SOLVED: DD-WRT - DNS issue

Installed PiHole on a raspi with a TP-Link router and changed DNS entry for DHCP client. Everything worked fine and I got the top client statistics.

Now I 'upgraded' the router to a Netgear R6700 with DD-WRT 3.0 since I also need a VPN client on the router. DD-WRT is using DNSMasq for DNS and DHCP.

As a result, I only get statistics (in the top client section) for one client... the router.

I can't figure out a configuration where I am getting the stats for all top clients like before.

Here the settings of the Pi-Hole: Dropbox - PiHole_settings.PNG - Simplify your life

Here my settings in DD-WRT: Dropbox - dd-wrt_settings_general.PNG - Simplify your life

Any pointers?

Thanks

Matt

From the screencap of your router config, it looks like you have the router WAN DNS server set to the Pi-hole. This means that any query will show the routers IP as the client. I would remove the DNS entry for the DNS server in the Router IP section and then in the DHCP Server section only set the first entry to the Pi-hole address. Having second and third DNS entries that are not Pi-hole will cause ads to leak through via those DNS servers.

Once you have made those changes, you'll have to get the clients to request new leases with the proper single DNS server and then clear out any DNS caches they may have built up.

Thanks Dan, I changed router according to your suggestions. Rebooted router, rebooted PiHole and tested on a windows machine after 'ipconfig /release; ipconfig /flusdns; ipconfig renew'... nothing changed in the 'Top Client' section.

New router config: Dropbox - dd-wrt_settings_general-1.PNG - Simplify your life

PiHole stats: Dropbox - File Deleted

Any other ideas?

On the Windows box, what is the output from ipconfig /all. We're looking to see what the IP address is for the DNS server and to see if IPv6 is enabled on the Windows box.

DNS is still the router (10.66.77.254)....
Screenshot: Dropbox - File Deleted

Does the router have any kind of setup that may be called DNS Rebind? This is a security feature that will prevent the use of a DNS server IP address that is in the same local network as the client. Other than that I would do a ipconfig release and then make sure it's released everything with an ipconfig all and finally grab a new lease with the renew command.

Disable Dnsmasq for DNS on the router. That might cause it to internally forward all client DNS requests.

@DanSchaper: dd-wrt indeed has a DNS rebind setting. Enabling/disabling this setting did not solve my issue.

@Mcat12: Disabling DNSMasq on the router solved the issue at the expense of no longer have name resolution for the LAN.

I guess I have to live with that.

Thanks for your help.

When you use your Pi-hole as your DHCP server, you will get local name resolution back

Hm, can it also do 'static leases'?

Yes, after you enabled the DHCP server, you will be presented a table of DHCP leases. You can move current leases to static and/or add new static leases manually.

OK... found it, thanks for pointing this out.

I have converted all of my static leases (from my DD-WRT enabled router) over to the pihole's DHCP. I have flushed the dns cache on my windows pc but am still unable to resolve any of my host machines by name. When I try to ping them, I see my pihole's query log showing a domain query for "the machine name i just ping'd".local with an OK(cached) status.

What am I missing to make the hostnames actually resolve locally?

Hello,
I modified the / etc / hosts in the Pi-hole, but unfortunately without success.
Router is running with current DD-WRT.
What do I have to adjust where please?