thanx. but i have no idea how this calc works. it gives back a bunch of results instead the smallest possible with octets???
so 192.168.128.0/24 is the smallest combined net in octets that includes 192.168.143.0/24 and 192.168.144.0/24???
No.
Bluntly, if you don't know classful (or classless) subnetting, why are you using a /19?
we use the nets 192.168.144.0 and 192.168.144.0 since about 20 years and never had to deal with this cidr thing. but instead of helping me and simply giving me the address that i need you are loughing at me.
bluntly:
what i'm sure you never would standing in front of me in real life. and you mods here obviously never read your own faq:
thanx
tom
Nobody likes a smart-ass
Spotted something the developers have overlooked? Think you’re much cleverer than them for noticing it? Think it’s a good idea to post about how clever you are? Top tip: It’s not.
Why not open a pull request, instead? Pi-hole is opensource software developed by a handful of volunteers with full time jobs, things are bound to get missed! We rely on clear and concise communication from the community at large to help us out when we’ve missed something, and we all appreciate learning something new! But don’t presume you’re above anyone because you’ve had to point something out.
I literally gave you everything you needed. That link has a /19 broken down in to it's /24 counterparts.
/19 has approximately 8000 useable IP addresses. A /24 is 256. /19 consists of 32 individual /24s.
I would indeed tell you in person what I have said and what I continue to say.
Why are you trying to use a /19?
Dan might have been blunt (and admitting it), but his motivation clearly is to help.
We can't give you a specific address because we don't know your network nor your motivation to pick a /19, so your answer to the question is signifcant.
1 Like
I can tell you exactly what numbers to type in, but you won't know why you are doing it. When it breaks you won't be able to fix it and you'll blame us for giving you the wrong information. You need to learn it. You're operating a DNS server, that's an extremely vital service for your network.
You've made a number of typos and typed many different IP address blocks and netmasks, you need to be very very careful in telling us what IP space you are using and what you want.
we use two networks on our router to divide the clients in two groups. we do this since 20 years with no problem until now. those networks are 192.168.143.0 (255.255.255.0) and 192.168.144.0 (255.255.255.0).
this online calc gave 192.168.128.0/19:
https://www.heise.de/netze/tools/netzwerkrechner/
Just use the two /24 networks. You can't do it with the web interface, you'll need to create a custom config file.
You've chosen two subnets that do not naturally group. You've split the networks across a binary domain.
If you had chosen 192.168.142.0/24 && 192.168.143.0/24 then you could have a single /23. But even that would not help here as dnsmasq requires a /8,/16,/24 natural mask for historical reasons. Use those two /24 networks, each pointing to the same upstream authoritative resolver and the same domain name.
1 Like
we cannot change our networkaddresses just because pi-hole webinterface can't deal with them.
-
what were two sample networks in the 192.168.x.x range that combine the way pi-hole webinterface can deal with?
-
where and how to set things up with our actual networks in the 'custom config file' is there a howto? and will doing it via custom config file then break the whole web-interface?
moreover found this - seems that i'm not the only idiot who needs something like this:
pihole-FTL - Pi-hole's embedded tailored dnsmasq - can be configured in any way dnsmasq would allow, unless a configuration option would conflict with Pi-hole's own configuration.
(If done correctly, it wouldn't in your case).
You'd have to create a new file under /etc/dnsmasq.d/, e.g. 42-conditional-fwd.conf.
You need two entries rev-server (for reverse IP lookups) and server (for hostname lookups matching your local domain) in there, and you could use the respective lines from Pi-hole's existing configuration (resulting from your UI CF setting) as a template.
If you are uncomfortable and/or unfamiliar with applying custom configurations for dnsmasq, you could also disable CF and set your router as Pi-hole's only upstream DNS and an unchecked Never forward reverse lookups for private IP ranges and Never forward non-FQDNs under Advanced DNS settings.
EDIT:
Of course, this and Conditional Forwarding would only work if you would indeed have found a way to address your initial issue, i.e. your router using Pi-hole as upstream DNS.
If the latter would still be the case, either approach will create a DNS loop, immensly slowing your DNS resolution or killing it completely.
1 Like
hello bucking_horn,
thank you for your helpful and again datailed answer. i have to look into these things a little deeper as i'm not too familiar with all this networking stuff so it will take a little until i can reply 
ok - i had a look at the thing on our pi. in /etc/dnsmasq.d/ i currently have 01-pihole.config that will be the config-file automatically created by the installer or webinterface? and there are also the current entries for rev-server and server. is '42-conditional-fwd.conf' a magic name for a manual config-file that is automatically loaded at startup and overrides the settings in '01-pihole.config'?
well, that doesn't seem to be difficult with your good description of what and where and what the parameters are called.
i'm always a bit worried that things like this will break with the next update and you have to fiddle around with it again so i found a workaround with the web-gui which works quite well for our small net(s).
under 'Use Conditional Forwarding' i first typed in one network with only a few workstations all with the fixed ip via bootp from the router. after 1 hour i typed in the other network with the more often changing clients. somehow it seems to remember this in some table/cache because it now shows all clients in both networks by name.
that's enough for us for now - and apparently the change in the webinterface for entering multiple networks is already in progress on github.
i managed to do the thing with the lancom routers - thanks to the help of the chief developer there at lancom it was easy for me to implement.
i will write down both solutions again tonight and post them here in the forum to make it easier for the next one. best here at the end of the thread - right?
in any case thank you very very much for your friendly and competent help!
No. You can name your new configuration files any name you wish, but you don't want to overwrite or modify any of the existing Pi-hole configuration files. Any changes you make to the Pi-hole files will be overwritten by Pi-hole.
Note that dnsmasq reads all the files in directory /etc/dnsmasq.d. Make sure you don't have conflicting entries, which can cause dnsmasq errors on startup or unexpected results when file x (read after file y) changes a setting made by file y. This command is a quick check for syntax problems:
pihole-FTL dnsmasq-test
As long as you have separate/new configuration files, your files will not be overwritten by a Pi-hole update.
Yes.
1 Like
hardware/software:
lancom 1781ef+ / lcos 10.12 ru15 (but should work for all lancoms of the last 10 years)
raspberry pi 4 2gb / pi-hole v5.1.2 web interface v5.1.1 ftl v5.2 (works even with pi zero)
there are two ways to use lancom router with the pi-hole:
- with simple forwarding of the dns to the pi-hole
- advantage: very fast setup and automatically dsgvo compliant
- disadvantage: the single requests are all assigned to the router on the pi-hole and can't be distinguished in the statistics and settings (the filtering of advertisements works completely).
configuration->ipv4->dns->forwarding
Domain: ?*
Routing Tag: 0
Remote Station: ip-pi-hole, ip of secondary dns
- transmit the pi-hole as dns server to lancom clients in the course of dhcp
- advantage: all statistics evaluations and settings on the pi-hole can be used
- disadvantage: a bit more complex and if the pi-hole fails the dns resolution falls out aka 'the internet doesn't work anymore'.
configuration->ipv4->dhcpv4->dhcp-networks
First DNS: ip-pi-hole
Second DNS: ip-pi-hole
if redundancy and fail-safety are essential, a second pi-hole with the same configuration and a different ip-address can be used.
if you have further questions about the lancom you can find very competent help in the lancom forum:
https://www.lancom-forum.de/index.php
ok. so in /etc/dnsmasq.d i have the config-file (01-pihole.conf) that is auto-generated by the webinterface an says:
rev-server=192.168.144.0/24,192.168.144.254
server=/intern/192.168.144.254
if i want to add a second internal network i have to create a second config-file eg xyz.conf with the second network (both use the same dhcp server)
rev-server=192.168.143.0/24,192.168.144.254
right?
If the DNS server at 192.168.144.254 will respond to PTR queries for the 192.168.143.0/24 range then that is the correct action.
1 Like
thanx!
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.