How to replace pi.hole dns lookup with a custom one

DarkWalker19 · June 13, 2023, 10:16pm

Expected Behaviour:

When adding to /etc/pihole/pihole-FTL.conf "PIHOLE_PTR=NONE" or "PIHOLE_PTR=false" the resolver should not resolve the pi.hole dns request and instead use the one i've set in pihole "home.local".
I've also tried modifying /etc/lighttpd/conf-available/15-pihole-admin.conf at the line

$HTTP["host"] == "pi.hole" {
    $HTTP["url"] == "/" {
        url.redirect = ("" => "/admin/")
    }
}

with

$HTTP["host"] == "home.local" {
    $HTTP["url"] == "/" {
        url.redirect = ("" => "/admin/")
    }
}

Tried also to reboot and to restart the dns resolver.

Actual Behaviour:

After doing those modifications and following guides and tickets, it doesn't work.
When i search for "home.local" i get "DNS_PROBE_FINISHED_NXDOMAIN".
When i search for "pi.hole" it works, i can see pihole on port 8080 and my webapp (nginx) hosted on port 80

Debug Token:

https://tricorder.pi-hole.net/rWiuwnex/

DarkWalker19 · June 13, 2023, 10:26pm

Tried to add to the FTL configs this LOCAL_IPV4=home.local but it doesn't work

Bucking_Horn · June 14, 2023, 6:37am

Be aware that .local is reserved for use by the mDNS protocol and should NOT be used with DNS.

It would depend on the browser you use and the specific OS it is running on whether a browser would support mDNS resolution or not (e.g. Safari on macOS does use mDNS, Chrome on WIndows doesn't).

In your case, .local is also different from the local search domain fritz.box as defined by your router.

I am not sure I understand your issue, though.

Is this about accessing Pi-hole's web UI?

This is possible via any of the following URLs:

http://pi.hole/admin
http://<pi.ho.le.ip>/admin
http://<hostname>/admin

DarkWalker19 · June 14, 2023, 7:05am

@Bucking_Horn I'd like to change the DNS mapping which pihole provides by default (pi.hole) to something else.

On the pinhole host I have another web service (port 80) which I would like to be able to call via another DNS (i.e. home.local or something else than pi.hole)

Bucking_Horn · June 14, 2023, 7:20am

You'd need to move Pi-hole's lighttpd to another port and install another webserver that listens on port 80 instead.

Your debug log suggests you've successfuly done the former, but there seems to be no webserver listening on port 80, just Docker's docker-proxy:

*** [ DIAGNOSING ]: Ports in use
    tcp:0.0.0.0:8080 is in use by lighttpd
[✗] tcp:0.0.0.0:80 is in use by docker-proxy (https://docs.pi-hole.net/main/prerequisites/#ports)
    tcp:[::]:8080 is in use by lighttpd
[✗] tcp:[::]:80 is in use by docker-proxy (https://docs.pi-hole.net/main/prerequisites/#ports)

DarkWalker19 · June 14, 2023, 7:40am

@Bucking_Horn the webserver in question is hosted on a docker container (nginx) mapped on port 80

Bucking_Horn · June 14, 2023, 9:55pm

You shouldn't change that file:

###############################################################################
#     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
###############################################################################

In addition, changing that file won't have an effect on your aspired outcome, as it is nginx that is taking your standard HTTP requests on port 80, i.e. your lighttpd on port 8080 never sees them.

So in your case, you'd have to access Pi-hole via

http://pi.hole:8080/admin
http://<pi.ho.le.ip>:8080/admin
http://<hostname>:8080/admin

Assuming that service is available via /servicepath/, you should be able to access that by

http://<pi.ho.le.ip>/servicepath/
http://<hostname>/servicepath/

(where you substitute <pi.ho.le.ip> and <hostname> by their respective actual values for your environment)

Run from a client in your network that cannot access that latter URL, what's the output of:

nslookup <hostname>

DarkWalker19 · June 15, 2023, 8:58pm

@Bucking_Horn

nslookup results

nslookup Rasp4
Server:  fritz.box
Address:  fd00::de15:c8ff:fe1d:5cb3

Name:    Rasp4
Addresses:  fd00::5546:1e79:5bef:2a65
          192.168.1.6

nslookup pi.hole
Server:  fritz.box
Address:  fd00::de15:c8ff:fe1d:5cb3

nslookup home.local
Server:  fritz.box
Address:  fd00::de15:c8ff:fe1d:5cb3

DNS Records set in PiHole:
home.local -> 192.168.1.6 (NOT WORKING)
other records do work.

Webservice hosted on docker that has nothing to do with pihole (port 80)
http://rasp4/home - accessible
http://pi.hole/home - accessible
http://192.168.1.6/home - accessible
http://home.local/home - NOT accessible (DNS_PROBE_FINISHED_NXDOMAIN)

Pihole webservice (port 8080)
http://rasp4:8080/admin - accessible
http://pi.hole:8080/admin - accessible
http://192.168.1.6:8080/admin - accessible
http://home.local:8080/admin - NOT accessible (DNS_PROBE_FINISHED_NXDOMAIN)

I'd like to use home.local instead of pi.hole

Bucking_Horn · June 15, 2023, 9:23pm

The client that you ran those nslookups from is not using Pi-hole as DNS server
It is using your router instead:

You may want to refer to Fritz!Box (EN) - Pi-hole documentation for FritzBox configuration options in conjunction to Pi-hole.

Run from your Pi-hole machine, please share the output of

dig home.local @192.168.1.6

DarkWalker19 · June 15, 2023, 10:15pm

@Bucking_Horn
About my client using my router as dns is weird because in the NIC settings i've set to use pihole's ip

Dig result:

dig home.local @192.168.1.6

; <<>> DiG 9.11.5-P4-5.1+deb10u8-Raspbian <<>> home.local @192.168.1.6
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11664
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;home.local.                    IN      A

;; ANSWER SECTION:
home.local.             0       IN      A       192.168.1.6

;; Query time: 24 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Fri Jun 16 00:14:29 CEST 2023
;; MSG SIZE  rcvd: 55

DarkWalker19 · June 15, 2023, 10:20pm

Found the fix!
I had to disable for some weird reason the IPv6 network on my LAN

Bucking_Horn · June 15, 2023, 10:40pm

That dig output confirms that
a) Pi-hole does reply correctly
b) .local should not be used with DNS

You've only done so for IPv4.
You should do the same for IPv6.

As pointed out already (and confirmed by your dig result above), .local is reserved for use by the mDNS protocol and should NOT be used with DNS.

If you must insist on using home.local, you should really remove that DNS record from Pi-hole and use a browser that supports mDNS on an OS that supports mDNS, preferably in a network that is fully mDNS aware.

DarkWalker19 · June 15, 2023, 10:59pm

Ok, thank you. I'll change the .local domain with .lcl

system · July 6, 2023, 11:00pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.