Hello out there,
i am struggleing on propper configuration of my setup and doesn't get the knot loosen. Therefore i am asking for help.
First of all i want to express my setup.
The pfSense is the gateway for my local lan. DHCP comes also from pfsense.
It's IP Adress is .254
Within the lan i have docker installed on a Diskstation which runs docker. So my pihole actually runs containerised on this Discstation. the container has the .206 ip adress.
Also as an docker container i've setup unbound. the unbound container has the ip .204
So far so good.
What i want to achieve is quite simple. The pfsense shall provide DNS to all clients within the lan over DHCP service.
Therefore i disabled the DNS Forwarder and the DNS Resolver on pfSense.
Under General Setup i provided the IP Adress of the Pihole Docker Container (.206) so, that this is also reachable for the pfsense. It self should only need it, for updates, ntp so lets call this "self service".
All other network clients should directly talk to the pihole.
So, i assume there shouldn't be any DNS requests traveling to the pfsense from the lan.
The pihole is configured to use a custom upstream DNS server and nothing else. This is pointed to the ip of the unbound docker container (.204)
So far so good. Everything is working.
Now i want to have the client hostnames to be shown at the pihole web ui. Therefore i activated conditional forwarding and pointed it to the pfsense lan interface (.254) as this is the dhcp provider for the lan, and has the needed information.
And this is were the trouble starts...
i see the pihole forwarding correctly the requests to unbound and to pfsense accordingly to were they should go. Unbound is answering an this part seems fine.
the pfsense seems not to respond to those requests. As i mentioned before, resolver and forwarder are disabled... so i do not really expect the pfsense to answer, but somehow it needs to.
I started to tinker around with the pfsense and the pihole settings to get this solved. But i ran into different issues.
I do see lots of unanswered dns requests for local adresses.
If i activate the forwarder it seems to end up in a kind of DNS loop.
If i activate the resolver i see similar behaivor, as the resolver als uses the configured dns server (which is the pihole) according to the global dns setting of the pfsense.
Am i missing here something out ?
Btw. i am aware of pfblockerng, but i do want to use pihole in first order, as i find the webui report very informative, so if there is a solution to this, i want to stick with it.