Why should Pi-hole be my only DNS server?

Reduced Ad Blocking Capability

The main reason you should Pi-hole as your only DNS server is that you will see increased performance in the blocking of ads.

If you have two DNS servers (Pi-hole and something else), your network clients may not always query Pi-hole for name resolution. If a query happens to be answered from a non-Pi-hole DNS server, your block lists will not apply (since that DNS server doesn't know about them).

All Queries Need To Go Through Pi-hole First

Since other DNS servers (like Google's public ones) don't know about your block lists, they cannot block the advertisements. Pi-hole allows you to set upstream servers for legitimate queries, but if they don't pass through Pi-hole to begin with, the domains queried may not get blocked.

What About Redundancy?

If you have Pi-hole as your only DNS server and it fails, your network will stop working and you (technically) wouldn't be able to browse the Web. So many people set a secondary DNS server in a fashion similar to the screenshot below.

However, the problem with this--as stated earlier--is that your network devices may use either one of the servers to get their queries answered.

It's Not Much Of A Problem

Many existing home networks use their router as their DNS server--their only DNS server. So if your router fails, you'll also lose access to the Internet. So the difference between using just Pi-hole or just your router's DNS server is negligible.

Using A Secondary Pi-hole

If you were concerned about redundancy, you could always set up a secondary Pi-hole and use it as an upstream server for the first.

2 Likes

Curious...re: using a secondary pi-hole, what is the advantage (if any) of configuring the 2nd pi-hole upstream vs. running them in parallel. I've configured mine in parallel and tested by taking one of them offline, seems to work as expected. Is it better to configure one of them upstream? If so, why?

3 Likes

I'd like to see the pros and cons too!

Running the devices in a parallel fashion is probably the preferred method. If you have each Pi-hole set to the same upstream and each Pi-hole is set on the client then if either device goes down, the other will still serve DNS traffic.

Using the stacked configuration you still have a single point of failure, if the serving Pi-hole device goes down then your DNS would be affected. If the upstream Pi-hole goes down then, again, you would have problems. If the clients are set to use just a single Pi-hole as the resolver then you still have a single point of failure. You can use the stacked configuration as long as the clients have both IP addresses set as resolvers.

Where the stacked configuration comes in to play is if you are running DHCP. Since you can only have a single authoritative DHCP server, you wouldn't want the parallel Pi-holes both acting as the DHCP server for the network.

6 Likes

I understand that Pi-hole should be my only DNS server in my home network. Using Pi-hole's DHCP server makes that possible for me. However, when I am elsewhere, I don't what to use any DNS server but specify which one's to use. @DL6ER suggested using a VPN connection on, for example, Android. However, my local VPN on Android is already the NetGuard.me firewall. I therefore cannot easily add another VPN connection. Although somehow this should be possible via SOCKS5 but I don't know how. I therefore wonder how I can use PI-hole's DNS server at home and some specified DNS servers on the road without having to change my DNS settings manually all the time. Any ideas what I can do about this?

On my secondary (failover) Pi-hole should I also add the Custom 1 (IPv4) but this time to the primary Pi-hole that is also the DHCP server? Or just from the main to the secondary?

In that scenario, if Pi-hole 1 (DHCP server) fails, queries to Pi-hole 2 will fail as it's upstream server is down (unless you have another upstream server set).

It's kind of confusing...

Thanks. Then unless is my router running as a DHCP server the two pi-hole setup is kind of useless?

thats the reason why i still haven't decided to use the phole on my network.
what if the pihole fails / not reachable for which reason ever?
i cant tell my fritzbox, which is working as a dhcp, to distribute a second dns server address additionally to the pihole address.

which makes it useless for me, since too risky, if the pihole server fails.

or doesnt it make sense distributing a second dns address (from the fritzbox) to the clients, because it wouldnt block all content that would have been blocked by the pihole?

Pihole won't failed. I've been running over 3 months without a reboot. It's very stable!

For those with a Mikrotik routerOS router, you can use the /tool netwatch feature https://wiki.mikrotik.com/wiki/Manual:Tools/Netwatch for unattended failover monitoring. Eg: if the pi-hole host is offline, run a command to change dns settings.

1 Like

I had my pihole go down and every time it does while on TV watching YouTube it kicks me out of DNS.

I already figured out to set up a secondary pihole and use the main pihole as it's DNS.

I have one Raspi 3b that for some reason the network keeps disconnecting within 5 minutes of re-plugging the network cable.

Secondary DNS server is crucial!

Oops I just gravedug a thread. Sorry everyone :slight_smile:

It's Not Much Of A Problem
Many existing home networks use their router as their DNS server--their only DNS server. So if your router fails, you'll also lose access to the Internet. So the difference between using just Pi-hole or just your router's DNS server is negligible.

Well, you see, in most parts of the world (including where I'm from), power cuts are quite common. We have UPS (small battery banks) just for routers. So, the router is always powered and never goes down.

But a pi, on the other hand, is powered directly through the mains supply. So, if electricity is disconnected, the router is on, but the pi is disconnected! Not ideal.