Pihole with Fritzbox 7490 DNS Forwarding in ipv6 not working (information)

jochen · November 16, 2016, 9:37am

Hello Everyone,

this post here provides just some information to other users who try to get pihole working with fritzbox and DNS redirect. We struggled like two days to find the issue, that can't be solved.

We tested pihole and it works absolutely fine. Sometimes the traffic is a bit slower than without pihole, but thats not a big issue. I like to help people in Germany who happen to often have a router from avm, a fritzbox. As already mentioned in some posts here, the fritzbox has some issues with DNS settings. If you use ipv6 changing the dns server won't work correct due to some rebind protection. For more info please read this article:

https://en.avm.de/service/fritzbox/fritzbox-7390/knowledge-base/publication/show/663_No-DNS-resolution-of-private-IP-addresses/

You could acctually change this behaviour, but only if you are able to connect via telnet. We tried it, but our provider as most ISPs has prohibited this function. Our provider is able to update the fritzbox and change some settings, what seems to be important for the fiber connection.

You can use pihole, but have to change the DNS settings on each machine you are using. Therefore some mobile devices won't use pihole. That is kinda sad, but it is like it is. I'm talking about IPv6 only. Most connections from analytics are using IPv6.

I hope someone found this, before he got into an endless testing phase.
Cheers
Jochen

remowashere · November 27, 2016, 9:20pm

Fritzbox is a bit of an issue, but you do not have to change DNS settings on each machine, just use your PI as the DHCP server. Simply install isc-dhcp-server and configure that each clients gets the DNS settings from the PI. Turn off the DHCP service on your Fritzbox (or other modem) and you're good to go.

DNS setting in /etc/dhcp/dhcpd.conf:
option domain-name-servers raspberry_ip, modem_google_fallback_ip

My config;

default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.178.1;
option domain-name-servers 192.168.178.200, 192.168.178.1;
option domain-name "home.local";

subnet 192.168.178.0 netmask 255.255.255.0 {
range 192.168.178.10 192.168.178.150;
}

Jeroen1 · December 9, 2016, 2:43pm

No need for that extra isc-dhcp-server.
DNSMASQ installed by pihole can already do that.
Make sure you create an extra 99.conf file and add your dhcp settings in there