Introduction:
I am a PiHole newbie and am doing my best to provide accurate data. I may make silly mistakes, please bear with me when I go astray.
Expected Behaviour:
My NetGear WNDR3700V4 router runs Genie firmware version V1.0.2.102.
As I understand it, the router always gives its address to clients as the DNS Server. I do not think I can change this part of the DHCP Server behavior. Clients send DNS requests to the router which then forwards the requests to the address configured in the router as .
This should look like:
Any Local Client --> NetGearRouter --> <DNS Server>
Actual Behaviour:
Under typical non-PiHole use cases like:
If ( == DNS from the ISP)
OR
( == A publicly available DNS, e.g. google: 8.8.8.8)
{
DNS resolution works properly and client receives the correct address.
}
To use PiHole, I believe I have correctly configured the router to send those DNS requests to the PiHole DNS Server on my local LAN (192.168..).
This route should be:
Any Local Client --> NetGearRouter --> <DNS Server>
However,
If ( == PiHole on the local LAN)
{
DNS resolution fails and client reports unable to resolve address.
}
ADDITIONAL TEST:
If I manually set the DNS server address on any client to refer directly to the PiHole using a command like this:
netsh interface ip set dns name="myWifi" source=static
to make the DNS resolution path:
Any Client --> PiHole
DNS resolution works fine.
Commentary:
I have read that at least some of the NetGear routers implement a protection against DNS rebind attacks which prevents them from routing DNS requests to any address on the local LAN. This seems to fit the behavior I observe and it is my working hypothesis that the router is refusing to route DNS requests to the PiHole.
I have looked for any way to disable this behavior unsuccessfully.
I have read that it is possible to make the PiHole execute a DHCP server instead of my router. For reasons outside of this discussion, I do not wish to do that. I prefer to keep the DHCP server on the router itself not the PiHole.
If you have any suggestions that will may assist me in confirming or denying the working hypothesis. Or any way to work-around the behavior which does NOT involve running the DHCP server on the PiHole, please let me know.
I thank you in advance for any comments or suggestions.
Debug Token:
I have reviewed the output from pihole debug and have not seen any indication of an error. I am happy to upload a debug log if you like, but i do not think there is any aberrant behavior from the PiHole.
PS:
This appears very similar to:
but being new, I could not gather enough details from the thread above to be sure it is the same.