Hi,
after setting up Pi-hole as DNS + Adblocker I want to extend the functionality by LAN DNS to access local webservices, e.g. Dev-landscape for Nextcloud.
Therefore I followed these instructions created file /etc/pihole/lan.list with this content:
and created another dnsmasq config file with this command: echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf
and restarted DNS with pihole restartdns
However when I check this URL devklaud.mydomain.de I get the public IP and not the expected host IP 192.168.100.114.
root@ct101-pihole:/opt/dnscrypt-proxy# nslookup devklaud.mydomain.de
Server: 46.182.xxx.xxx
Address: 46.182.xxx.xxx#53
Non-authoritative answer:
Name: devklaud.mydomain.de
Address: 94.79.xxx.xxx
root@ct101-pihole:/opt/dnscrypt-proxy# ping devklaud.mydomain.de
PING devklaud.mydomain.de (94.79.xxx.xxx) 56(84) bytes of data.
64 bytes from mydomain.de (94.79.xxx.xxx): icmp_seq=1 ttl=64 time=0.409 ms
64 bytes from mydomain.de (94.79.xxx.xxx): icmp_seq=2 ttl=64 time=0.311 ms
64 bytes from mydomain.de (94.79.xxx.xxx): icmp_seq=3 ttl=64 time=0.310 ms
^C
--- devklaud.mydomain.de ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.310/0.343/0.409/0.048 ms
root@ct101-pihole:/opt/dnscrypt-proxy#
Pi-hole is running as DHCP, too.
This means Pi-hole server is listening on port 53 in my LAN.
Your proposal cannot be the solution for this issue.
I've continued investigation and found some information how dnsmasq is typically configured to resolve requests for LAN.
In my understanding this is controlled by this parameter: local=/example.com/
Our local domain, queries in these domains are answered from /etc/hosts or the static-hosts files.
I have added this parameter (and some others that are important in my opinion) in file /etc/dnsmasq.d/03-lan-dns.conf :
root@ct101-pihole:~# more /etc/dnsmasq.d/03-lan-dns.conf
expand-hosts
#domain=whl.mydomain.lan
local=/whl.mydomain.lan/
listen-address=127.0.0.1
listen-address=<pi-hole IP in LAN>
bind-interfaces
Based on this I conclude that this parameter is not working with embedded dnsmasq in FTL.
again: there is nothing wrong with your setup.
On a client make sure the one and only dns server set is your pihole and run an nslookup to your devklaud.whl.mydomain.lan
Your pihole is not set on the network interface to listen to itself, but it has the external dns servers. So if you run nslookup on your pi, wihout changing the server that quesry will always answer the external Ip, not the ip defined in the conf files.
A ping reads the host file first, so you get the answer you want. The nslookup is default quering the dns server set on your network cards. So you get external ip.
So: test on a client other than pihole itself.
First make sure the dns server on the client is set to pihole.
Flush the cash, remove and re-insert the network cable and test the nslookup on the clinet.