I noticed I was cutting corners a bit too much in that example link.
Normally when a host isnt configured with static IP details, it receives that search/suffix domain during the DHCP lease negotiation eg:
$ sudo pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
[..]
domain-name: "home.dehakkelaar.nl"
dns-server: 10.0.0.2
router: 10.0.0.1
But when you configure static IP details, you'd have to configure it manually with nmtui.
If you did not make the DHCP service switch yet, you could run above one on your Pi to see what domain your router advertises.
And if you did not set static IP details on the Pi yet, you would also see that router advertised search/suffix domain in below file on the Pi:
$ cat /etc/resolv.conf
[..]
search home.dehakkelaar.nl
So if you configure the Pi to use 10.0.0.2 for DNS from above example, you should also configure the associated domain thats advertised by the router or Pi-hole.
Above home.dehakkelaar.nl domain is also configured on my router.
Most routers prevent local lookups with above domain from unintentionally being forwarded to the upstream configured DNS servers (the WAN/Internet DNS servers).
Pi-hole does the same when its configured to do DHCP for your LAN.
So you have three options now for what domain to configure in the Pi-hole DHCP server settings:
- Accept the default lan domain name;
- Configure the router advertised domain so in that aspect, nothing changes for your clients;
- Configure any from below list that are recomended for private use:
intranet
internal
private
corp
home
home.arpa
Of which the latter home.arpa is the most secure one as its harder to hijack bc that domain is already registered by ICANN for private use:
$ xargs -n 1 whois <<< 'intranet internal private corp home lan home.arpa'
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
No whois server is known for this kind of object.
[..]
domain: HOME.ARPA
[..]
contact: technical
name: Internet Assigned Numbers Authority (IANA)
organisation: Internet Corporation for Assigned Names and Numbers (ICANN)
[..]
remarks: This domain is administered as part of the .ARPA zone
remarks: management, described at https://iana.org/domains/arpa
DNS cant do without a FQDN (a dot somewhere in the domain to be looked up) bc of how DNS recursively traverses the DNS tree.
So if I do a lookup on one of my clients with only the short hostname eg:
C:\>nslookup hakpc
Server: pi.hole
Address: 10.0.0.2
Name: hakpc.home.dehakkelaar.nl
Address: 10.0.0.145
The client (not Pi-hole) automatically appends that search/suffix domain to the query as can be seen in the logs:
$ pihole tail
[..]
Jan 2 23:52:58: query[A] hakpc.home.dehakkelaar.nl from 10.0.0.125
Jan 2 23:52:58: DHCP hakpc.home.dehakkelaar.nl is 10.0.0.145
Pew, I think that covers most of it