Hello
I use pihole with m'y unbound resolver for my own requests
But i would using pihole whith open dns resolver for my childrens requests
Is it possible to ask to pihole using différent resolver depending ip source about client request ??
We cannot let Pi-hole send requests to different forward destinations depending on the client's IP address. What can be done is specifying to which forward destination a specific domain is being sent to (if you expect some domains only be answerable by specific, maybe non-public, servers), but that's all. An alternative hack could be to use Pi-hole as the DHCP server and to have it set different DNS servers for specific clients so that the clients don't even ask your Pi-hole.
However, can you specify what the original problem is? Why shouldn't your children use your unbound instance?
For the moment i have install 2 pi hole for my needs
Me needs are
For my equipements i want ad Block AND use my unbound resolver
So i have configured pi hole requesting my unbound pfsense
For other equipments used by childrens
I want ad Block AND Web filtering
So i have configured an other pi hole requesting on open dns whith option dns filtering
I would prefer have only one pi hole for the 2 usage
I think your two Pi-Hole solution is better than changing the software. For most users who want to make a kid-friendly sub-network, they would typically want to load a different subset of block lists as well (block adult content, perhaps some social media sites, etc.), so to do this in software would be more than just using a different DNS server per client.
Using a separate Pi-Hole allows you to do that, and then you can use a filtered upstream DNS server for that Pi to further filter content. This is a more powerful and tailorable solution.
I'd really like to see this feauture as well. I really liked Pi-Hole, but for me it was a reason to move over to another solution which has such feature. I used a macvlan setup in Docker to run 2 Pi-Hole instances simultaneously, but then you have to maintain both and both are using resources. Imho, this would fit great in the new 5.0 release, which has group configuration possibilities.
2 Likes
Please we really need this feature in PiHole v. 5 . Right now I got to operate 3 different pihole instances on different VLANs because they need different DNS servers.. The group management addition is awesome but still cant use it to combine all clients until the split of DNS servers is possible!
Thank You!
4 Likes
The issue here is that, while we decoupled blocked domain handling which is something we loaded from external into dnsmasq (through gravity.list), DNS servers are a dnsmasq intrinsic (specified though 01-pihole.conf). Changing the DNS servers even requires a complete restart of the entire process.
Changing this may be possible but it would be a lot of work and would make FTL incompatible with future dnsmasq updates. Furthermore, and only to complicate things, there is also the DNS cache that does not contain any knowledge which server answered a query (because why hsould it?...) so we cannot know if an entry in the cache is okay for the current client, immediately leading to us needing to disable the DNS cache altogether for this feature to work properly. I think those two are a price just too high to pay for this change.
1 Like
Another option would be switching to AdGuard where this feature is already available.
How do they deal with the cache issue? You'd need one cache per upstream destination to account for different replies by them. Otherwise, there is no point at all to use different upstream servers if they always return the same answer.