Work around Android's sneaky DHCP behaviour

Ben_Ward · November 17, 2021, 1:17pm

So, an Android phone was still getting IP addresses for blacklisted domains after using pi-hole for DNS, even though my other devices weren't.

Looked at the network connection status and sneaky old Google had added 8.8.8.8 to the DNS servers list, so the DNS servers looked like [192.168.8.4, 8.8.8.8]

I added a second IP address to my DNS server's interface, then changed my dhcp server to push out both those IP addresses. (note that I have samba running an AD server which uses my pihole as the upstream, so I have more control over the dns and the dhcp than pihole gives you normally)

The DNS servers then looked like [192.168.8.4, 192.168.8.5] without google's DNS appended.

I'm guessing that Google currently only add a second DNS when 'redundancy' isn't already provided in your network.

I'd like to see pihole come with an option to enable a second IP address. I use it to block inappropriate content that isn't family friendly so that my family can browse safely so not happy with device vendors actively working around parental controls.

yubiuser · November 17, 2021, 2:06pm

There is an open PR, but currently on hold (@deHakkelaar)

https://github.com/pi-hole/pi-hole/pull/3846

jfb · November 17, 2021, 3:33pm

Pi-hole would only be able to do this if it is the DHCP server.

The workaround for now if you are using Pi-hole as DHCP server is to add a second DNS server assignment in a new dnsmasq configuration file.

low_rider · July 9, 2022, 6:45am

Woek around Android's inability to allow you to change DNS while on cellular, f droid and download rethinkDNS.

No root required.

Go look at the network log and scroll to the top, the list continues to grow to keep scrolling back upward to see all the constant entries.

Click on one and block the app a d also the io of that exact connection.