my purpose is to add an guest wifi on my openwrt setup where the clients using my pihole.
The current setup are two openwrt devices (tp-link ac1750 & re450) which are configured as dump APs.
My tp-link ac1750 has two wired connections attached.
Pihole (192.168.2.3) acts as dns & dhcp on the main network.
lan zone = main network (192.168.2.0/24)
guest zone = guest network (192.168.5.0/24)
I followed serveral tutorials (2nd ssid, firewall rules for dhcp and dns) with semi-success to expand the wifi setup.
On the guest ssid (192.168.5.0/24) the devices are served by the built-in dhcp server with pihole (192.168.2.3) but browsing the web doenst work.
I cant wrap my head around what i am missing in my configuration to make it.
Any help is appreciated
Thanks in advance
Is your PiHole part of the guest network? Is it listening on that IP range?
Easiest is to make your PiHole listen on that guest network. Alternative would be to start forwarding DNS traffic between both networks. Sounds like you haven't done either.
no the pihole is listening on the main network 192.168.2.0 with its ip 192.168.2.3
for my purpose additional created a "guest" zone with traffic rules on wifi device 1-1 (second ssid on the radio0).
Its giving out ip addresses with piholes as dns server.
Thats where i cant get my head around the setup or configuration - in my understanding DNS traffic from guest zone to lan zone must be routed?
Or am i missing a device configuration? the guest wifi tutorials always talk about "bridging" the guest interface, but i dont have the option. I guess because my LAN device is already bridged.
The guest network tutorial does not cover you operating a DNS server outside that network (and rightfully so; it's quite a complex setup as you are finding out).
So yes, traffic needs to be routed. I worked around that by having my DNS server just listen in on all the networks here at home.
$ ip a s|egrep "0.0.7|0.20.7|0.30.7"
inet 10.0.0.7/24 brd 10.0.0.255 scope global eth0
inet 10.0.30.7/24 brd 10.0.30.255 scope global dnsfilter
inet 10.0.20.7/24 brd 10.0.20.255 scope global guest
okay, thanks for your advice.
i will try your hint and get more adresses assigned to my pihole eth0.