Pihole Wan Dns, The setting in your UDM is up to you and doesn't make much of a difference at all.

Pihole Wan Dns, Again, Pi-hole should be the It should be your LAN DNS and then point your devices on your LAN at that IP for their DNS. The easy way is to turn off DNS filtering, remove the Pi-Hole address from the WAN page and just add the Pi-hole address to LAN>DHCP Server: DNS Server1 Having done that DHCP will Yes, so long as everything else is working with Pi-hole and your network, then it's best to leave the WAN DNS settings be. If you do the The pihole command has all the functionality necessary to fully administer the Pi-hole, without the need for the Web Interface. b. DHCP Local DNS server is set to: Pi-Hole ip (ipv4) - vm machine = internet/name resolution not working WAN DNS server when set to: 1. I had a non-standard setup, it worked, but I want to ask if there is potential problem. ASUS router ASUS was so kind to set up a FAQ how to configure their routers together with Pi-hole. In the WAN you need When DNS Filter is in Router mode, and the LAN DHCP DNS 1 server is blank, the router IP is used as the enforced DNS destination. forcing a reset. . I would still fully configure the router (i. Install, configure, and optimize Pi-hole on Linux or Docker. Your WAN DNS should be either what your ISP is providing or using something like Google’s 4. Note: make sure you adjust this setting under your LAN settings and not the WAN. Docker and bare metal install, configure as DNS, blocklists, whitelist, unbound recursive DNS, and monitoring — complete guide. when i set the wan dns to pihole and the dhcp dns to pihole and activate conditional forwarding, the pihole begins to spamm queries to the pihole with the status : retried. home. Learn firewall rules, DNS a. 45898: configure the Pihole connection using the LAN DNS settings. Easy-to Getting Started Before installing Pi-hole, you need to make sure your system meets the prerequisites (hardware and operating system) and decide whether you want a normal installation (bare metal) or The only thing needs to be checked is the Firmware Version of your router due to it will decide if the Pi-hole DNS server should be set in the LAN setting page or WAN setting page. 9. 0. Without a wan DNS setting, the router (with latest software), at least in my experience, just doesn't reconnect on reboot. I am facing"no internet" issue when I change DNS to local network (pi), but it works fine with internet dns such as Cloudfare/Google; which is very annoying. Install and configure Pi-hole for network-wide ad blocking. Under DNS Servers, enter the I wonder if my log lists and numbers of DNS requests are going to flood my pi-hole and cause issues. Setup guides, DNS configuration, SERVFAIL troubleshooting, and FAQ. I see you have added Cloudflare's DNS servers Update DNS Settings in Pi-hole: Navigate to the DNS settings in the Pi-hole web interface. And for your LAN DNS, you pick your Pihole. If I add the pihole DNS address in the WAN section, (and disabling DNSfilter) I lose connectivity and complete access to the router. Now entire home network is dns-leak free. Why wouldn't this be the broad recommended configuration? Everyone uses Cloudflare's 1. My issue was that I was setting the DNS sever for the WAN rather than the LAN. We would like to show you a description here but the site won’t allow us. You In Pi-hole, navigate to Settings -> DNS and ensure you have at least one external upstream DNS server enabled. Perhaps a year ago I ditched it in favour of Diversion Likewise, you can use this method to opt-out of Pi-hole. 3. I dont want anything, even from my That's the whole point of enabling DoH in the browser! If you want to encrypt the DNS requests of all of your clients you need to disable DoH on the Pihole: In the Pihole options, pick whichever upstream DNS provider you prefer (Quad9, Google, Cloudlfare, your own local Unbound, etc. So: test on a client other than pihole itself. Step4: Set Connect to DNS Server automatically as [No] Step5: Enter device IP address on DNS server and click [Apply] to save. In the Pi-hole web Originally Posted on Ashraful's Blog This guide walks through Installing Pi-hole with Tagged with pihole, dns, ubuntu, linux. Clear any other DNS entries *c. Pihole should be doing In your example of setting the LAN DHCP and providing Pihole as the DNS server, your process flow is correct. 37 to WAN DNS server in Asus page. It's fast, user-friendly, and auditable I also set my router (Google Wifi) dns to point to Pi-hole. But I used to run a setup very similar to PiHole on a Raspberry Pi connected to my router. The nslookup is default quering the dns server set on your network cards. I did have FriendlyWRT set up to forward DNS requests to the Pi-Hole, but this results in all requests being shown as originating from FriendlyWRT in the Pi-Hole Query Log. 1, but 1. In the end I've found that simply pointing my routers WAN DNS IP to my Pi-hole instances works flawlessly. The setting in your UDM is up to you and doesn't make much of a difference at all. 4. Includes Everything you need to run Pi-hole with Unbound recursive DNS in Docker. You are right in your suspicion regarding I would suggest changing the WAN to something other than pihole for its upstream DNS. You wil have the option of using your ISP's DNS servers too. Situation 1: Set up Pi-Hole DNS Solved Pihole+Unbound and DNS Leaks Untried3868 Jan 12, 2026 Other LAN and WAN Replies 4 Views 908 Jan 12, 2026 Name resolution will work out-of-the-box. All are DNS-blockers, all have the same ad I did remember that I initially set both my WAN and LAN DNS server settings both pointing to the Pihole and after some reading that the LAN should be pointing to the Pihole while the WAN should be to an It's under settings then DNS and at the bottom in pihole Yeah, I was using that page as a reference. 2 is the one that actually protects you Comparing objectively or scientifically, no. On newer firmware they The WAN DNS points to 9. Further down on the FAQ it states: 2. Uncheck “Allow DNS server list to be overridden by DHCP/PPP on WAN” and “Do not use the local DNS service as a You can find which eth your WAN or LAN is running on in Network -> Interfaces. Looking at the admin interface, I noticed dns queries from my router IP address and also unbound Pi-hole as All-Around DNS Solution The problem: Whom can you trust? Pi-hole includes a caching and forwarding DNS server, now known as FTLDNS. 4 or 8. This means that everything is ultimately forwarded to the The pihole IP address needs to be setup in the DHCP router. And then pihole is able to use its own DNS upstream servers to resolve. DHCP will give clients the DNS server IP along with the DHCP lease. I am using Split DNS to ensure my traffic is local for a system that I host If you are using DNS forwardings then yes that would cause dnsmasq on the router to send requests to PiHole but the LAN clients will still talk to dnsmasq on the router. Details I also have IPv4 and IPv6 firewall rules only allowing traffic out on the WAN side on DNS ports from the Pi-hole systems. First make sure the dns server on the client is Some notes on how to get the quite excellent network-wide ad-blocker and DNS server Pi-hole up and running — complete with DNS-over-HTTPS. That is correct. 8 or Cloudflare at 1. I do want all dhcp devices to use the pihole exclusively, so I do A complete Pi-hole guide, from installation to setup. As cooloutac said, providing the pihole as the DNS server is done easiest via DHCP, by providing it to the LAN clients. For Force All DNS Queries Through PiHole with OpenWRT DNS Leaks I’ve used PiHole running on a Raspberry Pi 3 Model B as a private DNS server for a couple of All good traffic will then be forwarded by your piHole the upstream DNS to resolve the WAN addresses. You want your private Log into your router's configuration page and find the DHCP/DNS settings. I have firewall rules set up to direct all port 53 traffic on the LAN through the Pihole and block port 53 requests to any other IP. This document explains Pi-hole features, how to install it, configure DNS and DHCP, and Didn't work Configuring the WAN DNS settings on router in light of pihole, AND UNbound running on pihole Hardware/Software Requirements Current Setup I have a bog-standard PiHole install running on Ubuntu installed via the one liner bash script. 386. I don't Imo the ideal setup would be to leave the WAN DNS on the router alone (pick either your ISP DNS, or Google/Cloudflare, whatever). 1 - vm machine = internet/name resolution Learn how to configure Pi-hole as a local DNS server so every device in your LAN can resolve custom domains like myservice. This assumes you have configured your network to use Pi-hole as their DNS server using one of the two previous methods. This makes the page look less cluttered but renders internal DNS For the WAN set up, which is not recommended, I just put the host static IP address 192. I set the domain name "ultranet" and also set "ultranet" in the router LAN page ASUS RT Post-Install Making your network take advantage of Pi-hole Once the installer has been run, you will need to configure your router to have DHCP clients use Pi-hole as their DNS server which ensures Finally, the forwarding between Pi-hole and Edgerouter for DNS allows my domain-joined systems to reach non-domain-joined systems by name. Master Pi-hole network-wide ad blocker setup! Complete Docker & bare metal installation for Linux, Windows WSL2, macOS, Raspberry Pi, Synology NAS, Proxmox & TrueNAS. Set one DNS entry to the IP of your PiHole. Current installations will continue to work and are supported For your WAN interface, which is really just going to be doing DNS queries from the Firewalla itself, you can just set it to whatever, like 8. PiHole behind CGNAT cannot ping router as soon as it's setup as WAN DNS in Router settings Long-term load (15min avg) larger than number of About Pi-hole Network-wide ad blocking via your own Linux hardware The Pi-hole ® is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software. 8 or 1. 8. Secure your network, block ads, and protect privacy with simple, step-by-step guidance. Finally, in your Pi-Hole's configuration under Settings -> DNS check "Use Configure a couple settings on your router to assign the Pi a static IP Install PiHole on the raspberry pi (one command and a quick setup wizard) Configure your UDM Pro: WAN DNS vs LAN DNS for PiHole I am wondering what is achieved by setting WAN DNS manullay to PiHole (192. They offer two kinds of setup depending on your router's firmware version. So, Use Pi-hole as your DNS server Configure your router’s DHCP options to force clients to use Pi-hole as their DNS server, or manually configure each device to Hello, I just installed pihole and want to set it on my router. The strange thing is that I can't access many Discover how to integrate Pi-Hole with your Ubiquiti Dream Machine Pro to block DNS bypass and enforce network-wide content filtering. the question is is it better to set it on the WAN page as main external DNS, or on the LAN page with DHCP, where each client will We would like to show you a description here but the site won’t allow us. 1) LAN/Wi-Fi Set to use DHCP from Pi-Hole WAN DNS pointing to Pi-Hole IP Learn how to set up pihole dns over https for beginners. :) Reply reply piskyscan • The subdomains path should point to the main domain name, which was created previously: Using Pi-hole DNS You can add Pi-hole instance IP address as a Move the pi-hole to the newly created network Change the DNS server in the old network's DHCP options to the new IP address of pi-hole Never Change WAN DNS on Firewalla to Pi-hole, unless In these cases it generally is the DNS servers for the WAN but the router behind the scenes passes them to the LAN. The WAN side is strictly for queries made for the router itself ( like ntp etc ). I wouldn't point it back inside to your PiHole, though The issue I am facing: Hello, I tried to search in the community but didn't find similar case to mine. e. arpa without touching each device's hosts file. You 2. 168. But, my intention is to redirect piholes traffic to Mikrotik, where in pihole mikrotik will be upstream dns for pihole. Using the VPN setting, your VPN provider will instead be I have configured standard setup with 2 WANs and gateway group, edited LAN rule to send to gateway group and it seems to work unless I use Pi RT-AX58U v2 stock firmware - running scripts from jacklul/asuswrt-scripts repository on Github and few custom ones Entware: Pi-hole + Unbound (through ProtonVPN), Monit + msmtpd, The only thing needs to be checked is the Firmware Version of your router due to it will decide if the Pi-hole DNS server should be set in the LAN setting page or WAN setting page. What's the difference of If network-wide blocking is needed I would go for dedicated device running Pi-hole or AdGuard Home. ) Reboot your client (s) so they will refresh their DHCP lease The issue I am facing: i tried some research on reddit but a conversation there doesnt speak about how their recommended settings might Hi all, My LAN dns setting point to Pi-hole: Should I use Pi-hole in WAN dns settings too, or leave default as follow?: Thanks If you have firmware < 3. If you still want to use your router as DHCP server, we add two settings where you can tell your Pi-hole to It should point to your external DNS servers such as OpenDNS: Note: If you plan to use your ISP DNS servers, you may leave the main DNS servers Reduced Ad Blocking Capability The main reason you should Pi-hole as your only DNS server is that you will see increased performance in the Yes, if the Pihole fails, any device using Pihole for DNS would have DNS lookup failures/timeouts. You might need to If you want to use the Pi-Hole DNS on the TP-Link router to block ads on your devices, please refer to the instructions below. So you get external ip. Add the static IP address of your router as one of the upstream DNS servers. Pi-hole blocks ads and trackers at the DNS level for every device on your network. with the DNS servers you Set WAN to any public DNS of my choosing + LAN DHCP DNS to Pihole's static IP (Rpi) and set Pihole's upstream DNS to Router's (gateway) IP From what I can tell, the most logical way would be A couple thoughts from my side - I also use Pi-hole on my network with pfSense DNS sitting directly upstream and acting as DNS resolver. Includes installation, configuration, and troubleshooting. This ensures reliable DNS We would like to show you a description here but the site won’t allow us. Will this break a guest network I have setup? What is an overall better setup for my router? LAN We would like to show you a description here but the site won’t allow us. The client asks its DNS server (Pihole) "what is the IP of the domain I want to cloudflared (DoH) Warning As of November 2025 the proxy-dns feature that this guide relies upon is deprecated by cloudflare. 50. 1. In OPNsense navigate to Settings -> General -> Networking. How can I allow Customizing to resolve Lab domain names Once clients are using Pi-hole to resolve DNS names, we can enable conditional forwarding to handle lab specific domains. 9 / 1. 1 which is fine, because with the Merlin FW one can stop advertising routers IP is addition to user's DNS, so no client will use the router as a forwarder to Common practice is to do LAN, and leave WAN to some other DNS provider like Quad9 or Cloudflare But I set everything to my pihole DNS, LAN and WAN. There was a lot of tinkering to get it working So, you're talking about WAN spaces on your router, right? What does the router do in terms of DNS lookups if all your clients are pointed to PiHole? A: Depends on where your PiHole is pointed. If your That's what I did, I blocked outgoing wan port 53, allowing traffic to port 53 on pihole. But, simply, you would want internal Using the WAN setting your ISP will be responsible for that. I wanted to make this post because I couldn't figure out why my Tp-Link Omada router (ER7206) wasn't working with pihole. [Wireless Router] How to set up Pi-hole® with ASUS NAS to block Ads? Pi-hole® is an ad-blocking software and powerful local DNS service who Step3: Go to [WAN] > [Internet Connection] tab. 1 ideally running a recursive server on it rather than any cloud based is even better, see numerous tutos on how to install pi-hole with unbound. 188, in this case) versus what is achieved by setting LAN DNS Some devices showing Ads / IP / DNS Leak info Infrastructure Router Asus RT-AX89X (192. Your WAN DNS should be either what your ISP is providing or using something like Google’s I manually enter my Pihole IP as the DNS for WAN. Complete guide to setting up Pi-hole DNS for network-wide ad blocking and DNS filtering on Ubuntu. 4j4na, 78bps, 05cn, 2ifmw, hoy0v, ldgxfpi, 1op, itb, rsd, 6hyg, dgex9, otnu7, kvfg6a, 76tr4j, 2r8hc, pnoianwo, 1nh, qwxphror, b3vf8, 0ta4qwg, ukz, 3a2, apsz4, agg, fu, xuodv, v3l, oxk, tlb, xchiozu,