Easiest to install bind9 (DNS) first, but you don’t have to except the default dns port will be in use. If not just shut down the pihole-FTL services. Set up bind9 and verify local domains. In my case I have a point to point vpn that I have to resolve internal (private) domains on. I followed a standard forwarding name server setup for bind for slave zones. I also set my master servers to allow transfer to slaves. Important so the zones transfer.
As Lcstyle says above:
Go ahead and install - pihole-FTL will run - but be in conflict for the port until you change the settings.
“edit /etc/dnsmasq.conf, uncomment the port setting, set to whatever port you want.
I used : 5353” #Me too - worked fine.
server=126.96.36.199#54 #the actual ip of the pi first
server=127.0.0.1#54 #basically, forward all requests to dnscrypt listener that’s already configured
comment out all PIHOLE_DNS entries” # yes worked fine
Modify to add both the 127 local and whatever the ip is of your pi.
192.168.1.2 port 5353;
127.0.0.1 port 5353;
There really should be a way in the config to ask if you are using bind9 as a local DNS server. Its quite common to setup forwarders etc and would be very common in a small or even large office.
Seems to work ok so far but will test 24 hours before I move more of my clients over on my Ubiquiti AP / Security gateway / POE switch. Please feel free to comment if I am missing anything obvious.
I do see multiple clients query data in the interface. When I tried it as written above all queries came from the localhost.
netstat -tulpn shows:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 3061/pihole-FTL
tcp 0 0 0.0.0.0:5353 0.0.0.0:* LISTEN 3061/pihole-FTL
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1846/lighttpd
tcp 0 0 192.168.1.2:53 0.0.0.0:* LISTEN 2869/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2869/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2869/named