One option is just do a temporary change on your PC to different DNS servers while you work on the stuff.
Otherwise a second PiHole set as the secondary DNS in DHCP would keep things online.
this post was submitted on 04 Feb 2024
44 points (97.8% liked)
Selfhosted
46672 readers
627 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Thanks. Yeah, that is what I did during maintenance, but I'm trying to think what happens if I'm gone and my family has issues.
Not sure if this is common knowledge but Pi-hole can also run in a docker container, it doesn’t have to be a raspberry pi. I have it running on portainer on two different machine in my house. I’m a systems architect by trade so there no kill like overkill 😅
You might be a nerd when you have to schedule maintenance at your own house.
one a VM, the other a container, with different upstream targets. I have to schedule maintenance when everyone is asleep or out of the house. I'll swear one day I'll have a proper (raspberry pi) cluster with KVM, I just need to finish implementing the other million things I find when I research it.
I totally feel you. I’m in IT and design these incredibly robust systems. But I don’t have that budget for my house and they say “the cobbler's children have no shoes."
Another trick is setting up a guest/secondary AP that don't use pi-hole. When your pihole is down, just switch to the secondary AP. Most routers can setup multiple APs, though not all can setup different dns server for the other APs.
Thanks, that might work. I'll check into it.
I have my pi-hole setup as the upstream DNS in my router, with cloudflare as a secondary DNS. That way, all my devices always use the router for DNS (since that's what is advertised in my DHCP) and the router then uses pi-hole if it's available, or cloudflare if it isn't. But the individual device doesn't get to choose between different servers.
When it comes to a “secondary”DNS... there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
~~Use something like AdGuard or NextDNS as your secondary resolver~~
Check out the comment by @AtariDump@lemmy.world
When it comes to a “secondary”DNS... there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
Damn, fuck Windows. Fortunately I don't have to use it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
That's exactly what I do, since I never had any stability issues with my Pihole.
It’s not just windows.
Primary and secondary dns is not a thing. There is no priority for DNS. Depending on the device it will use ether address and will only try the other on failure.
Windows calls them 'preferred' and 'alternate' DNS servers. That roughly translates to primary/secondary.
Yeah, that's how they are named, my experience showed that the devices used whichever of the two they wanted.
It does not.
I use Nextdns for this reason. DNS is critical for Wife Acceptance Factor
You mentioned you have an Asus router. Which one? Why not move to hosting your stuff on the router? https://www.snbforums.com/forums/asuswrt-merlin.42/ Sure it doesn't completely solve the issue but in my experience it's incredibly stable, and more so people expect to restart the router if the Internet isn't working which simplifies things too. Also beneficial is that you can give different clients different DNS servers comfortably.
Specifically, check out https://diversion.ch/ for dns blocking but its capable of a lot more.
Unfortunately, I don't think my router is compatible with Merlin.
Thank you, though, I appreciate the feedback.
Add another DNS server (1.1.1.1, for instance) to your DHCP options. Your DHCP clients will use 1.1.1.1 when the pi-hole isn’t responsive.
I don’t think this accomplishes what he wants. The router DHCP will assign the second DNS address as you mention, but the devices will select one at random, not as a backup/failover. So what happens is that devices sometimes go through the Pi-hole and sometimes go through the secondary DNS address and receive ads. The only real way I’m aware of is to have a second pi-hole for redundancy. Personally, I decided to use a cloud based service (NextDNS) for this exact reason. I didn’t want my families internet to rely on devices that I host.
I think it depends. In my limited experience, because I have not tested this thoroughly, most systems pick the first DNS adresses and only send requests to the second if first doesn't respond.
This has lead at least a couple of times to extremely long timeouts making me think the system is unresponsive, especially with things like kerberos ssh login and such.
I personally set up my DHCP to provide pihole as primary, and my off site IPA master as secondary (so I still have internal split brain DNS working in case the entire VM host goes down).
Now I kinda want to test if that offsite DNS gets any requests in normal use. Maybe would explain some ad leaks on twitch.tv (likely twitch just using the same hosts for video and ads, but who knows).
Edit: If that is indeed the case, I'm not looking forward to maintaining another pihole offsite. Ehhh.
It is entirely the case.
DNS queries will go to all on the list, and use whatever responds first.
If you are seeing occasional ad leaks, this is why.
When it comes to a “secondary”DNS... there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
load more comments
(3 replies)
Yeah this is the next best option, but a secondary pihole is the best, so you still get the dns blocking while the first one is down.
You listed cloudflare now (1.1.1.1) but I prefer https://www.quad9.net/ for the privacy and security.
When it comes to a “secondary”DNS... there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
Didn't know that, thanks for clarification!
Then I suggest two piholes. :)
Wait, but then you cant tell if your device will use pihole even if its up. Afaik primary/secondary dns is not used in that order. I think best way is to set up 2nd pihole
Does it really do that? I thought if pi-hole blocks it, it just says nothing here, normally a pc then looks up your secondary dns and then ads are back at it.
This was my experience when i did that.
Yes, your experience will be different if your DNS is being provided by another kind of DNS resolver. If you want a consistent pi-hole experience (and you can’t avoid downtime of your current pi-hole), add another pi-hole to your network and let that be your secondary DNS resolver.
When it comes to a “secondary”DNS... there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
load more comments
(1 replies)
ssh into your pi-hole if possible and try using commands systemctl status pihole-FTL Check the status, and if its disabled use the same command but with start instead of status. Also if this this your first time setup, double check that everything you did is correct, like the DNS setting on router, if the devices get the right DNS etc.
Sorry for the confusion, but everything was working fine, I just had to update the server my pi-hole docker container was hosted on and noticed that I lost access to the internet. It works beautifully when the container is up and running.
I have Pihole in a Proxmox LXC Container that does just that. Just Pihole. It is set to automatically restart.
All for that Reason that you just named.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| AP | WiFi Access Point |
| DNS | Domain Name Service/System |
| HA | Home Assistant automation software |
| ~ | High Availability |
| IP | Internet Protocol |
| LXC | Linux Containers |
| PiHole | Network-wide ad-blocker (DNS sinkhole) |
6 acronyms in this thread; the most compressed thread commented on today has 3 acronyms.
[Thread #481 for this sub, first seen 4th Feb 2024, 14:35] [FAQ] [Full list] [Contact] [Source code]
Does it work if you change your DNS server by editing /etc/resolv.conf and having it show exactly one name server like
nameserver 9.9.9.9
?
view more: next ›