My question is how do you guys recommend to have the WAN DNS settings configured?
WAN / Connect to DNS Server automatically = No (I guess)
DNS Server 1 = ???? The ISP DNS or 1.1.1.1 / 9.9.9.9
DNS Server 2 = ????
Thanks a lot
Try this:
https://www.asus.com/support/FAQ/1046062/
Note the above link is only for ASUS stock firmware.
More useful threads if you are running Merlin:firmware.
And another:
Extended thread about Asus routers and Pi-hole below (with a nice summary at the end):
I'm running the latest Merlin on a RT-AC86U.
Yes I can see it's an extended thread, but nobody gives a definitive answer there.
My question is simple. If I am using router's DHCP, DHCP pushes the DNS server IP (Pi-hole) to ALL the CLIENTS on my LAN, then ALL the clients will use Pi-Hole.
Then I can put anything in the router's WAN DNS Upstream server, right? Because that DNS will only be used by the router itself. The router will not generate DNS queries by itself unless it looks up for a firmware upgrade or Time Sync. Right?
Try various options and see which work for you.
I'll highlite some:
Yes except when you use/enable Pi-hole's conditional forwarding against your router.
In that case entering the Pi-hole IP for WAN DNS on the router would create a partial DNS loop.
One can choose to use any public DNS server they want, or use their ISP DNS servers, in the router's WAN DNS fields.
Because you are running the Asus-Merlin firmware on your RT-AC86U you should ensure you have Advertise router's IP in addition to user-specified DNS set to no. Failure to change this setting to no results in the router advertising itself along with the Pi-Hole IP addresses as DNS servers to the network clients. This means the potential exists for DNS requests to bypass Pi-Hole and go through the router. While Asus may recommend using the Pi-Hole in the Asus router's WAN DNS fields, the Pi-Hole docs recommends NOT to use the Pi-Hole IP addresses in the router's WAN DNS fields.
https://www.asus.com/support/FAQ/1046062
https://docs.pi-hole.net/routers/asus/
There are a number of examples of how to setup Pi-Hole on Asus Merlin over on the SNB forums. Here are two:
https://www.snbforums.com/threads/pihole-dns.74646/#post-712118
https://www.snbforums.com/threads/pihole-dns.74646/page-3#post-712319
I totally agree with you here. I'm using Conditional Forwarding on the Pi-Hole (to be able to see my local hostnames not just the IP addresses in the PH Logs), and that's why I DID NOT set the Pi-Hole IP on the WAN DNS. The WAN DNS points to 9.9.9.9 / 1.1.1.1 which is fine, because with the Merlin FW one can stop advertising routers IP is addition to user's DNS, so no client will use the router as a forwarder to resolve an address, just the router itself can use 9.9.9.9.
I thought that the original Asus FW has this feature too. That's why I was confused.
Thanks a lot for the clarifications
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.