GEOIP + DNS multiple resolver

Bucking_Horn · February 12, 2020, 10:11am

No.
Pi-hole doesn't handle GeoIPs in any way - it just filters requests for hostnames, suppressing those for unwanted domains.

Yet, let's take a closer look at your contemplated solution using alternative DNS servers for certain domains.

For me, it makes no difference whether I lookup a domain through Google or a Chinese resolver (click for more):

When forcing a lookup for those domains through 8.8.8.8 and 114.114.114.119 respectively, they are resolved to the exact same IPs, e.g.:

pi@raspberrypi:~ $ nslookup taobao.com 8.8.8.8
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   taobao.com
Address: 140.205.220.96
Name:   taobao.com
Address: 140.205.94.189

pi@raspberrypi:~ $ nslookup taobao.com 114.114.114.119
Server:         114.114.114.119
Address:        114.114.114.119#53

Non-authoritative answer:
Name:   taobao.com
Address: 140.205.220.96
Name:   taobao.com
Address: 140.205.94.189

But then, I am not located in China - your 114.114.114.119 DNS server might resolve addresses differently based on your GeoIP.

If this is your problem, you probably could work out a solution.

While Pi-hole doesn't support this via its UI, its embedded dnsmasq can be configured manually to redirect lookups for specific domains to specific servers.

From dnsmasq's documentation:

-S, --local, --server=[/[<domain>]/[domain/]][<ipaddr>[#<port>][@<source-ip>|<interface>[#<port>]]

(..) If one or more optional domains are given, that server is used only for those domains and they are queried only using the specified server. This is intended for private nameservers (..)

Note that this option is originally intended for a different purpose (i.e. usage of private nameservers), so it comes with some side-effects (e.g. DNSSEC switched off).

So please make sure you've read through the complete documentation for this option thouroughly in order to understand and consider all its implications.

To configure this with Pi-hole, you'd have to create a custom configuration file, e.g. /etc/dnsmasq.d/10-chinese-dns.conf (and leave Pi-hole's own configuration files in that directory untouched).
Add your domains to this file line by line, e.g.:

server=/taobao.com/114.114.114.119

As I haven't used that before, I cannot confirm that Pi-hole wouldn't interfere (maybe a developer could).

Let us know if you succeed in solving your problem this way.