I have an asus router with a pi-hole on the network.
I was doing some work on my server and noticed that when pi-hole was down, I couldn’t access the internet. I was looking for some ideas online how to deal with this, but they said to have a second pihole on the network in case one is offline. Is that the only way to do it? Is there any way to have the network go back to normal if the pihole is offline?
I was doing some work on my server and noticed that when pi-hole was down, I couldn’t access the internet.
You’ve opted to take control over a critical piece of network infrastructure. This is to be expected.
There’s a reason DHCP provides for multiple DNS servers to be listed. Having redundant DNS servers is a common setup. So yes, multiple piholes if you want stability.
Just wanted to add onto your comment for clarity for others, the multiple servers are not redundancy so much as first come first serve, which is why your comment of multiple pi-holes is important.
If you were to list a pihole and say Google DNS as primary and secondary respectively, you may have some DNS queries responded to by Google. Negating the point of having a pi-hole or similar DNS service locally.
A secondary can be a docker container, another physical pi-hole (even a zero-w, which I personally don’t recommend being your only way to manage DNS, but is fine when you just need to do some maintenance on the primary).
Could have pihole running on your desktop as a backup
Not sure if this is common knowledge but Pi-hole can also run in a docker container, it doesn’t have to be a raspberry pi. I have it running on portainer on two different machine in my house. I’m a systems architect by trade so there no kill like overkill 😅
You might be a nerd when you have to schedule maintenance at your own house.
one a VM, the other a container, with different upstream targets. I have to schedule maintenance when everyone is asleep or out of the house. I’ll swear one day I’ll have a proper (raspberry pi) cluster with KVM, I just need to finish implementing the other million things I find when I research it.
I totally feel you. I’m in IT and design these incredibly robust systems. But I don’t have that budget for my house and they say “the cobbler’s children have no shoes."
I use Nextdns for this reason. DNS is critical for Wife Acceptance Factor
You mentioned you have an Asus router. Which one? Why not move to hosting your stuff on the router? https://www.snbforums.com/forums/asuswrt-merlin.42/ Sure it doesn’t completely solve the issue but in my experience it’s incredibly stable, and more so people expect to restart the router if the Internet isn’t working which simplifies things too. Also beneficial is that you can give different clients different DNS servers comfortably.
Specifically, check out https://diversion.ch/ for dns blocking but its capable of a lot more.
Unfortunately, I don’t think my router is compatible with Merlin.
Thank you, though, I appreciate the feedback.
I have Pihole in a Proxmox LXC Container that does just that. Just Pihole. It is set to automatically restart.
All for that Reason that you just named.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point DNS Domain Name Service/System HA Home Assistant automation software ~ High Availability IP Internet Protocol LXC Linux Containers PiHole Network-wide ad-blocker (DNS sinkhole)
6 acronyms in this thread; the most compressed thread commented on today has 15 acronyms.
[Thread #481 for this sub, first seen 4th Feb 2024, 14:35] [FAQ] [Full list] [Contact] [Source code]
Another trick is setting up a guest/secondary AP that don’t use pi-hole. When your pihole is down, just switch to the secondary AP. Most routers can setup multiple APs, though not all can setup different dns server for the other APs.
I have my pi-hole setup as the upstream DNS in my router, with cloudflare as a secondary DNS. That way, all my devices always use the router for DNS (since that’s what is advertised in my DHCP) and the router then uses pi-hole if it’s available, or cloudflare if it isn’t. But the individual device doesn’t get to choose between different servers.
On Mikrotik I have a script that runs every 30sec. If pi-hole not responding, router switches to public cloudflare dns records, otherwise to pi-hole IP.
This setup works like a charm.
P.S. I am using Blocky, but it’s almost the same as Pi-Hole.
That sounds cool. I’ve never messed with scripts on Mikrotik, but would it be possible to share what you have?
I’m guessing a relatively short DHCP lease time is also in play so devices can get the new DNS address? Or do you have Mikrotik set as the DNS server?
I’ve edited my comment. It contains my used script.
Thank you, I’ll bookmark it for later.
Seconding the request to share your work.
That is an amazing idea you’ve come up with that I never considered, but now I need it.
One option is just do a temporary change on your PC to different DNS servers while you work on the stuff.
Otherwise a second PiHole set as the secondary DNS in DHCP would keep things online.
Otherwise a second PiHole set as the secondary DNS in DHCP would keep things online.
No, that just creates time outs and delays when either of them is offline.
The proper way is to have a standby pihole that takes over the IP address of the main pihole when it goes down. It’s quite easy to achieve this with keepalived.
Thanks. Yeah, that is what I did during maintenance, but I’m trying to think what happens if I’m gone and my family has issues.
Does it work if you change your DNS server by editing
/etc/resolv.confand having it show exactly one name server likenameserver 9.9.9.9?
Ssh to pihole.
$ pihole restartdnsusually works for meUse something like AdGuard or NextDNS as your secondary resolverCheck out the comment by @AtariDump@lemmy.world
The ONLY DNS server you should have set on your network is a/the PiHole(s).
Damn, fuck Windows. Fortunately I don’t have to use it.
The ONLY DNS server you should have set on your network is a/the PiHole(s).
That’s exactly what I do, since I never had any stability issues with my Pihole.
It’s not just windows.
Primary and secondary dns is not a thing. There is no priority for DNS. Depending on the device it will use ether address and will only try the other on failure.
Windows calls them ‘preferred’ and ‘alternate’ DNS servers. That roughly translates to primary/secondary.
That’s why you usually have two piholes, or adguard homes
And can even synchronize them
Thanks, I see that is the common recommendation. I also have to think what to do if I’m away and the family has issues.
I appreciate the response.
That’s where having 2 also comes in handy. If one goes down it will still work as if nothing happenedy
You mean 2 piholes or adguard homes, right? That way if one goes down you can still use the other one.
Yes exactly.
ssh into your pi-hole if possible and try using commands systemctl status pihole-FTL Check the status, and if its disabled use the same command but with start instead of status. Also if this this your first time setup, double check that everything you did is correct, like the DNS setting on router, if the devices get the right DNS etc.
Sorry for the confusion, but everything was working fine, I just had to update the server my pi-hole docker container was hosted on and noticed that I lost access to the internet. It works beautifully when the container is up and running.
