Pihole with dnscrypt-proxy

Joao_M_S_Silva · July 21, 2024, 1:15pm

Hi.

How can I make pihole use dnscrypt-proxy? dnscrypt-proxy is listening on 127.0.2.1:53 so I configured pihole to use the upstream DNS server 127.0.2.1#53.

But it seems that there is a conflict with dnsmasq that pihole tries to execute. I don't have dnsmasq in the OS, so it must have been brought by pihole installation.

I'm using Debian 12, with sid repo just for dnscrypt-proxy. I've installed pihole without any customization except the upstream DNS server. I just want pihole to use dnscrypt as a DNS server. dnscrypt is using Cloudflare as its DNS upstream server.

rdwebdesign · July 21, 2024, 3:32pm

What is the output of this command?

 sudo ss -tulpn '( sport == 53 )'

Joao_M_S_Silva · July 21, 2024, 4:39pm

# ss -tulpn '( sport == 53 )'
Netid      State       Recv-Q      Send-Q           Local Address:Port            Peer Address:Port      Process                                                                
udp        UNCONN      0           0                    127.0.2.1:53                   0.0.0.0:*          users:(("dnscrypt-proxy",pid=1224,fd=9),("systemd",pid=1,fd=47))      
tcp        LISTEN      0           4096                 127.0.2.1:53                   0.0.0.0:*          users:(("dnscrypt-proxy",pid=1224,fd=8),("systemd",pid=1,fd=44))

Joao_M_S_Silva · July 29, 2024, 2:16pm

@rdwebdesign, any hints? Is there a more appropriate place to ask this question?

rdwebdesign · July 29, 2024, 3:08pm

The command above shows dnscrypt-proxy is using port 53, but Pi-hole needs this port.

You need to use a different port for dnscrypt-proxy (example 5335) and point Pi-hole upstream to this port (127.0.0.1#5335).

If this doesn't work, maybe you can find answers in a dnscrypt-proxy forum, but I think other users/moderators will be able to help you.

Joao_M_S_Silva · July 30, 2024, 12:15pm

@rdwebdesign, dnscrypt-proxy was originally on 127.0.2.1 does that cause conflict anyway?

rdwebdesign · July 30, 2024, 5:15pm

Sorry, I didn't notice I used a different IP.

You need to set dnscrypt-proxy IP as Pi-hole upstream. In your case, 127.0.2.1#<port>.

Joao_M_S_Silva · July 30, 2024, 6:55pm

@rdwebdesign, I think the problem was that when I installed dnscrypt-proxy from Debian sid repo, it also installed dnsmasq or something like that, which occupied port 53. So, even if I configured dnscrypt-proxy to listen elsewhere, the port needed by pihole was occupied. I was able to make it work with these instructions: dnscrypt-proxy in pi hole server · DNSCrypt/dnscrypt-proxy · Discussion #2666 · GitHub (DNS with Pi-Hole + DNSCrypt)

system · August 20, 2024, 6:56pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.