This is my setup:
Turris Omnia with TurrisOS 5.2.7 / OpenWrt 19 as main router, IP 192.168.0.1, DNS pointing to 192.168.0.9.
PiHole with IP 192.168.0.9.
The problem is that requests to resolve IPs into hostnames coming from the PiHole receive NXDOMAIN responses for all local devices.
I tried this on the OpenWrt router:
nslookup 192.168.0.99 127.0.0.1
and I get:
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find 99.0.168.192.in-addr.arpa: NXDOMAIN
Normal lookups DO work (IP address is returned, although I don't know what's up with the last "can't find" line and if it's normal):
nslookup sauron.lan 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: sauron.lan
Address 1: 192.168.0.99
*** Can't find sauron.lan: No answer
I expect to receive hostnames based on DHCP static leases.
Here are selections from my configs:
/etc/config/dhcp
config dnsmasq
option localise_queries '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option port '0'
option logqueries '1'
option domainneeded '1'
option rebind_protection '1'
option rebind_localhost '1'
option domain 'lan'
option local '/lan/'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '72h'
option force '1'
list dhcp_option '121,10.10.0.0/24,192.168.0.9,10.11.0.0/24,192.168.0.9'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option mac 'xx:xx:xx:xx:xx:xx'
option ip '192.168.0.99'
option name 'sauron'
option dns '1'
config domain
option name 'sauron'
option ip '192.168.0.99'
[...]
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option bridge_empty '1'
list ifname 'lan0'
list ifname 'lan1'
list ifname 'lan2'
list ifname 'lan3'
list ifname 'lan4'
option _turris_mode 'managed'
option ipaddr '192.168.0.1'
list dns '192.168.0.9'
option ipv6 '0'
option delegate '0'
config interface 'wan'
option ifname 'eth2'
option proto 'pppoe'
option password 'X'
option username 'Y'
option ipv6 '0'
config interface 'guest_turris'
option enabled '1'
option proto 'static'
option netmask '255.255.255.0'
option bridge_empty '1'
option ipaddr '192.168.10.1'
option type 'bridge'
config interface 'wan6'
option ifname '@wan'
option proto 'none'
option ipv6 '0'
config route
option interface 'lan'
option netmask '255.255.255.0'
option gateway '192.168.0.9'
option target '10.5.0.0'
config route
option interface 'lan'
option netmask '255.255.255.0'
option gateway '192.168.0.9'
option target '10.11.0.0'
/etc/config/resolver
config resolver 'common'
list interface '0.0.0.0'
list interface '::0'
option port '53'
option keyfile '/etc/root.keys'
option verbose '0'
option msg_buffer_size '4096'
option msg_cache_size '20M'
option net_ipv6 '1'
option net_ipv4 '1'
option prefered_resolver 'kresd'
option ignore_root_key '0'
option prefetch 'yes'
option static_domains '1'
option dynamic_domains '0'
option forward_upstream '0'
config resolver 'kresd'
option rundir '/tmp/kresd'
option log_stderr '1'
option log_stdout '1'
option forks '1'
option keep_cache '1'
config resolver 'unbound'
option outgoing_range '60'
option outgoing_num_tcp '1'
option incoming_num_tcp '1'
option msg_cache_slabs '1'
option num_queries_per_thread '30'
option rrset_cache_size '100K'
option rrset_cache_slabs '1'
option infra_cache_slabs '1'
option infra_cache_numhosts '200'
list access_control '0.0.0.0/0 allow'
list access_control '::0/0 allow'
option pidfile '/var/run/unbound.pid'
option root_hints '/etc/unbound/named.cache'
option target_fetch_policy '2 1 0 0 0'
option harden_short_bufsize 'yes'
option harden_large_queries 'yes'
option qname_minimisation 'yes'
option harden_below_nxdomain 'yes'
option key_cache_size '100k'
option key_cache_slabs '1'
option neg_cache_size '10k'
option prefetch_key 'yes'
config resolver 'unbound_remote_control'
option control_enable 'yes'
option control_use_cert 'no'
list control_interface '127.0.0.1'
/etc/dnsmasq.conf
[...]
dhcp-option=6,192.168.0.9
/etc/@resolv.conf
search lan
nameserver 127.0.0.1
/etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.0.99 sauron
[...]
As you can see from the configs above, I also tried adding entries in LuCi > Hostnames, and in /etc/hosts and "service dnsmasq restart", still no reverse DNS.
Note: although not relevant to the issue, just for full understanding, 10.10.0.0/24 and 10.11.0.0/24 are subnets of 2 VPNs that also reside on the PiHole, hence the reason I setup Static Routes in the router.