DNS/DHCP on different servers

Coming from a 'flat' network (one subnet) with Pihole serving as DNS and DHCP server I had to move to a more 'sophisticated' network with 4 separated vlans to keep all my 'smart' stuff contained.

• I am now using the router (UniFi Edgerouter) for DHCP (4 DHCP server, one for every vlan/subnet)

• I am using the Pihole as a single DNS for all vlans/subnets.

• I have the necessary firewall rules in place to allow access to the Pihole.

• DNS info is handed out by the DHCP server(s) on the router

Everything works as expected. All vlans resolve through the Pihole and it is doing its job to block all the trackers/ads (Yeah!)

My issues:

• TOP CLIENTS in Pihole are only showing IP addresses
• Resolving local servers by name (e.g. nas.lan etc.) is no longer possible since DHCP and DNS services are running on different servers.

Reading through the documentation of Pihole (which is very thorough, thanks for compiling this) and read through the HELP section and FAQ on this discourse server. Came to the conclusion that I have to enable CONDITIONAL FORWARDING (under settings->DNS), added one of my networks (192.168.1.0/24) and pointed this entry to the appropriate DHCP server on the router (192.168.1.1), including the local domain name (lan).

Result:

• Pihole is still showing IP addresses only (under TOP CLIENTS)
• Flushed my DNS cash (Windows 11) and:

  • ping mininas... resolves correctly

  • nslookup mininas results in a: *** pi.hole can't find mininas: Non-existent domain

  • ping pihole2 (active DNS server with the CONDITIONAL FORWARDING enabled) results in:

    • Pinging Pihole2.local [fe80::32de:e443:1448:b5a8%7] with 32 bytes of data:
      Reply from fe80::32de:e443:1448:b5a8%7: time=28ms
      Reply from fe80::32de:e443:1448:b5a8%7: time=27ms

It seems I have several issues:

#1: Pihole only showing IP addresses instead of hostnames
#2: nslookups not resolving at all
#3: Where are the IP6 coming from and where is the .local coming from when pinging pihole2?

Any pointers highly appreciated

You don't have to use condition forwarding to fix this.

You can map the local clients to IPs in a hosts file on the Pi, and Pi-hole will then know the names.

Snippet of /etc/hosts on one of my Pi-holes:

192.168.0.97	Sonos-ARC
192.168.0.100	Pi-3B-plus
192.168.0.101	Scanner-Brother
192.168.0.103	Smarthings-hub
192.168.0.104	Sense-electrical-monitor

Any requests to this Pi-hole will map the name to IP or vice versa.

nslookup 192.168.0.97
97.0.168.192.in-addr.arpa	name = Sonos-ARC.

nslookup Sonos-ARC
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	Sonos-ARC
Address: 192.168.0.97

This also allows Pi-hole to show clients by name instead of by IP on the web admin GUI:

image2124×338 19.7 KB

Thanks for the help, I was hoping I do not have to manually maintain the list on 2 Piholes.

Under CONDITIONAL FORWARDING is says:

One solution for this is to configure Pi-hole to forward these requests to your DHCP server (most likely your router), but only for devices on your home network. To configure this we will need to know the IP address of your DHCP server and which addresses belong to your local network

That sound like it would solve my issue without manually configure local IPs with server names. Is my interpretation wrong?

You are reading that passage correctly.

For Conditional Forwarding to work,
a. your router's firewall has to allow DNS requests from Pi-hole
b. your router has to run a DNS resolver, and
c. your router's DHCP server must insert DNS records for DHCP client hostnames into that DNS resolver
( and d. CF has to be configured correctly, of course.)

You could check if and how your router's DNS resolver (presumably at 192.168.1.1) is responding by running the following command from the machine hosting your Pi-hole:

nslookup mininas 192.168.1.1

Thanks for the input.

The result of your suggestion:

mash@Pihole2:~ $ nslookup mininas 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53

** server can't find mininas: NXDOMAIN

Correct me if I am wrong but that suggest that:
a) the request goes through the firewall
b) a DNS server is indeed running/listening but has no clue what I am looking for

So I started digging in the router (Ubiquity Edgerouter) which is new to me (so I have to read up on it as we go).

router:> show dns forwarding nameservers
75.75.75.75 available via 'dhcp eth0'
75.75.75.76 available via dhcp eth0

Those are the DNS servers of my provider COMCAST on the WAN interface (eth0) of the router.

Reading in the online manual of the Edgerouter (https://help.ui.com/hc/en-us/articles/115002673188) it seems that the default DHCP service uses the ICP DHCP daemon but can be configured to use the dnsmasq instead. Is that the route I wanna go? I know this is beyond the Pihole help forum but I would appreciate your insight.

I use an Edgerouter and when configured to use dnsmasq, conditional forwarding works for most clients.

The ones that don't work do not report their host name when acquiring their lease.

Two things I can think of:

1. If pihole is not on the 192.168.1.0/24 network, did you open firewall from pihole:53 --> DHCPSERVER:53?
2. Is the DNS resolver on 192.168.1.0/24 network set as local resolver only (dnsmasq option --local-service)?

I had both these problems with similar setup (using openwrt).

Thanks for all the suggestions. After enabling dnsmasq on the Edgerouter conditional forwarding works (for most clients (as sawsanders pointed out)). Here a link (for additional detail) for others dealing with this issue: EdgeRouter Lite Dnsmasq setup | Logan Marchione

That's correct.

Yes, and this is a common case for certain Ubiquiti equipment, showing up in the forums every now and then, see e.g. Conditional forwarding.. What is wrong?.

Apologies for not realising that earlier.

No sweat... community pointed me quickly to a solution.
Thanks for the input.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.