Pi hole over multiple Vlans

arriej · April 8, 2020, 5:27pm

Expected Behaviour:

Multiple Vlans can access the main network and use the PiHole as a DNS resolver.

Actual Behaviour:

Does accept and process request from a different subnet. but doesn't arrive on the laptop/phone.

Debug Token:

https://tricorder.pi-hole.net/3f6f76zrxa

New to networking and stuff. so bare with me if I fail to understand some stuff.

I want to split up my network into 4 different networks with vlans, and have all networks have their DNS resolved by the Pi.

Untagged Management network
10.1.10.0/24
Vlan 2 arrie-JNet (Trusted devices)
10.1.20.0/24
Vlan 3 The Skunk Hotel (Guest network)
10.1.30.0/24
Vlan 4 Skid Row (IoT)
10.1.40.0/24

My equipment:

UniFi Security Gateway 3P
UniFi Switch 8 POE-60W
UniFi AP-AC-Lite
RaspberryPi with Pihole and Unifi

When I tail -f /var/log/pihole.log | grep 10.1.20.150 I can see that my laptop is using the Pi as its DNS server but nothing loads, but does get answered

pihole.log

Apr  8 17:15:23 dnsmasq[721]: query[A] v10.events.data.microsoft.com from 10.1.20.150
Apr  8 17:15:34 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:35 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:36 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:37 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:38 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:38 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:39 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:41 dnsmasq[721]: query[A] www.google.com from 10.1.20.150

Output pihole.log

Apr  8 17:15:23 dnsmasq[721]: query[A] v10.events.data.microsoft.com from 10.1.20.150
Apr  8 17:15:23 dnsmasq[721]: /etc/pihole/gravity.list v10.events.data.microsoft.com is 0.0.0.0
Apr  8 17:15:27 dnsmasq[721]: query[A] nexusrules.officeapps.live.com from 10.1.10.1
Apr  8 17:15:27 dnsmasq[721]: /etc/pihole/gravity.list nexusrules.officeapps.live.com is 0.0.0.0
Apr  8 17:15:27 dnsmasq[721]: query[A] ssl.gstatic.com from 10.1.10.1
Apr  8 17:15:27 dnsmasq[721]: forwarded ssl.gstatic.com to 1.0.0.1
Apr  8 17:15:27 dnsmasq[721]: reply ssl.gstatic.com is 216.58.208.99
Apr  8 17:15:33 dnsmasq[721]: query[A] epdg.epc.mnc260.mcc310.pub.3gppnetwork.org from 10.1.20.209
Apr  8 17:15:33 dnsmasq[721]: forwarded epdg.epc.mnc260.mcc310.pub.3gppnetwork.org to 1.0.0.1
Apr  8 17:15:34 dnsmasq[721]: reply epdg.epc.mnc260.mcc310.pub.3gppnetwork.org is <CNAME>
Apr  8 17:15:34 dnsmasq[721]: reply epdg.epc.geo.mnc260.mcc310.pub.3gppnetwork.org is 208.54.53.4
Apr  8 17:15:34 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:34 dnsmasq[721]: forwarded dns.msftncsi.com to 1.0.0.1
Apr  8 17:15:34 dnsmasq[721]: reply dns.msftncsi.com is 131.107.255.255
Apr  8 17:15:35 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:35 dnsmasq[721]: cached dns.msftncsi.com is 131.107.255.255
Apr  8 17:15:36 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:36 dnsmasq[721]: cached dns.msftncsi.com is 131.107.255.255
Apr  8 17:15:36 dnsmasq[721]: query[A] client-event-reporter.twitch.tv from 10.1.10.1
Apr  8 17:15:36 dnsmasq[721]: /etc/pihole/gravity.list client-event-reporter.twitch.tv is 0.0.0.0
Apr  8 17:15:37 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:37 dnsmasq[721]: forwarded www.google.com to 1.0.0.1
Apr  8 17:15:37 dnsmasq[721]: reply www.google.com is 172.217.17.132
Apr  8 17:15:38 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:38 dnsmasq[721]: cached www.google.com is 172.217.17.132
Apr  8 17:15:38 dnsmasq[721]: query[A] dns.msftncsi.com from 10.1.20.150
Apr  8 17:15:38 dnsmasq[721]: cached dns.msftncsi.com is 131.107.255.255
Apr  8 17:15:39 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:39 dnsmasq[721]: cached www.google.com is 172.217.17.132
Apr  8 17:15:41 dnsmasq[721]: query[A] www.google.com from 10.1.20.150
Apr  8 17:15:41 dnsmasq[721]: cached www.google.com is 172.217.17.132

For all Vlans I have set the following DHCP settings:

DHCP Mode: DHCP Server
DHCP Name Server: Manual
DNS Server #1: 10.1.10.100
GateWay IP Auto

Any help would really be appreciated,

Thanks in advance.

jfb · April 8, 2020, 5:56pm

Your IP for the Pi-hole host is on a different subnet mask - is there a reason for this?

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
   10.1.10.100/8 matches the IP found in /etc/pihole/setupVars.conf

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=10.1.10.100/8

arriej · April 8, 2020, 6:59pm

It got given that subnet for some reason.
When I did the first diagnostic that one came out of not having the same ip as in the setupVars.conf. So i changed it with the /8. All my connections should be /24

Changed it back to /24.
unfortunately, still not working from my laptop

system · April 29, 2020, 7:00pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.