Selfhosted

44289 readers

539 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

How do you host your DNS sinkhole/resolver? (sh.itjust.works)

submitted 4 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]

47 comments fedilink hide all child comments

Currently have nice long docker compose file that hosts my PiHole V6 container (along with a bunch of other containers) however, reason i ask this question is because whenever I go to pull an updated image and recreate the container I experience about 20 minutes of no DNS resolution which to my knowledge is due to the NTP clock being out of sync.

What’s the best way to host a DNS sinkhole/resolver that can mitigate this issue?

Was thinking of utilizing Proxmox & LXC but I suspect I’ll get the same experience.

~~Update: Turns out PiHole doesn’t support two instances, I got both of them on separate devices also set the 2nd DNS server in my routers WAN & LAN DNS settings which did in fact split DNS between both instances however, I lost access to my routers web-ui, my Traefik instance & reverse proxies died and I lost all internet access.~~

~~So, don’t do what I did.~~

Update 2: So everything I said in my first update let’s disregard that, turns out I had my router forcing all DNS to PiHole server 1 which caused my issues mentioned above.

Two servers appears to work!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 13 points 4 days ago (17 children)

If you run a single DNS server, you will always have downtime when it's restarted.

The only way to mitigate that, is to run 2 DNS servers.

I setup my network to use pihole as the first DNS and the router as the second, most of the time pihole is used. Unless it's down

[–] [email protected] 9 points 4 days ago (3 children)

How do you set up clients so they will always use the first one? I thought if a client knows 2 servers they will switch between them.

I plan to add a second Pihole at some point and keep them synced

[–] [email protected] 1 points 4 days ago (1 children)

When it comes to a “secondary”DNS... [there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.](https://discourse.pi-hole.net/t/primary-vs-secondary-dns/1536/2)

[Most operating systems implement DNS servers as alternatives, not as fallbacks, i.e. they will query any of both servers from time to time, so it is quite likely that you will loose your Pi-hole filtering capabilities (at least partially) [if you specify a secondary DNS server on your network].](https://discourse.pi-hole.net/t/secondary-dns-server-for-dhcp/1874)

The **ONLY** DNS server you should have set on your network is a/the PiHole(s).

[–] [email protected] 3 points 3 days ago (1 children)

That's what I thought. Btw, your formatting seems to be broken.

[–] [email protected] 2 points 3 days ago

Thanks for that; the formatting is broken.

I’ll try and figure out how to fix it (it was formatted for the “site that shall not be named”)

[–] [email protected] 3 points 4 days ago (1 children)

Are you using pihole to also create custom local DNS records?

[–] [email protected] 2 points 4 days ago

Yes, mostly just the hostnames

[–] [email protected] 9 points 4 days ago (1 children)

Yeah, you can't. There is no guarantee that clients will use dns servers in any particular order.

[–] [email protected] 1 points 3 days ago (1 children)

Not that it particularly matters for just queries. The problem is that DHCP can only be enabled on one host. If that one fails then devices can't get on to the network themselves. I'd like to know a good way to have a failover DHCP server - my janky cronjob isn't great.

[–] [email protected] 2 points 2 days ago (1 children)

You can just run two DHCP servers. Give them non-overlapping ranges or give them the same MAC to IP mapping.

[–] [email protected] 2 points 2 days ago (1 children)

How do the DNS servers resolve local hostnames then? The pihole DHCP integration adds local hostnames to DNS when they are assigned an address. If there's two DHCP servers handing out leases, presumable only one would be accepted, how then would the DNS servers sync those names?

I think I had my secondary pihole resolve local names from the primary, and leases were copied over on a cronjob in case the secondary DHCP server had to be enabled.

[–] [email protected] 2 points 2 days ago* (last edited 2 days ago)

Use the second option of a static MAC to IP map and add the relevant records to each pihole’s local DNS.

load more comments (13 replies)