I'm happily running pi-hole on my lan but what if I'm elsewhere (outside my LAN)? Is there a way to use my pi-hole setup?
Also, if I wanted a friend to access my pi-hole as a test to see the functionality and benefits, is there a way that I could direct external DNS requests to my pi-hole? BTW: the friend is using a Peewee at work and I think they can change their DNS settings.
Thanks,
Robert
The instructions in this thread will set up a VPN path back to your Pi-Hole while you are off your LAN.
https://docs.pi-hole.net/guides/vpn/overview/
Set up the VPN and use that. Opening up any DNS ports to the internet is a bad practice.
Supercool—you guys are the best!
Robert
How do I verify that I didn’t setup an open resolver? Also, why would it be a bad idea to have a DNS server like the pihole on the internet accessible by all?
Thanks,
Robert
Here's a good link for information on open resolvers: http://openresolverproject.org
An open port 53 on the internet is quickly discovered by port scanners and will soon be put to use for nefarious purposes.
You can check your network for open ports at that link or at one of many websites. I generally use Shields Up. First page click "proceed" and on the subsequent page select "all service ports" and it will check your first 1056 ports. This will include port 53 (DNS). The resulting matrix should be green.
Thanks, guys I’ll dig into that open resolver link.... but isn’t Google at 8.8.8.8 an example of an open resolver...?
No. They have sophisticated controls to prevent attacks through their resolvers. So, while accessible, they aren’t considered open resolvers. An open Pi-Hole has no defenses and is an open resolver.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.