Hi All,
I've got a USG that is using my raspberryPi with Pihole client as it's DNS. Everything is working great but the only issue is the the piHole is seeing/logging all requests as USG and not the actual client that made the DNS request.
Is there any way to get the piHole to see the clients and not just the USG?
Thanks 
Sounds like you've configured your router to use Pi-hole as its upstream DNS server.
Consider distributing Pi-hole as local DNS server via DHCP instead, see also Making your network take advantage of Pi-hole.
I think I have done this now:
USG WAN - working as my upstream DNS
LAN - pointing to the piHole as DNS
piHole - pointing to the USG WAN as the upstream DNS
So now I do see individual clients which is nice, but only see their IPs and not names 
Pi-hole has to ask another DNS server for those names - it wouldn't know them for any IP address itself, including private addresses of local devices, unless those latter would have been registered through Pi-hole's DHCP server. In your case, your router is handling DHCP.
From your screenshot, it would seem that you have configured Pi-hole to use your router at 192.168.20.1 as upstream, so in theory, your router should provide the answer for local names.
For this to work, verify that Never forward reverse lookups for private IP ranges is unticked under Advanced DNS settings on Settings | DNS.
Seeing that you are using Ubiquiti routing equipment, this may still fail due to lack of appropriate DNS record creation on DHCP lease registration, i.e. your router cannot answer the corresponding DNS requests.
Some Ubiquiti models would be able to mitigate this by switching the on-device DHCP server to dnsmasq.
You'd have to consult with Ubiquiti support whether your router would support that and how to enable it.
In case that's not possible, you can still create Local DNS records for your IP addresses in Pi-hole.
Obviously, this will only be a viable option if your devices are assigned with a fixed IP address.
Thank you @Bucking_Horn that was helpful.
Well it looks like enabling conditional forwarding solved my issue, the Pi-Hole is getting full on client names 
I am just wondering if the rest the setup is correct, because now I am pointing my WAN DNS to 1.1.1.1 and using LAN to point to Pi-Hole for DNS. And then the Pi-Hole is using the WAN USG as Upstream DNS Server.
I wonder if just set USG WAN to use Pi-Hole as the DNS and tell Pi-Hole to use use conditional forwarding to the WAN USG. Then I can set the WAN back to auto compared to manual. Since I will be splitting my network into multiple VLANs and this would mean I would not need to have them all individually point to Pi-Hole.
Is my logic here reasonable or am I talking nonsense?
No, your initial issue was solved by distributing Pi-hole as local DNS server.
Seeing hostnames instead of IP addresses as clients is achieved by having Pi-hole ask the right DNS server for information on local clients.
Enabling CF to your router is one option to achieve that, but it would not be required in a configuration where Pi-hole is using the router server as its only upstream anyway, which is why I have deliberately not mentioned nor recommended it.
As your USG at 192.168.20.1 is handling DNS anyway, there is no need to configure CF as long as that stays the case.
That would bring you right back to square one.
CF won't do anything for you if it is only your router that is sending DNS requests towards Pi-hole.
Hi john24ssj2, are you manually configuring each client's DNS config to point to the Pi-hole? I thought I had I set up an identical config to you, but I am definitely missing something.
What ended up being your final config?
Re-read the thread. Got it all working, thank you.
@Bucking_Horn ok I tried the method with Conditional forwarding disabled and sorry you were right I did have Never forward reverse lookups for private IP ranges ticked
So my USG WAN is pointing to 1.1.1.1 for it's upstream DNS, my LAN networks are pointing to Pi-Hole and the Pi-Hole is using the USG router as it's upstream DNS.
The hostname doe appear to be working now but I get an odd insure message now for every connection:
What's happening here?
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.
