Forgive me as I am brand new to discourse and this is my first post ever. #Virgin.
Also important to note that I ran pi-hole for years. Covid hit, I was bored, thought I was slick ended up screwing things up and threw in the towel. Fast forward to now. I'm running Pi-hole on a Raspberry PI 4b - all good there. Build is solid everything works. My previous pi-hole pre-covid was on a Ubiquiti USG Pro, God knows what version. Now, I'm running the Dream Machine ver 4.1.13 and Network Controller ver 9.0.114. Each running perfect independently. I am sure this is a simple fix and feel free to call me a moron one when I have that "aha" moment and it works.
Expected Behaviour:
_[Pi-Hole working as intended. (Pi-hole 6)
Not sure if I should put my pi-hole address in the LAN or WAN side of my Unifi DMP. I have multiple VLAN's and it seems to me to make more sense to put on WAN (Internet) side but it doesn't work that way (yet, I thought that is how I had it previously)
Actual Behaviour:
_When I install on WAN (internet) side - no joy.
When I install on LAN (network) side - I see traffic passing but not like I used to before. Things just don't seem right. I think something is messed up in the pi-hole settings themselves and not sure what.
Debug Token:
_Feel like a dummy here. I'm not a debian / linux guy and the debug scripts on ver 6 are like 20 different options, not even sure what to do here. If I get this working, happy to even "buy someone a coffee" not a problem.
I think you'll get the best results by setting Pihole as your LAN DNS, and leave the WAN side to Automatic or a public DNS of your choice. The reasoning here is that if you set Pihole for your WAN, not only will everything look like it's coming from your USG Pro, but all the chatter your gateway does to confirm Internet connectivity is active and all the talking it does to Unifi's server will fill up your query logs (speaking from experience here).
Just go to each VLAN and set your Pihole IP as the DNS (under Manual DHCP). Make sure Pihole is set to "Respond only on interface..." instead of the default "Allow only local requests," or you'll find your VLANs aren't able to talk to the Internet.
Also, you can get a debug log by going to the command line on your device running Pihole and typing "sudo pihole -d".
I think I finally got it working but it all only shows up under my access point and not individual machines. I think I'm doing something wrong. Would conditional forwarding help with this? Last time I did this years ago, every device popped up in pi-hole and i could see them individually. Now they all just roll up under the access point's IP.
If you're saying only the Access Points IP address shows up in your Pihole logs, that would indicate that the setup for the AP is configured with the IP address for the Pihole under its own DNS settings.
In the Unifi Network setup, I have my all Unifi access points and switches set up with a static IP address assignment, with the "Preferred DNS" set to the IP address of my Unifi gateway and "Alternate DNS" set to blank. The gateway setup is determined by Settings/Internet//IPv4 Configuration. I have mine set to Primary DNS 9.9.9.9 and secondary DNS 149.112.112.112 (both Quad 9). You can choose your own or use "Auto," which uses DNS servers provided by your ISP DHCP.
This way, the Unifi network devices all use the Unifi gateway/controller for DNS, and the gateway/controller uses Quad9 servers (in my case).
To provide Pihole resolution to your LAN clients, you have to go to Settings/Networks//DHCP Service Management and specify your Pihole IP Address under "DNS Server."
Then individual machine names/addresses will show up in your Pihole logs (once DHCP lease for the client has been renewed).
Conditional Forwarding is not really a factor here in the symptoms you describe, but should point to your Unifi Gateway.
just verified, I have my AP's configured with DHCP (auto) I do think static is the way to go for those, so I'll make those changes, but nothing else indicates (that I can see) that pi-hole only recognizes the AP and not the individual devices. UNLESS, it does that with the hotspot portion of Ubiquiti/Unifi. I'm going to try another zone and see if that does anything.
Fair enough. Thank you. I have the same with Cloudflare (cause my work uses them too) I need to get unbound, but want to get stable on my existing setup first. I haven't had time to test today, (kids stuff going on) Will hopefully try later or tomorrow.
I statically configured my AP. I am still seeing the same behavior. My AP is configured to use the Gateway as its DNS server and my client is configured to use the pi-hole (on the unifi, not on the client itself). However, the AP shows up in Pi-hole and is listing out all the websites I am going to from my client. The client does not show up in pi-hole. I am on a unifi dream machine pro se using network OS 9.1.96. The client is a raspberry pi also that I use for testing.
I'm not able to offer any further suggestions at this point. It would probably be useful to submit a debug log here so the devs can take a look under the hood, maybe unravel the mystery.