[SOLVED] 2 custom dns server in my openwrt not work well [HELP] [SOLVED]

hi pals, i just finished installing my pihole with ubound in an instance on my proxmox server and connect it to my raspi openwrt´s router for all my network, also install gravity sync to synchronize all my black and white lists, domains, dns ´s, clients and other data with a 2nd instance of pihole also with unbound in another instance of my proxmox server, so that when for some reason the main pihole crashes or stops working; the secondary pihole works automatically and thus prevents my network from 'running out of internet'.

the problem I am having is that when testing, despite having added the secondary pihole to my raspi openwrt router, when I turn off the main pihole, the openwrt does not take the secondary pihole as the dns server so 'there is no internet throughout my network.

I don't think the problem is in any of the pihole's, but probably in the configuration in my openwrt.

Could someone help me figure out where I'm doing it wrong?

I leave a screenshot of: the main pihole configuration, the secondary pihole configuration and the openwrt configuration as well as others

pihole´s proxmox instances
main pihole
secundary pihole

pihole´s
main pihole
secundary pihole

pihole´s stats
main pihole
secundary pihole

pihole config´s
main pihole
secundary pihole

openwrt config: DHCP and DNS > General Settings > DNS Forwardings

openwrt config: Interfaces > WAN 1 > Edit > advanced settings > Used DNS server advertised by peer and Use custom DNS server

(note: something strange happens here, the fisrt time when i put the pihole ip x.x.x.39 at the beginning and the secundary pihole x.x.x.42, the network took the ip x.x.x.42 as the main dns server and the x.x.x.39 as the secundary)

openwrt config: Iterfaces > LAN > Edit > DHCP server > Advanced settings > DHCP options

windows config and ipconfig /all

I hope that someone who knows or who has experienced this before can help me and at the same time this thread can help others who may experience the same thing since I have searched for it on the net and I have not found anything similar, thanks

When dnsmasq itself forwards request to the pihole then why advertise the raspi as dhcp option 6? Maybe because most clients use only 2 dns adresses (primary / secondary) the third you mentioned in LAN advanced settings is not appearing.

Also goto dhcp/dns setting -> Advanced and tick on all servers. This way both pihole will be used all the time and one failing wont create a difference.

good question... i dont know, my friend config my router raspi openwt for the fisrt time, long time ago when even didnt have my new pihole server... i dont know if i just have to delete that old entry as got my new dns server... please tell me if i should delete it without problem

ok maybe that confirms that I should delete the first old entry pointing to the raspi without any problem leaving only the 2 new ones from pihole

do uo mean should i mark all this?

in dhcp/dns > advance settings?

And are you sure 6, is supposed to be used on the pihole, not just the IP?

The fail over works, I have the same setup myself, but the two piholes are running in the cloud, over internet.

Obviously the DHCP DNS info doesn't come from any of those piholes, but a local DHCP.

There is an option "All Servers" tick that.
DO NOT TICK EVERY OPTION.

yeha sorry already readit well, I had already marked everything :man_facepalming: but i returned it to the original state marking only "all servers"

To avoid confusion, I eliminated the 2 DHCP/DNS IPs that initially had 8.8.8.8/1.1.1.1 and that when I changed it to the pihole ones, changes were never seen, so I think they do not work but I had left them, so now I eliminated them to avoid confusion

now i have the interface>lan>edit>dchp server>advence setting like this and now it getting the two dns servers

when i get each ip in a in a new line seem that isnt working, y que por alguna razon agarra the x.x.x.42 ip :man_shrugging:

but when i getting both in a single line it worked 6,10.172.1.39,10.172.1.42 i don't know why

1 Like

well... the truth is I don't know why it has that 6 at the beginning and not only the IP, before having the pihole servers it was pointing to the same raspberry and it is like 6,10.172.1.1
now just delete the ip of the raspy and place the 2 of the pihole with that 6 at the beginning as they told me to do... I don't know what that 6 means but it seems to work that way...

Anyway I will try without the 6 and I will post the results too

If it works it works.
dhcp option 6 is used to advertise dns server to client devices.

you're right... I just put the pihole ip without the 6 and I lost the total connection of the network, even nobody was connecting to the wifi anymore, my pc is wired and I had to enter all the ips and dns manually to enter the router and place the ips with the number 6 at the beginning...

it means if it works, it works don't touch it!

Ok, so pihole need the 6 too, I was wrong.
It was just a thought.

hehe nevermind it had to be tried and it has already been tried

I am seeing that apparently the DNS server that is being used the most (I don't understand why) is the secondary server

main pihole

secundary pihole

there is an option y DHCP/DNS> advence setting> strict order; that i gonna to apply to use it thinking that maybe I could help and make openwrt only use the ip of the main dns server and that the secondary dns server is used only when for some reason the main one is not there or it have connection problems...

if there is a better way to achieve this please tell me

Which DNS is used, is a client decision, if you want to force them to use the other DNS, temp disable the one currently receiving the requests.

The clients will fall back eventually, but it takes a while.

aaa ok, does that mean that openwrt doesn't have a way to 'force' all clients on a network to use a specific dns order? and that each client will use the dns from the list that openwrt has but to the decision of each of the clients on which one to use?
ok... that's a real shame...

however even though my dns order is not acting as i would like, it is working on the network; so i think this thread could be considered as resolved... later or another day i will try to be able to use my local dns but in the street and I think that for that i should use a vpn like wireguard but that will be another day

Thanks for the help and I hope this thread helps other people.

Sure, only specify one DNS :slight_smile:

Or, if you tell the clients to use the router as the DNS, then use the router as the device controlling what the requests should be sent.

That's exactly why I put mine in the cloud, I can use them in my clients, while beeing on the road, and not expose my systems to internet.

The cloud hosts are free for life, so it was a easy decision.

mmm i got mi vps with my wireguard to go out to internet because i got cgnat in my isp... probably i could make a pihole instance there to have my dns too.. good idea thanks

Used to run VPSes too, grabbed the cheapest ones at lowendbox or lowendtalk, for $10/yr, but the cloud hosts are a lot more stable, and run recent Linuxes, not something old, like the VPSes.

What cloud solution do you use?

cheaper that $10/yr? tell me where can i get that because currently i have the smallest linode with 1gb ram 1core and 25gbdisk and i pay 5$ monthly, it is super stable and it was the cheapest i find, but if there are any cheaper one its better hehe

Oracles free for life could hosts.
You get two free virtual servers per email address.

That was a couple of years ago, I'm sure prices have increased since then,
but at the time, they were posted on those two sites I mentioned earlier.

EDIT
Had a quick look
Cheapest I could find was $12/yr
$1.25/mo doesn't seem to be very uncommon

wow im gonna to look for them, firstly I will look for the oracle free for live, that sounds much better, and I only need it for a wireguard vpn that allows my instances and web servers to have access to the internet due to the cgnat of my isp got them on me
thanks for the information