AdGuard w. Unbound - showing only 1 client (router)

Hey team! I’m not really sure if this is a DietPi issue or AdGuard one, or something else I did wrong :thinking: In my clients list on AdGuard console, I only see my router listed there. I’m running Unbound and have directed the router to use the Pi host as DNS (something I’ve never done before) and looking in the clients list only the router is there, is this expected?

I was running Pi-Hole before (but no Unbound) and then I could see all the clients (around 7) on my network which was utilizing pihole blocking. It’s not really a big issue, just slightly annoying as I want to know which device most blocks are coming from.

I’ve confirmed that all my devices are successfully blocking, I just don’t see them in the clients list. Are there any suggestions on this? It’s the first time I’m using AdGuard, so just exploring some alternatives to pihole :slight_smile:

Thanks!

This is how it looks in the Clients (runtime)

Well it is a behaviour on how you setup your environment.

I guess your clients use your Router as local DNS server. Correct? And your router is going to ask AGH? Therefore your router is seems as client on AGH as the Router is the one asking. To see all clients on AGH, you would need to review your DHCP server settings. And check what DNS server is used inside DHCP configuration. Not sure what router you use and who is DHCP server. Some router allow to adjust DHCP Server settings and assign your one DNS server inside DHCP configuration.

Heya! Yeah this all makes sense, but what I don’t understand is why it works with pi-hole and not AGH, as the setup is basically exactly the same (except that I use my local DNS now).

My Router (192.168.42.1) is set to use the DNS server which is the Pi (192.168.42.150) running AGH & Unbound. And the DHCP is all happening on the router side assigning all the clients the IPs.

Some router allow to adjust DHCP Server settings and assign your one DNS server inside DHCP configuration.

Ahh you know what! I think this is what I did different this time around as well. I assigned the DNS on the WAN config on the router and not the LAN (under DHCP settings). Is this what’s causing AGH to only show the routers IP?

LAN:

WAN:

Running Asus router: RT-AX68U

Yes basically you would need to fill the DNS server value on your DHCP server configuration. At the moment it is empty. Means all clients use your Router. Simply add there AGH IP and restart your clients. Now they should get AGH assigned as DNS and should show up on AGH interface.

Well this was indeed embarrassing :slight_smile: Feels so logical to do it on the LAN section than the WAN. Thanks for helping out mate :slight_smile: All clients are there now

This is very clearly specified in the manual too, my bad.

The one thing I don’t really get from https://dietpi.com/docs/software/dns_servers/#adguard-home in option 2: Option 2 - Setup your router to use the AdGuard Home DNS server

Is the part after: On your AdGuard Home device, you will need to set a different DNS server.
I checked my settings and the Static DNS in dietpi-config 8 1 was set to the router for some reason (same IP as the gateway).
So as per the guide I’ve now changed it to Cloud9 dns, but what does this change in general? Is it if my local Unbound DNS fails, the clients on my network will still be able to access internet as they would fallback on this DNS?

small misunderstanding. The setting in dietpi-config has nothing to do with Unbound, AGH or how your clients resolve DNS request. This setting is applicable for your device only and has no effect to other clients on your network. As well it is not a fallback DNS server. The aim of this setting is to ensure proper DNS resolution for your DietPi device themselves. Means if Unbound or AGH are failing, you are still able to resolve DNS request on DietPi to fix thinks or to perform a reinstall.

The docs are indeed a bit unclear, actually there should be there options:

  1. Setup AGH as static DNS on each client
  2. Setup AGH as upstream DNS for the router, hence clients keep asking the router and the router forwards to AGH: In this case AGH must not have the router as upstream, else you have a DNS loop.
  3. Setup AGH as DHCP DNS, so all DHCP clients ask AGH directly: In this case AGH could use the router as upstream DNS, benefiting from its DNS cache, while the router in case uses another upstream DNS as configured or provided by ISP. The router must then not use AGH as upstream DNS to prevent a DNS loop.

The DNS loop issue of course does not apply when AGH strictly users Unbound as upstream DNS.