I have a ISP with a Router which can neither change DNS Server or add Static Routes but can actually disable DHCP, puuuh
I have a external Server which is connected to a local system via a VPN, up until now I have used a static route in the old router to redirect internal 10.x.x.x traffic to the local server which then forwards that through the VPN. But since the new Router can not set static routes, i need another approach.
Is anyone advertising multiple routes via the pihole DHCP? How did you do it? Does it work? Do you have any problems which some OSs? I have not used the pihole DHCP yet, so I am happy about any information since this is not covered by the standart docs.
Could you post what you've configured?
And how did you determine Android is ignoring those routes?
Could you also post output for below pls (redact the bits you dont want to publish)?
I haven't used any Network Debug Apps, since my experience with them, mainly DNS is that they just add more confusion than help. Since they are not showing/using the same as the Android OS/other Apps. If you can recommend any I will check them.
I just tried to access a domain from a public DNS Record that points to one of the internal IPs and also tried to access services directly via the IP. I checked tcpdump on the pihole and there was no incoming traffic for those private IP ranges. DNS Requests are going to the pihole.
Output on a Ubuntu client:
➜ ~ ip route
default via 192.168.10.1 dev wlp3s0 proto dhcp metric 600
10.10.10.0/24 via 192.168.10.3 dev wlp3s0 proto dhcp metric 600
169.254.0.0/16 dev wlp3s0 scope link metric 1000
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.0.0/24 via 192.168.10.3 dev wlp3s0 proto dhcp metric 600
192.168.1.0/24 via 192.168.10.3 dev wlp3s0 proto dhcp metric 600
192.168.10.0/24 dev wlp3s0 proto kernel scope link src 192.168.10.154 metric 600
192.168.178.0/24 via 192.168.10.3 dev wlp3s0 proto dhcp metric 600
root@tyrell:/# pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
Timeout: 10 seconds
WARN: Could not sendto() in send_dhcp_discover() (/__w/FTL/FTL/src/dhcp-discover.c:233): Network is unreachable
* Received 336 bytes from ens32:192.168.10.3
Offered IP address: 192.168.10.132
Server IP address: 192.168.10.3
Relay-agent IP address: N/A
BOOTP server: (empty)
BOOTP file: (empty)
DHCP options:
Message type: DHCPOFFER (2)
server-identifier: 192.168.10.3
lease-time: 86400 ( 1d )
renewal-time: 43200 ( 12h )
rebinding-time: 75600 ( 21h )
netmask: 255.255.255.0
broadcast: 192.168.10.255
dns-server: 192.168.10.3
domain-name: "lan"
router: 192.168.10.1
--- end of options ---
DHCP packets received on interface lo: 0
DHCP packets received on interface br-2723f505d473: 0
DHCP packets received on interface docker0: 0
DHCP packets received on interface wls33: 0
DHCP packets received on interface br-55d866a9190b: 0
DHCP packets received on interface veth1f9b1b8: 0
DHCP packets received on interface veth0798fb7: 0
DHCP packets received on interface veth36c63d6: 0
DHCP packets received on interface ens32: 1
Looks good to me.
I have no clue why Android doesnt pick them up.
Currently both the router and classless-static-route DHCP options are advertised.
You could try hash out below line to only advertise the classless-static-route option and NOT the router one:
With the router option disabled, the DHCP server will be used as a default gateway. Which indeed is working, BUT in that case all the traffic is going through the pi-hole server which is an unnecessary jump. (Or even to in case of wifi clients).
maybe i have time this weekend to go through the dhcp-options if there is another option, maybe via prioritization etc.
I dont understand, doesnt above default route "0.0.0.0/0,192.168.10.1" come through on the clients?
What does your Ubuntu client @ Site A say after renewing the DHCP lease when you do an ip route with oc the router DHCP option hashed out in 02-pihole-dhcp.conf ?
And oc you best restart instead of reload when unsure if changes correctly propagate: