I have been using Pi-hole for ad-blocking for a number of years and have ended up with a setup that I think is sub-optimal and looking for advice on whether I should rework things.
I purely use Pi-hole for DNS and not for any DHCP. My network has now evolved to look like this
where I have a few VLANs.
Before I had any VLANs I just ran Pi-hole on a MacVlan docker network giving it an IP on my network, I handed out that address on DHCP and all was fine. When I introduced VLANs I didn't really think and replicated this with Pi-hole now on my main VLAN and then I created a rule to allow the other VLANs access for DNS.
The things grew a bit and I ended up with a Docker bridge network running several services on two of the VLANs and in order to simplify things I also added the existing Pi-hole container to this network to allow some of the services to do local DNS lookups.
DHCP is all handled by the router and I have also used that as the source of most local DNS. Pi-hole is configured for conditional forwarding for a local subnet/domain to the router. The one thing that the router (still) cannot do is CNAMEs so I do have some aliases configured in Pi-Hole.
Just coming back and looking at this with fresh eyes and it seems a bit of a mess.....
I started wondering where Pi-Hole should actually be sitting. I started thinking that I should actually just hand out the router as DNS server via point that at Pi-Hole. This however would mean no DNS if Pi-Hole was down and also I think I would loose the host names in the Pi-hole dashboard / logs as conditional forwarding would end up becoming circular.
I then started thinking that I should run one Pi-Hole instance per VLAN. This is simple but I would loose an overall view of DNS. I would also have multiple instances to maintain and update which could get out of sync.
Then I am back to where I started and thinking about just adding another interface to the existing Pi-hole instance on the other VLANs but that seems kind of messy.
Just looking for advice on what the best place is for Pi-hole and whether I have missed any options that would make this simpler.