Local Domain

RATM · October 22, 2023, 12:51am

My network has a local domain, and its DNS is configured as an upstream in Pi-hole. However, Pi-hole doesn't respond to queries from my local domain because it first searches in the upstream internet servers, and thus, it never reaches my internal upstream. How can I reverse the order so that Pi-hole first queries the internal upstream and only then the external one?

jfb · October 22, 2023, 1:53am

Please follow our help template and provide a debug token.

RATM · October 22, 2023, 2:59am

Sure, no problem!

https://tricorder.pi-hole.net/qjieRFFK/

I take this opportunity to send the log below collected on the server:

Oct 22 02:48:32 dnsmasq[24445]: query[A] teste3.homeresort.lan from 10.40.1.103
Oct 22 02:48:32 dnsmasq[24445]: forwarded teste3.homeresort.lan to 1.1.1.1
Oct 22 02:48:32 dnsmasq[24445]: reply teste3.homeresort.lan is NXDOMAIN

Bucking_Horn · October 22, 2023, 7:06am

You can't, but fortunately, you would not have to in your case - enable Pi-hole's Conditional Forwarding instead.
Alternatively, configure Pi-hole to use only your local DNS resolver as upstream, and have that upstream forward DNS traffic to public DNS resolvers.

Note that in general, there is no order of precedence when provding a set of DNS servers.
A client may pick one such DNS server from a set for any given DNS request at its own discretion.

In particular, this would also be true for clients in your network.
Your debug log shows your router's DHCP server to distribute a public DNS resolver besides Pi-hole.

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 290 bytes from eth0:10.40.1.1
     Offered IP address: 10.40.1.67
     DHCP options:
      Message type: DHCPOFFER (2)
      dns-server: 10.40.1.4
      dns-server: 1.1.1.2
      --- end of options ---

Pi-hole has to be the sole DNS resolver for your network.
With those current settings, your clients will by-pass Pi-hole via 1.1.1.2 ocassionally.

This seems to have been the case lately, as your debug log by chance also shows Pi-hole to not have received any DNS requests during the last 24 hours:

*** [ DIAGNOSING ]: contents of /var/log/pihole
   (...)

   -----tail of FTL.log------
   [2023-10-22 02:53:13.671 24618M] Imported 0 queries from the long-term database
   [2023-10-22 02:53:13.671 24618M]  -> Total DNS queries: 0
   [2023-10-22 02:53:13.671 24618M]  -> Cached DNS queries: 0
   [2023-10-22 02:53:13.671 24618M]  -> Forwarded DNS queries: 0
   [2023-10-22 02:53:13.671 24618M]  -> Blocked DNS queries: 0
   [2023-10-22 02:53:13.671 24618M]  -> Unknown DNS queries: 0
   [2023-10-22 02:53:13.671 24618M]  -> Unique domains: 0
   [2023-10-22 02:53:13.671 24618M]  -> Unique clients: 0
   [2023-10-22 02:53:13.671 24618M]  -> Known forward destinations: 0

system · November 12, 2023, 7:07am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.