> Am 20.10.2018 um 23:50 schrieb David Kerr <da...@kerr.net>: > > So, been thinking this through. I didn't realize that primary and secondary > DNS could in fact be both used in parallel. I had assumed that secondary > would be used only if primary failed. If I had a dedicated DNS server for > pi-hole this might be okay (raspberry pi on my network maybe?) but I have it > running in a VM which is running on Astlinux and it is also my UniFi > Controller. I am trying to cover the possibility of that VM not being > running, even if for just a few minutes during a reboot. When Astlinux > reboots the VM image also restarts but maybe delayed by a minute or two as it > goes through its boot. So DNS will take longer to come back up. > > I think two choices. I can change DHCP to push out the IP address of pi-hole > VM. Or I can put some iptables rules in place to reroute DNS requests that > come in to Astlinux (using NAT rules, needs both DNAT and SNAT rules). The > benefit of iptables rules is that I could apply it to entire network (even > statically assigned clients) if I want and I can quickly revert the entire > network to using Astlinux directly for DNS if I need to. But it is a more > complex solution than just pushing out a DNS server address. > > Pondering over this. Any thoughts? > > David
Hi David, I am running a real Raspi 3 Model B+ with Pi hole, and my AstLinux router does DHCP and upstream DNS. All DHCP devices get only the Pi as DNS server, which does Ad-blocking and then forwards the requests to the AstLinux router (with the config described in my former email). The Raspi is always on. > On Fri, Oct 19, 2018 at 5:33 PM Lonnie Abelbeck <li...@lonnie.abelbeck.com> > wrote: > Ahhh, pi-hole .... > > Keep in mind that depending on the DNS client, given two DNS server IP's they > can be queried in parallel and not just failover as primary/secondary would > imply. > > Can you configure AstLinux to use the pi-hole IP as the system's static DNS > server ? or is there a startup chicken/egg issue ? > > Network -> DNS: ____ > > Lonnie > > > > > On Oct 19, 2018, at 4:13 PM, David Kerr <da...@kerr.net> wrote: > > > > I'll try dnsmasq.static. As to why... I have installed pi-hole > > (https://pi-hole.net/) on a VM and want to point clients at it as primary > > DNS, astlinux as secondary in case it fails. I configured pi-hole to use > > my astlinux as its primary DNS so all queries will ultimately go through > > astlinux, after pi-hole has done its thing to filter out the unwanted. No > > idea if I will keep this but thought I would give it a try and see if the > > family notices or if anything breaks. > > > > David > > > > On Fri, Oct 19, 2018 at 4:54 PM Lonnie Abelbeck <li...@lonnie.abelbeck.com> > > wrote: > > > > > > > On Oct 19, 2018, at 3:44 PM, David Kerr <da...@kerr.net> wrote: > > > > > > I'm probably just overlooking it, but is there a way for me to define the > > > DNS servers that get pushed to clients in DHCP responses? Say I wanted > > > to push out 192.168.1.2 instead (or as well as) 192.168.1.1, how would I > > > do that? > > > > No trivial way. Possibly you could override the > > "dhcp-option=lan,option:dns-server,.." value using /mnt/kd/dnsmasq.static . > > > > Which begs the question, Why ? :-) > > > > Lonnie Michael http://www.mksolutions.info _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
