DNS For Pi-hole it self

Hi,
Properly I am get old...but I simple forgot...

  1. should Pi-hole be its own DNS server
  2. should nameserver(s) in /etc/resolv.conf be
    Pi-hole own address e.g. IP for Pi-hole 192.168.1.xxx
    an upstream DNS server e.g. 1.1.1.1
  3. If the later can there by two entries e.g. 1.1.1.1, 1.0.0.1

Thanks...

I would not recommend to configure the Pi-hole address in resolv.conf.
If you break Pi-hole for some reason (update/tweak/change), all processes on the host loose DNS resolution which complicates troubleshooting.
Even Pi-hole repair (pihole -r) or trying to upload a debug log (pihole -d) will break without hacking.

Configure your router IP (if it doesnt close a DNS loop),
or your ISP DNS servers,
or one or more of the publicly available DNS providers:

$ sudo cat /etc/pihole/dns-servers.conf
Google (ECS, DNSSEC);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
OpenDNS (ECS, DNSSEC);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
Level3;4.2.2.1;4.2.2.2;;
Comodo;8.26.56.26;8.20.247.20;;
DNS.WATCH (DNSSEC);84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
Quad9 (filtered, ECS, DNSSEC);9.9.9.11;149.112.112.11;2620:fe::11;2620:fe::fe:11
Cloudflare (DNSSEC);1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001

Do mind that most distros run some kind of "network manager" to populate that resolv.conf file:

1 Like

Pi-hole's upstreams are configured via Pi-hole's UI under Settings | DNS, and those must never include Pi-hole.

But you are referring to the DNS configuration of the machine that's hosting your Pi-hole.

There is no harm in having a public DNS server or your router's IP in resolv.conf , handling DNS for Pi-hole's host machine. In fact, it can be advantageous to have DNS still working if Pi-hole should be incapacitated for any reason.

If you run other services besides P-hole on that machine, and you'd want those to be filtered as well, then you could point the machine's resolv.conf to 127.0.0.1 as well, with the possible limitations mentioned by deHakkelaar.

1 Like

Hi,
Thanks so much for fast response.
Makes absolutely sense!
Appreciated.

1 Like

Thanks for coming back to me so fast!
Yes, I was not clear in my ask :slight_smile: but it is the machine (Pi) that host the Pi-hole.
I'll use public DNS servers as for my router I have "disabled" the ISPs DNS.
I have another application running on each of my two Pis' so I think I'll add 127.0.01 on each of them.
Should I also add and public DNS then?

About resolv.conf getting populated with the Pi IP:

No:

1 Like

Many thanks!
have a great weekend.

1 Like