PiHole - Forced DNS redirect using OpenWrt will log most of the clients as 'openwrt' instead of the real client name

Hi guys,
when I set up openwrt I set as DNS my PiHole server and, due to some devices ignoring the DNS advice sent by router, I read some articles to setup forced DNS redirection to the PiHole server:


Redirection seems working but in PiHole I have a lot of entries with name 'openwrt' as client name instead of the real one, probably due to the request come from the router after redirection.

Is it possible to keep the real client name? Am I doing something wrong in the setup?
Any help is apreciated :slight_smile:

You're not doing anything wrong. The logs with OpenWrt are either initiated from OpenWrt or hijacked from OpenWrt. This happens because of the SNAT rule that replaces the source IP of the packet from that of the host into that of the OpenWrt. If you don't do that, the reply will come directly from Pihole source IP, which will be noticed by the DNS client of the sender.
Possible solution is to move Pihole to separate network, where SNAT is no longer needed.

I have mine setup like this but am getting hostnames resolving fine. Do you have a reverse server setup? Pihole>settings>DNS:

My router which handles DNS is and my subsets are defined in the local network. Not sure if this is helpful for your setup.

This isn't a Pi-hole forum but there seems to be some confusion where you are seeing OpenWrt as the client name:
You are seeing that in Pi-hole's dashboard near the bottom in the client list box, correct?

Have you enabled conditional forwarding in Pi-hole's settings/DNS.
Read the read-me and if that does not fix your issue you should ask in the Pi-hole forum.

:spiral_notepad: Prima facia it looks like your LOCAL NETWORK IN CIDR NOTATION [] is wrong and should be Sorry, I was looking at @darksky's config.

The issue are the devices and apps ignoring the DNS IPs you provide, have you got any of those ?

I haven't seen that. I am advertising pihole's IP as the DNS:

config dhcp 'lan'
  option interface 'lan'
  option start '100'
  option limit '150'
  option leasetime '12h'
  option dhcpv4 'server'
  list dhcp_option '6,'
(repeated for each interface)

And using a firewall redirect to force it:

config redirect
  option target 'DNAT'
  option name 'Intercept-DNS'
  option src 'lan'
  option src_dport '53'
  option dest_ip ''
  option dest 'lxc'
  option dest_port '53'
(repeated for each interface)

What part ?

The request, or their origin ?

I don’t understand what you’re asking

Sorry if I was not clear enought while explain the issue. In addiction I asked on openwrt forum due to I performed the "force-dns setup" in my openwrt router using the tutorials I linked in the first post.

I try to explain better the issue:
my router:
pihole DNS server:
In openwt i set the pihole IP as DNS server to broadcast in DHCP.
I used the firewall redirect in openwrt to force some devices, those ignoring the DNS server broadcasted by DHCP, to use PiHole (basically any request on port 53 with IP different from the pihole's one will be redirected to pihole)

On pihole dashboard I see some devices with their real name (probably those ones that using DNS server from DHCP), but most of request are identified as "openwrt.lan".

I though that, due to firewall redirection, the original device name who made the request is overwritten/changed in some way and the final DSN request to pihole appear as generated by the router instead of the device.
So I asked if there's any misconfiguration on my openwrt firewall to change to keep the original device name :slight_smile:

AFAIK the reply you got from @trendy was correct.

Why would you presume that?
I, specifically, told you why you are seeing this.

So, now, I'm going to, officially, ask you to move to the Pi-hole community; since:
A) this has nothing to do with OpenWrt.
B) You are wasting your time here asking OpenWrt to solve a Pi-hole configuration that is , literally, explained in Settings/DNS portal page.

These are reverse DNS lookups that Pihole asks OpenWrt to resolve the name of the device which made a query. And since OpenWrt is hijacking the queries that don't go towards Pihole, its name appears as originator of the query, as I explained already, but no one (but @frollic ) seems to notice.

1 Like

I did !


Right! I fixed it!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.