Please follow the below template, it will help us to help you!
Hi Everyone
I set up pi-hole on raspberry pi (works beautifully ! )
I also set up an openvpn client (to use with transmission)
Expected Behaviour:
Without further configuration I expected all traffic from the Raspberry Pi to go through the VPN, including pi-hole queries. All traffic from the Pi should therefore circumvent Pi-hole and use the VPN server DNS.
Actual Behaviour:
Pi-hole successfully filters traffic coming from the pi (I tried browsing with w3m from console). This was the intended end-result, but I expected further configuration to be necessary
Why does openvpn default to using the pi-hole DNS ? maybe because it's on the same system ? on my laptop, if I connect the vpn I have to manually set the pi DNS address, otherwise the DNS queries go straight through the VPN provider.
Thanks for your help in understanding all of this !
You want the Pi to serve DNS via Pihole to your network.
You want recursive DNS queries from Pihole to use the VPN.
You want Pi itself to NOT use Pihole but the VPN providers DNS
Assuming I understand, that is not possible. The Pi running Pihole must use the locally running Pihole to resolve queries as /etc/resolv.conf must be set to 127.0.0.1. My assumption is you don't want the Pi to use Pihole for DNS as you don't want things to be blocked. This may be possible with per host eceptions in v5, but I am not certain.
Under debug token you seem to describe a different scenario when when you connect to the VPN you are NOT getting the Pihole set as your DNS server. This is solved by adding
push "dhcp-option DNS some.ip.add.ress"
To your OpenVPN server.conf. This will push a specific DNS server to be used upon connecting to the VPN.
My question was that, having not set the "dhcp-option DNS x.x.x.x", I was expecting that once the VPN was connected, the traffic would not be filtered by Pi-Hole. But surprisingly I could still see the queries being filtered on Pi-Hole's admin panel with the VPN connected. Maybe the Pi is forced to use the locally installed Pi-hole even with VPN, even without "dhcp-option".
I would have tried again but I messed everything up trying to setup a Wifi hotspot next to pi-hole, so I think I'm going to start fresh.
So if I understand correctly, this loopback IP which Pi-hole currently puts in /etc/resolv.conf is what causes Openvpn (if installed on the same Pi) to use the Pi-hole DNS service automatically ? Just checking before I change it to solved