Can someone explain local name resolution when Pihole is NOT the DHCP server, but relies on the router?

emk2203 · September 12, 2018, 10:43am

I have setup Pihole in a way that the DHCP stays on the router, a RouterOS device, and Pihole acts as the DNS for the network. Since Pihole 4.0, it is possible to have local host names in the dashboard if you set up your local domain (.lan in my case) name on the Pihole.

This works in general, but is a bit quirky, so I would like to know more details how this is achieved behind the scenes.

Can someone enlighten me?

Mcat12 · September 12, 2018, 3:39pm

When a request comes in for a .lan domain or a reverse-lookup of a local address, Pi-hole uses the router as the upstream.

emk2203 · September 12, 2018, 8:01pm

Um, yeah, that's apparent by its behavior. I am more interested how exactly is it doing this.

deHakkelaar · September 12, 2018, 8:13pm

How exactly do you want

https://github.com/dnsmasq/dnsmasq

emk2203 · September 13, 2018, 9:53am

Exact enough to follow the details on the device and learn where the quirky behavior comes from. The way it works here, local clients are not seen on a first request, but a repeat shortly after finds the devices no problem. I would like to learn more about how exactly local clients are handled.

More specific:

What happens when a local device is called and Pihole is queried? Where are the requests going?
Is the request forwarded to the DHCP server, or to a local DNS server running on the router?
In what form is it answered or passed back to the Pihole?
What are implicit assumptions for the system to work (local DNS server on router, maybe?)

Come on, it shouldn't be too difficult to explain the process. I looked into dnsmasq once even before Pihole was a thing, I am not looking forward to examine it again just to find out how this detail is handled.

Mcat12 · September 13, 2018, 3:06pm

The code is simple, it just adds two config entries to a dnsmasq config. The rest is handled by dnsmasq:

github.com

pi-hole/pi-hole/blob/ddbdb51d209fa9eea2451a1bebfaeaef23a9b77b/advanced/Scripts/webpage.sh#L208-L211


      
          if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
              add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}"
              add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}"
          fi

Dnsmasq server documentation:

--server=[/[]/[domain/]][[#][@|[#]]
Specify IP address of upstream servers directly. Setting this flag does not suppress reading of /etc/resolv.conf, use -R to do that. If one or more optional domains are given, that server is used only for those domains and they are queried only using the specified server. This is intended for private nameservers: if you have a nameserver on your network which deals with names of the form xxx.internal.thekelleys.org.uk at 192.168.1.1 then giving the flag -S /internal.thekelleys.org.uk/192.168.1.1 will send all queries for internal machines to that nameserver, everything else will go to the servers in /etc/resolv.conf. DNSSEC validation is turned off for such private nameservers, UNLESS a --trust-anchor is specified for the domain in question. An empty domain specification, // has the special meaning of "unqualified names only" ie names without any dots in them. A non-standard port may be specified as part of the IP address using a # character. More than one -S flag is allowed, with repeated domain or ipaddr parts as required.

www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

emk2203 · September 13, 2018, 3:46pm

Thanks! This is the information I was looking for.