Can the Bind9 and pihole together running?

secooonder · July 27, 2019, 2:58pm

Hello
I am using bind9 on Ubuntu 18.04 LTS in my office.Bind9 works good.
i want to setup pihole on my Ubuntu .But both work from the same port.
can the Bind9 and pihole together running?
Can you help me about pihole or bind9 configuration?
Thank you very much for your help

DanSchaper · July 27, 2019, 3:01pm

Only one DNS server can hold port 53 so you would not be able to use both bind and Pi-hole at the same time.

jfb · July 27, 2019, 4:19pm

If you change the port for Bind and use it as an upstream DNS server for Pi-Hole they can coexist.

secooonder · July 28, 2019, 6:02am

DanSchaper and jfp thank you for your answer.

I gave incomplete information,i am so sorry.
i am it department at a hospital.
My ubuntu 18.04 Server is two interface,internal and external.
İnternal interface has a 20 internal computers for dns query.
External interface provides dns service to the outside world.So, i can not change dns port(53).

My aim,internal computers both pihole and bind9 services provided at the same time.

i want to provide single(internal) interface on a ubuntu server with many interfaces for pihole service.is it possible ?
if it above is possible,i want to change pihole port,and then,i want to change first dns port in all internal computer,possible ?
my second aim,The internal computers firstly query pihole,and then pihole service forward bind9 ( pihole upstream server 127.0.0.1:53)
Am i utopik think ?

Thank you.

John_Gruber · July 28, 2019, 5:29pm

I just did this with pihole and a vanilla dnsmasq instance because pi-hole didn’t support domain level whitelisting yet.

For the pihole side I added a /etc/dnsmasq.d/0-limit-access.conf file with this in it:

listen-address=[IP address you want to limit pi-hole to listen on]
bind-interfaces

The interface for pi-hole to use can be managed through the pi-hole admin UI and is found in the /etc/dnsmasq.d/01-pihole.conf file. The above config will be read before the pi-hold conf and will limit pi-hole to listening at the OS level to just the interface defined in the pi-hole admin UI and to the IP address you put in the config file above. This let’s bind9 to bind to another interface and IP address (see you man page for your version of bind9).

You will find that with the above config, pi-hole still wants to listens on 127.0.0.1 (lo). I would let it. If that’s a problem for your bind9 config, you can limit that behavior with the dnsmasq config

except-interface=lo

In the same file above.

deHakkelaar · July 28, 2019, 6:20pm

Another option is to add another second IP address (IP aliasing) to the network interface:

If you bind the daemons (pihole-FTL, named from Bind9 etc) to the appropriate interfaces you can have two DNS servers running on the default port 53 but listening on different IP's.
Same can be done if for example you want to run another web daemon (nginx, apache2 etc) alongside Pi-hole's lighttpd daemon.

system · August 18, 2019, 6:20pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.