Hi guys,
I'm new on OpenWrt, I was able following online tutorial here to setup my router and connect to internet through my fiber ONTm but now I'm stuck on setup of PiHole
On my previous router (not OpenWrt) I set:
the DNS server to PiHole IP
PiHole upstream DNS to cloudflare
and everything worked fine, each device in my network successfully pass throug the PiHole filters
Now I tried to follow some guides and posts here but I still cannot access to any website.
I tried:
disable 'Use DNS servers advertised by peer' on WAN and LAN
set the PiHole IP in WAN > Custom DNS
set the PiHole IP in LAN > Custom DNS
set the PiHole IP in Network > DHCP > DNS forwardings
but nothing...
In the PiHole query logs when I set the IP in WAN seems that I can see the requests (eg. www.openwrt.org) but:
the results from OpenWrt device (and not from my PC for example)
seems like the DNS response sent back from PiHole to router but not passed by the router to my PC
Shouldn't touch the WAN DNS IPs, in reality only the clients need to get the piholes DNS IP, ideally via DHCP.
So you mean in the WAN I should keep the ISP DNS because clients will use the DNS advertised by the DHCP? Or should I set Custom DNS (eg. 1.1.1.1) there too?
I want to be 100% sure to avoid using my ISP DNS due to they are very slow sometimes
Ah yeah! U're great!
I was just searching for that in the mean time, 'cause I remember I did this on my previous router firewall to force clients to use PiHole.
Thanks a lot
Are you sure about that? I have mine set-up this way, and when I force a device to use a foreign DNS, pihole records the attempt as originating from the device, not from the router.
Very much sure about it.
If you only do a DNAT, then Pihole will receive the packet with original source IP of lan host and will reply directly to it. Lan host will complain about receiving the reply from a different server than the one it queried with unexpected results. For that a SNAT is also applied to change the source IP of the dns query to the one of the router.
There are a couple of workarounds. First to assign the Pihole in a different interface, so SNAT is no longer needed and the Pihole will still reply via the router, so the original destination IP is restored. Second is to use edns.
There's something weird with my Home Assistant instance on a RPi4:
when I try to install an update it says "host has no connection" , so seems like it does cannot get any response from DNS server?
On my PC I can browse on any site without problem and on connection info it says
DNS Server IPv4 192.168.1.100 (the PiHole one)
Sorry I don't understand what u mean....
The router is configured to use DHCP, so both my PC and HomeAssistant have no static IP defined on device-level. I performed a static-lease definition on OpenWrt DHCP.
Searching in Home Assistant network page seems it correctly get the DHCP advertised DNS, but then seems like it cannot use or receive a bad response and then raise 'no internet on host' error
seems my fault, I found a firewall rule (probably added while I'm testing) that blocks some requests on 53. I removed it and leave only the port forwarding to redirect and now seems working
I have another issue (I try to explain here but if is too offtopic I'll open another thread)
On the same Pi where I installed PiHole, I also installed Wireguard to connect to my LAN (long story short: pihole provide a out-of-the-box settings for wireguard so I choose to install on same device).
With the old router I opened the port and everything worked correctly
Now, I added a Port Forward rule on OpenWrt and I can connect to wireguard (eg. from my smartphone using LTE network instead of WiFi) but I can only access to the device where pihole+wireguard are installed.
Any other device of the lan is not reachable and I cannot browse websites too.