Changing upstream server without GUI

The issue I am facing:
I've installed Pi-Hole without GUI, however now I want to use unbound, hence change the upstream server of the Pi-Hole server. I've found articles about changing pihole.conf and dnsmasq.conf, however, after restarting the service (and even the server) I keep getting the originally-configured upstream server as lookup (when using dig)

Details about my system:
Latest pihole + FTL, no web, running Buster @ rpi4b

What I have changed since installing Pi-hole:
Nothing yet, that's the point :slight_smile:

Thanks in advance!


pihole -a setdns IP

If I do that, I still get dig-lookups from the original DNS. Am I relying too much on dig? Should I restart dnsmaq or something else?

Usually, Pi-hole is restarting the dnsmasq core automatically.

nanopi@nanopi:~$ pihole -a setdns
  [✓] Restarting DNS server
nanopi@nanopi:~$ pihole -a setdns
  [✓] Restarting DNS server

You should not have dnsmasq installed alongside with Pi-hole.

To verify your setting see the output of

cat /var/log/pihole.log |grep nameserver

Probably. From what machine are you running the dig? Can you give an example?

This gives...
Apr 7 15:07:57 dnsmasq[2658]: using nameserver
... which is good, since i used cloudflare as an alternative upstream DNS. So that seems to work.

As a matter of fact, dnsmasq isnt installed on my machine! Sorry bout that!
If I run dig from any of the LAN-machines, I get the pihole's IP as lookup server. If I use dig on the pihole itself, it gives the old (non-cloudflare) upstream dns:

Dig on google results in:

; <<>> DiG 9.11.5-P4-5.1+deb10u3-Raspbian <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60280
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 4ee7eee6fa8218a2875ca42d606db13409f86a2bbb47191c (good)
; IN A


;; AUTHORITY SECTION: 164707 IN NS 164707 IN NS 164707 IN NS 164707 IN NS

;; Query time: 12 msec
;; WHEN: Wed Apr 07 15:18:44 CEST 2021
;; MSG SIZE rcvd: 155 is the old upstream DNS, even after using your setdns command. Am I being plain dumb right now? :slight_smile:

No, you just forgot that your rpi4b isn't using Pi-hole as DNS server. Your device hosting the Pi-hole software is using Configuring an other DNS server than Pi-hole for the Pi-hole device is not a bad idea at all. In case it would send all DNS requests to Pi-hole and there would be a problem with the Pi-hole software you might not be able to reinstall Pi-hole as you would need a working internet connection (and DNS resolution) to do so.

In case you run Raspbian:

1 Like

Makes sense! I've changed the nameserver in dhcpd.conf and after restarting the corresponding service, it works like a charm. For anyone wondering (for me it was nice to see) that this doesn't affect LAN-clients. So thanks for the great help!

If you want to use unbound, why are you still providing an alternative upstream DNS resolver? Your upstream DNS traffic can go to either of these resolvers, which essentially defeats the purpose of installing unbound in the first place.

You're absolutely right. It was merely a test to see if I was able to change my upstream DNS in the first place. I was feeling a bit unsure about it and turns out: I needed this topic to get some answers :slight_smile: I will obviously change it to the unbound entry now.