Hello,
I am new to Pi-hole but it intrigues me as an alternative to ad-block etc.
I use Shorewall on my two-NIC Debian server.
This box serves as my LAN Gateway/DHCP/NTP/Firewall.
It connects to FIOS router on one NIC and my LAN on the other.
I have been doing this for about 25 years and it works very well for me.
I am wondering if I can also setup Pi-hole on this same box and have it co-exist with my firewall [Shorewall]. I ONLY want Pi-hole to do DNS lookups - not DHCP, as I have that configured for all of my IOT and guest networking with reserved IPs and reserved ranges and I really don't want to have to reconfigure everything. I am fine changing DNS on all static devices and to have DHCPD point to Pi-hole.[I mostly use static IPs and hosts file entries to name things and keep my life neat and easy].
I have another Debian box on my LAN setup as a PLEX server/LAMP server and I could use that if I need to, but I like the idea of having one 'appliance' Debian box that does everything I need.
I am building a new Gateway and if possible I'd like to add Pi-hole to the mix.
Is this worth trying to accomplish or more work than needed.
Other options are an Oracle free Cloud VM, but that's also a good bit of work.
Thanks in advance for any advise and for your time.
Best, and Happy Holidaze.
What software is handling DHCP on your Debian server?
What machine is your network's current DNS server?
Hello,
Thanks for the reply.
DHCPD is performing that service.
I just use openDNS for DNS at the moment and it has served me well for years:
208.67.222.222
208.67.220.220
I am double NAT'ed:
FIOS provides 192.168.1.*
Internally I use 10./4 broken into segments
My concern is that Pi-hole will fight with Shorewall.
If I need to get a mini-PC for Pi-hole that's okay too.
Thanks again.
Pi-hole should be fine running besides any additional software, provided that its own requirements are met - see Prerequisites - Pi-hole documentation.
The main area of concern would be potential conflicts over port 53.
ISC's DHCPD would not bind that, so Pi-hole's DNS service should be able to run.
Pi-hole's DHCP server is optional, so it won't interfere with your DHCPD, unless you would opt to activate it explicitly.
Note that some OS releases may utilise a stub resolver to cache DNS replies locally which would claim port 53. If yours does, you'd have to disable or uninstall that.
Another concern could be local name resolution, but based on your description, that's probably not relevant, since you state you are not running a local DNS server, clients using public DNS servers instead.
Good Day,
Thank you so much for your thorough and helpful explanation and addressing my concerns.
I am building my new 'appliance' now and hope to have it fully setup, including Pi-hole in the next couple days.
I only heard of Pi-hole a few weeks ago when I also learned that Oracle offers a free cloud VM, and they mentioned that they were going to setup a cloud Pi-hole server.
I should probably get out more.
Again, many thanks for your time, expertise, and patience.
Please have a safe Holiday.
Best Possible Regards.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.