DNS for ethernet and wifi on a pihole

resolve dns queries for eth0 and wlan0

November 13, 2023

pihole resolves DNS queries for multiple interfaces, e.g. ethernet (eth0) and wifi (wlan0).

Pihole network setup

A very simple setup could look as follows:

            router (`192.168.1.1`)
    __`wifi`_>__|__<_`wifi`__
   |                         |
 pihole                   laptops, mobile phones, raspberry pis, ...
   |                          |
   |____________<_____________|
     ethernet (`192.168.2.1`)

Note:

• Such a setup is not really useful at all - There are way better network infrastructures.
• However, reality hit me with a starlink router and no ethernet adapter, yet.

This means, as of now basically all the devices connect through wifi to the router (192.168.1.1). This is the internet connection. In addition, most of the devices also connect to the pihole via ethernet (192.168.2.1).

This way (ethernet), the devices query DNS entries with the pihole.

Unfortunately, there is one problem: Devices like mobile phones, that do not easily connect via ethernet, obviously connect through wifi and in my ideal world should also be using the pihole to resolve DNS queries.

But: Every device (IP address) from the router's IP address range (192.168.1.1) - connecting via wifi - is listed in the pihole as not using pihole.

pihole configuration - bind to ethernet

When installing pihole and using the FTL feature in order to use the pihole as DNS server, dnsmasq is installed automatically. dnsmasq comes with configuration files like /etc/dnsmasq.d/01-pihole.conf.

This file - in its original state - looks like this:

# A lot of auto-generated pihole comments at the top of the file...
# ...

addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list

localise-queries

no-resolv

log-queries
log-facility=/var/log/pihole/pihole.log

log-async
cache-size=10000
server=127.0.0.1#5335  # used with 'unbound'
domain-needed
expand-hosts
bogus-priv
interface=eth0

You might have noticed in the very last line, it binds to a certain interface, namely eth0 in my case.

• This works for the devices connected via ethernet (eth0) to the pihole, i.e. 192.168.2.1.
• DNS works flawlessly.

pihole configuration - other binds

I wanted to include wifi devices as well (connected via wlan0) and - after some trial and error - found it can be achieved by not binding the pihole to a specific interface, but instead allow static or dynamic binds.

The following only shows the relevant parts of /etc/dnsmasq.d/01-pihole.conf - Everything else is left out and has not been subject to change.

With a dynamic binds configuration you should know the names of the interfaces you do not want to answer DNS queries for, e.g. lo:

# interface=eth0  # original content
except-interface=lo
bind-dynamic

It is also possible to use static binds - Here you should know the names of the interfaces you want to answer DNS queries for, e.g. eth0 and wlan0. It could look like this:

interface=eth0  # original content
interface=wlan0
bind-interfaces

Caveats and issues

• Right now, I have the second configuration (static binds) running.
• Maybe there are other ways to achieve this and maybe the above approaches come with caveats I am not aware of. At least it does what I was looking for.
• Until today [2023-11-13] I have not tried updating or reconfiguring the pi.
• I guess, the above manual change will be lost.

Source: https://wiki.archlinux.org/title/dnsmasq