all of my devices use pihole as DNS-Server.
DHCP-Server is my router. The DHCP of my router (AVM Fritzbox) has the opportunity to set a custom DNS for DHCP-Requests. By this way, all of my DHCP-Devices get the IP of my pihole as DNS-Server.
That should not be changed.
I think, at the moment, the upstream-DNS-Server is static. All DNS-Lookups of pihole are send to the same DNS-Server, right?
How can I make that pihole use a different Upstream-DNS-Server for requests which were made from a certain MAC/IP to the Pihole?
I am using Pi-hole v5.6 FTL v5.11 Web Interface v5.8 on Raspian Bullseye 32bit
Intension: My FireTV Stick uses Pihole for DNS-Lookups as all over devices. This Lookups are send to provider DNS-Server. Because of Geo-Blocking, a smart-DNS-Server must be used for FireTV. Only FireTV shall use smart-DNS-Server.
Of couse, i could configure the smartDNS IP directly on FireTV as DNS-Server. But then, the stick cannot profit from Pihole.
Or server(s), yes. There is not option to specify an upstream DNS server by client.
If you want to use a different upstream DNS server for this device, you have a few options.
Make the desired smart-DNS-server the upstream DNS server for the Pi-hole, and the FireTV and all clients will use that server.
Add a second Pi-hole for the FireTV only, and have that Pi-hole use the desired upstream DNS server. A Pi-hole can run on any always on device at your home if that device can run a supported OS (e.g. Docker on a NAS, VM on an always-on computer, etc.).
Are there any plans to implement that feature?
I found some Postings under "Feature Request". Which one is the right one for that feature?
Because I found some Postings for Reature Request, there are many users with the same problem. You know, there are many users which use a Streaming Device like FireTV, Roku Box, waipu, apple tv, etc. Every user is a user with the problem of geo-blocking while streaming.
Commercial VPN-Provider are no solution because streaming-provider detect/block the IPs of them. Smart-DNS is the only chance to remove geo-blocking because the streaming data-transfer will happen between streaming-provider and customers ip.
I only have 1 rPi which runs 24/7
The other devices which run 24/7 (Router from AVM called "FritzBox", WiFi-Repeater, etc.) cannot be modified to run foreign software.
The newest FireTV Stick (4k max) would also be a device whichs runs 24/7, but it cannot be rooted)
using the smart-dns for all devices, that is what i do not want.
it's in the nature of a smart-dns that it does not support important things like DNSSEC, DNScrypt, DoT, etc.
How do I install a second instance on my rPI?
I think this is a difficult solution because
the normal setup do not support installing a second instance
the port-problem. I think it is not possible that both instances use port 53 on the same ip. I have never seen a client which was able to set a Port for DNS-Servers
DHCP will not be possible because DHCP of SoHo-Routers do not support DHCP-tags
Creating a virtual network-device on rPI (= second IP-Range --> Port 53 possible) will also not solve the problem because the SoHo-Components (Router, Repeater, etc.) do not support VLANs / different IPs on the same LAN-port
FritzBox routers come with support for a single, non-configurable VLAN, the guest network.
Local DNS is not configurable for that guest network, i.e. a FritzBox always distributes itself as DNS server for guest network clients.
So while home network clients in your current setup will use Pi-hole as local DNS server, your guest network clients will send DNS requests to your FB, and your FB will forward them to its configured upstream DNS servers.
The following configuration would thus be able to address your issue:
Enable your FritzBox guest network, configure your FritzBox to use your so-called smart-DNS server as upstream, and connect your Fire-TV client to your guest network.
Make sure that your FB correctly distributes Pi-hole's IP address as local DNS server, for IPv4 as well as for IPv6 (if applicable).
You are right what you wrote about the FritzBoxes.
But, you suppose that I have configured that PiHole to connect directly to an IP in the internet for an upstream-DNS, like provider, google, Quad9, etc., right?
In my current config, the upstream-DNS for Pihole is my router, the FritzBox.
You ask why? Because this is neccessary for using conditional Forwarding feature of PiHole. There are local hostnames which could only be reached by name if the names are registered at the FritzBox DNS (f. ex. the Repeater from AVM = Fritz.Repeater)
That's an idea to use the guest-network for separating Clients.
But this can only act as a makeshift.
And it has the additional disadvantage that the FireTV-Stick could not be reached from private network and the other way too (I am using Kodi on FireTV too --> play files from local NAS, Web-Access to kodi, etc.)
And there is still the problem I described that by this way, you can use the smart-dns not together with pihole-features (=block unwanted call home from FireTV to amazon, like metrics, etc.). you have to decide between smartdns and pihole-DNS.
In other words, if it would be ok for me to decide between pihole-usage and smartDNS (and the other devices shall not use the smartDNS), I could simply enter the smartDNS-IP in the FireTV-Stick, and have to do nothing else in my network config.
But the goal for me (and others, see Feature requests), is to have all, pihole + smartDNS for FireTV, all other devices pihole + normal upstream-DNS
I think, the only way is that the separation between smartDNS and normalDNS is made in pihole, right?
No, I didn't make any statements about your Pi-hole's configuration at all.
No again
No, Pi-hole's Conditional Forwarding doesn't require your router to be your Pi-hole's only upstream. You'd either use your router as upstream or configure CF. There is no additional benefit in using CF when your router already is your Pi-hole's sole upstream.
You aim to provide a specific DNS server for a specific device in your network.
In principal, DHCP would allow you to do exactly that.
Unfortunately, your router doesn't support configuration of device-specific DNS servers.
As I understand it, you are looking for ways to amend that lack of your router's capabilities by other means. My suggestion for using the guest network would be one such way.
The obvious solution would be to introduce a DHCP server that is capable of doing that.
That would be possible by employing Pi-hole's DHCP server and providing a respective custom dnsmasq configuration file.
ok, that's new for me. Of course I read the explanation of CF in pihole's setting page, but I though that the router has to be the upstream-server for CF.
Thanks for clarifiacation.
But you still have the problem that clients in private network cannot see clients guest network an of course reverse too.
yes, you recapitulated it correctly
absolutely correct. That is the question in this thread how to do this.
That is the feature request for pihole.
Internally FritzBox routers use dnsmasq i think. But it makes no sense to request a DHCP-tag feature from manufactor AVM because FritzBox is designed for homeusers with no feelings for IT, so AVM would never integrate such a feature in router's config pages.
Even if it's in German, the configuration file sample provided should allow you to work out a solution (might even have been a similar smart-DNS use case then).
EDIT:
And here's another thought:
If you were able to pinpoint the domains that your Fire-TV stick is using for geo-locating you, you could try to just redirect resolution for those domains to your smart-DNS.
Add your domains to a custom dnsmasq file (e.g. /etc/dnsmasq.d/42-smartdns.conf) line by line, e.g.:
server=/<somegeolocationdomain.com>/<smartdns ip address>
Substitute the bracketed parts with your real values.
If that would work, it would allow you to stick with your router's DHCP server.
The tedious part would be to get hold of the correct domains, of course.
