[Solved] Can't set specific DNS sever to DHCP clients

I'm trying to setup Pi-Hole with LEDE in my home network. After some search on the forum/google I've tried a lot of things with no luck and I'm very frustrated.

As far I could understand, one of the best options is to set DNS server to clients via dnsmasq using dhcp-option but none of my DHCP clients seems to asign that DNS server.

My actual dhcp configuration looks like:

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option expandhosts '1'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'
    option localservice '1'
    option nonwildcard '0'
    option local '/local/'
    option domain 'local'

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    list dhcp_option '6,192.168.1.145'
    list dhcp_option '6,192.168.1.1'


config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config host
        option name 'raspberrypi2'
        option ip '192.168.1.3'
        option mac 'xx:xx:xx:xx:xx:xx'

After restart dnsmasq service I coud see this config file is loaded:

# auto-generated config file from /etc/config/dhcp
conf-file=/etc/dnsmasq.conf
dhcp-authoritative
domain-needed
localise-queries
read-ethers
bogus-priv
expand-hosts
local-service
domain=local
server=/local/
dhcp-leasefile=/tmp/dhcp.leases
resolv-file=/tmp/resolv.conf.auto
stop-dns-rebind
rebind-localhost-ok
dhcp-broadcast=tag:needs-broadcast
addn-hosts=/tmp/hosts
conf-dir=/tmp/dnsmasq.d
user=dnsmasq
group=dnsmasq

dhcp-host=xx:xx:xx:xx:xx:xx,192.168.1.3,raspberrypi2

dhcp-range=lan,192.168.1.100,192.168.1.249,255.255.255.0,12h
dhcp-option=lan,6,192.168.1.145
dhcp-option=lan,6,192.168.1.1
no-dhcp-interface=pppoe-wan

But when I issue dig command in a dhcp client I'm getting:

# dig google.es

; <<>> DiG 9.11.2 <<>> google.es
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20298
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.es.                     IN      A

;; ANSWER SECTION:
google.es.              299     IN      A       216.58.201.131

;; Query time: 51 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Tue Oct 03 12:43:16 CEST 2017
;; MSG SIZE  rcvd: 54

What I'm doing wrong ?

Regards.

Is the "RaspberryPi2" your Pi-hole? If so, why are you setting your DNS server to 192.168.1.145 if the Pi-hole is at 192.168.1.3? Also, did you confirm that you don't have local DNS overrides on your individual clients?

No need to use the Pi-Hole as your DHCP server, just use it as your DNS server. In the LuCI GUI, under Network - Interfaces - LAN - DHCP-Options set "6,192.168.1.145".

To see if your Pi-hole is working, do some surfing then go to http://[Pi-hole hostname or IP]/admin and you should see that some queries have been blocked. I usually have around 4% of my DNS queries Pi-holed.

No, raspberrypi2 is not the pi-hole. Pi-hole is in another raspberrypi which is 192.168.1.145.

As you comment, take a look at the configuration, I have configured those DHCP-Options:

list dhcp_option '6,192.168.1.145'
list dhcp_option '6,192.168.1.1'

I'm not surprised, I have 5 RPi's myself :slight_smile: -- but just wanted to make sure it wasn't something simple. Have you looked at the Pi-hole admin to see if queries are being blocked? Those that aren't blocked are going to be passed to the public DNS servers you've specified when you setup the Pi-hole, so I'm not sure that your "dig" test is valid.

dig will let you to perform a DNS query, so is supposed that it will recieve an answer of the first DNS server asigned via dhcp (expecting in my case 192.168.1.145)

Maybe could be any kind of problem with dhcp clients... :face_with_raised_eyebrow:

I see what you're saying. I actually use a Cradlepoint router for my personal, everyday router and I just have my Pi-hole IP entered as a static DNS server. My clients have the router IP as the DNS server. Your clients should be getting the Pi-hole DNS directly with 6, 192.168.1.145. Have you tried setting "Use custom DNS servers" under Interfaces - Network - LAN and eliminating the DHCP-Options setting?

Here's my Cradlepoint setup:

1-2017-10-03-08-53-11-393

Here's where I'm talking about in LEDE:

88-2017-10-03-08-15-11-144

Finally it seems that dnsmasq is doing his job:

imagen

At least my iPad is getting DNS server as expected.

:face_with_raised_eyebrow:

Maybe you need to flush DNS on your other devices?

Now, everything is working ok. It seems that every device needed to flush their DNS.