As far as I know the straightforward way of "forcing" some specific nameserver(s) (overriding the local one, or DHCP) is to modify how resolv.conf is constructed.
You could edit (as superuser) /etc/resolvconf/resolv.conf.d/base, adding e.g. "nameserver 8.8.8.8" or whatever you fancy.
Issue "resolvconf -u" or reboot and resolv.conf should contain the nameservers you configured in "base".
The /etc/resolvconf/resolv.conf.d/base file is empty so I don't think pi-hole is using it.
I'm using DNSCrypt along pi-hole, so the /etc/resolv.conf contains 127.0.0.1. (DNSCrypt is running on port 5300)
And when I do nslookup youtube.com, it actually shows that it's using systemd-resolved (127.0.0.1#53) (not 100% sure, it could be pi-hole itself running on port 53).
But truth to the matter is, it's actually using pi-hole, because I can see the query of youtube.com from ubuntu machine on pi-hole's web server which means pi-hole is using dnsmasq to forward the dns request to server 192.168.1.40.
Just to make sure of this, I have checked the /etc/dnsmasq.d/01-pihole.conf file and it indeed reports: server 192.168.1.40
So now that everything's tracked down to dnsmasq, I just have to edit the dnsmasq profile right? But I shouldn't. Because at the beginning of this very file, a hint is written:
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf #
# #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
# WITHIN /etc/dnsmasq.d/yourname.conf #
###############################################################################
And this is what I don't know about.. I'm worried if I edit this file, it will break pi-hole for the clients and my devices would not be able to use pi-hole anymore.
I don't know what to do here.
Ok I'm a little confused. sudo ss -lp "sport = :domain" reports that pihole-FTL is running on port 53.
But also when I do sudo systemctl status systemd-resolved, it reports Active: active (running) so what port is systemd-resolved running on now?!
I think I can edit /etc/resolv.conf and I should be good to go..right? But I don't think so because, systemd-resolved is not actually running right?
Ugh.. someone help me please
Edit: I realized from the pi-hole dnsmasq config that there's no-resolv which means do not use /etc/resolv.conf
/etc/resolvconf/resolv.conf.d/base has nothing to do with Pi-hole and it is normally empty. Because normally you don't want to override what other services are putting into resolv.conf.
As I wrote, you could use it to override resolv.conf with your nameserver of choosing.
Even if you'd be running 1, 2 or 3 nameservers the one specified in "base" would take precedence.
I'm guessing that systemd-resolved is running on 127.0.0.53:53 and not on 127.0.0.1, at least it is on my ubuntu.
Ok I was worried that somehow if I use resolvconf, it will break pi-hole lol
But I did as you said anyways:
sx@ubuntu:~$ echo "nameserver 1.1.1.1" | sudo tee /etc/resolvconf/resolv.conf.d/base
sx@ubuntu:~$ cat /etc/resolvconf/resolv.conf.d/base
nameserver 1.1.1.1
sx@ubuntu:~$ sudo resolvconf -u
But nslookup still reports 127.0.0.1 is being used for DNS queries :frowning:
sx@ubuntu:~$ nslookup whatever
Server: 127.0.0.1
Address: 127.0.0.1#53
Even if I use Ubuntu's GUI to add IPv4 DNS, it still doesn't work.
It's my mistake, I've just checked on my setup and I'm using /etc/resolvconf/resolv.conf.d/head instead of base. Probably I've used base for something in the past and I mixed up the two.
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.178.1
nameserver 127.0.0.1
search fritz.box
The first nameserver above comes from /etc/resolvconf/resolv.conf.d/head, the second one from systemd-resolved.