Shifter0183 on 26/07/2024 - 20:40
    +2

    Since the others have given you the solution to the DHCP problem, the rate limiting problem can be fixed by going to Settings > DNS > Advanced DNS > Rate limiting. Just change the settings to the appropriate values (e.g. if you want 10k per minute before it blocks the client, change the first box value to 10000 and leave the second one alone).

    • peuwayaqdq on 26/07/2024 - 20:53

      Thanks @Shifter0183. I realised that setting can be changed, but I was wondering if the default 1000 is set for a reason. How do I know what's the best setting?

      • Shifter0183 on 26/07/2024 - 22:30
        +1

        I would hazard a guess the 1000 requests is just a conservative number that the devs thought wouldn't cause issues in 99.999% of deployments. Since I don't know your circumstances or setup, you could do trial and error and keep bumping it up until you see it affecting the other devices on your network. If you want, let me know via pm and I can try to find the limit on a pi-4 or on a R9 5950x until it breaks and give you a ballpark number. Generally DNS lookups are really lightweight and shouldn't cause too much strain on your device unless you are doing something like funneling hundreds of devices and each of them is seriously broken trying to DOS/DDOS someone.

        Also, if it is only 1 device that is causing you issues, you could try determining the root cause and fixing the issue (PM me if you need help with this).

        • peuwayaqdq on 27/07/2024 - 06:35

          Thank you for the offer to help @Shifter0183. I will raincheck, and PM you if I need help.

          For now I think the issue with rate limiting is just because all requests coming from one device, ie the router. I have increased it to 5000 and see how it goes.

Login or Join to leave a comment
Login Join