Setting up Pi-Hole on a Virgin Vincent modem-router

I need some help understanding how to set up pi-hole using a Vincent modem/router (from Virgin Internet). I'm pretty new to all of this; not afraid of a command line, etc., but don't assume I know much.

I'm attempting to follow these instructions, using Option 1 (Define Pi-hole's IP address as the only DNS entry in the router).

I can't seem to find corresponding screens in the router that do this, however.

Here are the Advanced options in the router:

The closest correspondences seem to be Advanced > Networking > DHCP:

I tried resetting the Router IP address to the reserved address for the Pi, which was a disaster, and I wound up having to factor-reset the router and set up the house again.

Under Modem > DNS, there is a way to manually configure the DNS information, but I only have the pi-hole's IP address, not a secondary address or name. All three are required for me to save changes on this screen.

Should I set up the Pi as the first DNS address, with 8.8.8.8 as a fallback on the latter screen -- if yes, what should that name be?

Leave the "Under Modem > DNS" setting on factory defaults.
You're lacking a Advanced > Networking > DHCP > DNS server(s) setting for a proper setup.
But it seems you can disable the DHCP server with that ON/OFF switch.

Are you running Pi-hole bare metal and not in a VM or Docker container?
If so, have a look at below FAQ on how you can let Pi-hole take over that part:

Make sure the Pi-hole host is configured with a true static IP before making the switch!

If it runs in Docker, you need additional instructions and possible also if running in a VM depending networking topology.

Thanks!

The pi-hole Pi has a reserved IP address set by the modem/router. Should I be doing something on the Pi itself to secure that internal IP address?

I'm running the Pi OS (Bookworm), and installed pi-hole via the Terminal under that OS. It's not running in Docker or any sort of a virtual machine.

Before I do this -- I'm assuming if things don't go well, I can always turn DHCP back on in the Vincent modem/router? I know when I tried changing the router address it required a factory reset and a lot of work to get things back; I just want to be sure I'm clear on the "undo" steps before trying this.

Yes.
A DHCP reservation from the router wont work anymore once you've disabled the router DHCP service (the source of the reservation).
You need to configure the Pi with a true static IP for it to be able to function as a DHCP server for your LAN.
For Pi-OS Bookworm you can use the nmtui tool for that (Network Manager Text User Interface):

sudo nmtui

Example below:

Yes you flip on the router DHCP service again.

Thanks again. The thread with your screenshot is now closed, so I'll ask a couple of questions here:

  • The DNS address is your router's address, and the router has the DNS options set there, yes?
  • What is the purpose of the search address? It seems to be configured to your personal website, and I'm not sure what information should go in there (or if I can leave it blank). I don't fully understand the home.arpa note -- is that a good option if I'm located in Canada / North America?
1 Like

I noticed I was cutting corners a bit too much in that example link.

Normally when a host isnt configured with static IP details, it receives that search/suffix domain during the DHCP lease negotiation eg:

$ sudo pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
[..]
   domain-name: "home.dehakkelaar.nl"
   dns-server: 10.0.0.2
   router: 10.0.0.1

But when you configure static IP details, you'd have to configure it manually with nmtui.

If you did not make the DHCP service switch yet, you could run above one on your Pi to see what domain your router advertises.
And if you did not set static IP details on the Pi yet, you would also see that router advertised search/suffix domain in below file on the Pi:

$ cat /etc/resolv.conf
[..]
search home.dehakkelaar.nl

So if you configure the Pi to use 10.0.0.2 for DNS from above example, you should also configure the associated domain thats advertised by the router or Pi-hole.
Above home.dehakkelaar.nl domain is also configured on my router.

Most routers prevent local lookups with above domain from unintentionally being forwarded to the upstream configured DNS servers (the WAN/Internet DNS servers).
Pi-hole does the same when its configured to do DHCP for your LAN.

So you have three options now for what domain to configure in the Pi-hole DHCP server settings:

  1. Accept the default lan domain name;
  2. Configure the router advertised domain so in that aspect, nothing changes for your clients;
  3. Configure any from below list that are recomended for private use:
    intranet
    internal
    private
    corp
    home
    home.arpa

Of which the latter home.arpa is the most secure one as its harder to hijack bc that domain is already registered by ICANN for private use:

$ xargs -n 1 whois <<< 'intranet internal private corp home lan home.arpa'
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
[..]
domain:       HOME.ARPA
[..]
contact:      technical
name:         Internet Assigned Numbers Authority (IANA)
organisation: Internet Corporation for Assigned Names and Numbers (ICANN)
[..]
remarks:      This domain is administered as part of the .ARPA zone
remarks:      management, described at https://iana.org/domains/arpa

DNS cant do without a FQDN (a dot somewhere in the domain to be looked up) bc of how DNS recursively traverses the DNS tree.
So if I do a lookup on one of my clients with only the short hostname eg:

C:\>nslookup hakpc
Server:  pi.hole
Address:  10.0.0.2

Name:    hakpc.home.dehakkelaar.nl
Address:  10.0.0.145

The client (not Pi-hole) automatically appends that search/suffix domain to the query as can be seen in the logs:

$ pihole tail
[..]
Jan  2 23:52:58: query[A] hakpc.home.dehakkelaar.nl from 10.0.0.125
Jan  2 23:52:58: DHCP hakpc.home.dehakkelaar.nl is 10.0.0.145

Pew, I think that covers most of it :wink:

I think I'm getting it -- this is very helpful, thank you so much. I'm reading carefully and will try to implement tomorrow after a good night of sleep and a solid amount of coffee. :slight_smile:

I have a Synology server at home, which I map from Windows as a networked drive using its static IP. The IP for the Synology is configured on the box itself, so I assume it'll stay the same regardless of where DHCP resides.

If I want to reserve other IP addresses on my home network for specific devices, I guess I'd also be doing that on the Pi going forward via Pi-Hole as a DHCP server -- nmtui establishes the static IP, then Pi-Hole takes over as the DHCP server going forward?

1 Like

Correct.

When switching, I recommend to activate the Pi-hole DHCP service first before disabling the one on the router.
This bc some routers can drop the network connection when changing settings causing all the clients to try to get a DHCP lease while no DHCP service is active yet.
Just make sure that in the end only one DHCP server is active on your LAN!
Can check with that: sudo pihole-FTL dhcp-discover

Made the switch this morning, and the Internet still works over both the ethernet and wifi devices, so that's looking good!

The one thing that I can't figure out from this tutorial (How do I use Pi-hole's built in DHCP server (and why would I want to)?) is once I've set up pi-hole as the DHCP server, how to route all DNS requests through it. I'm a bit leery of breaking something, so I'm not trying to experiment too much, but I've tried this:

...to see if I can force all traffic through the static pi-hole IP address (192.168.2.19), but that just gives me this notification:

...and I can't see anywhere on the DHCP page itself to set the DNS address.

EDIT: I've also tried setting the upstream DNS address to be the router's IP:

...with the same results. I'm also surprised not to see any DHCP leases on the Pi-Hole Settings > DHCP page:

...I've reconfirmed that the router DHCP is off, so Pi-Hole's DHCP should be creating leases now, right?

Hang on, it may just be impatience. Three hours later, I'm starting to see a wee bit of traffic on pi-hole, and the DHCP list is slowly populating. It might just take a long time for the connected devices in the house to switch over.

The DHCP server will wait for requests coming from each device. Devices will request a new lease depending on the lease time previously configured.

If you want all devices using the new DHCP server, you need to force a DHCP renew in each device. For devices on wifi, usually disconnecting and reconnecting the network will trigger a renew.

1 Like

Yeah as already mentioned above, the clients would need to get a new DHCP lease from Pi-hole for the changes to take affect.
You could wait out until their current leases from the router expire which is usually 12 or 24 hours.
Or if impatient, power cycle router, switches and Wifi AP's.
As soon as your clients detect network is restored, they will request a new DHCP lease from Pi-hole.

I can wait! I've seen a few devices switching over already.

Thanks for the help and your patience, deHakkelaar!

1 Like