Hey, this is my first time posting, so please forgive me if I’m doing this wrong.
I have installed DietPi on my x86 machine, which has built-in WiFi and an Ethernet port.
I need help with the following, if anyone has any time to answer these Q… I have a feeling they are very simple… but I am also simple, so please do not laugh:
a) I have managed to configure AdGuard to append “.lan” to every machine, but I haven’t been able to achieve this with Pi-hole. Can someone provide guidance on how to configure Pi-hole to append “.lan” to machine names? (And can this .lan be anything I like? like .wan even? Anything which isn’t a real TDL, right?)
b) I want both AdGuard and Pi-hole to act as DHCP servers that add “.lan” to machine names, keep records of the leases, and use those records for DNS resolution. How can I ensure that when I type “mylaptop.lan” in a web browser or ping it, it resolves locally (if it has a web sevrver etc.) using the DHCP lease records?
c) I’ve heard that using “lan.arpa” as the domain might help with local resolution. Is this the only way?
d) As an aside, I have a handful of actual .com domains. How would I set up local resolution with these domains while ensuring my LAN is not exposed to the internet? Specifically, how can I ensure that typing “mylaptop.mydomain.com” resolves locally without exposing it externally?
Thanks so much for your help, if you can help ! hahah
edit: I forgot to say: root@ExDietPi:~# cat /mnt/dietpi_userdata/adguardhome/dietpi-unbound.conf #127.0.0.1:5335
[//lan/wan/]127.0.0.1:5335
The domain suffix is an option advertised by the dhcp server. Then it is up to each lan host to honour it or not.
You can use whatever name you want for TLD. There are certain reserved names, like example, onion, and local. It is not a good idea to use something that is used on the Internet, as you won’t be able to access it.
You can create static mappings to internal addresses and they will be used only by your lan hosts.
Thank you so much for the quick response… I much prefer pihole, so I’d be glad to concentrate on that instead. So, it still isn’t resolving local names?
Here is a output which may help. I don’t know:
root@ExDietPi:~# dig dietpi dot com
; <<>> DiG 9.18.24-1-Debian <<>> dietpi dot com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19462 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;dietpi dot com. IN A
;; ANSWER SECTION: dietpi dot com. 300 IN A 104.26.4.243 dietpi dot com. 300 IN A 172.67.69.101 dietpi dot com. 300 IN A 104.26.5.243
;; Query time: 28 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) (UDP) ;; WHEN: Tue Jun 18 11:12:26 BST 2024 ;; MSG SIZE rcvd: 87
&
root@ExDietPi:~# dig @127.0.0.1 -p 5335 dietpi.com
; <<>> DiG 9.18.24-1-Debian <<>> @127.0.0.1 -p 5335 dietpi dot com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4789 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;dietpi dot com. IN A
;; ANSWER SECTION: dietpi dot com. 264 IN A 172.67.69.101 dietpi dot com. 264 IN A 104.26.5.243 dietpi dot com. 264 IN A 104.26.4.243
;; Query time: 0 msec ;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP) ;; WHEN: Tue Jun 18 11:12:33 BST 2024 ;; MSG SIZE rcvd: 87
&
root@ExDietPi:~# journalctl -u unbound.service
Jun 18 11:06:25 ExDietPi systemd[1]: Starting unbound.service - Unbound DNS server...
Jun 18 11:06:30 ExDietPi unbound[765]: [765:0] warning: subnetcache: serve-expired is set but not working for data originating from the subnet module cache.
Jun 18 11:06:30 ExDietPi unbound[765]: [765:0] warning: subnetcache: prefetch is set but not working for data originating from the subnet module cache.
Jun 18 11:06:30 ExDietPi unbound[765]: [765:0] info: start of service (unbound 1.17.1).
Jun 18 11:06:30 ExDietPi systemd[1]: Started unbound.service - Unbound DNS server.
root@ExDietPi:~#
And RE the real TLD thing, I think that is kind of a dead end… because the whole point of this is I want it to just be automatic, I guess
For special domains or DNS entries, you can create own local DNS records.
For device host name, you can use static DHCP leases configuration to assign individual host names on specifyed MAC addresses
I have a lot of local DNS records that are resolved by PiHole without issue
Sorry I should have been clearer. I use static DHCP leases all the time – for IP addresses. But I mean I want the random dynamic lease given to the machine to be then tied to a name mylaptop.lan and then that to be resolved (i am assuming from the dhcp lease table in pihole) if I ping mylaptop.lan from within my lan ?
I have probably five mac minis, several unraid machines, 3 imacs, 3 laptops, tablets etc etc in my house… along with services with their own IP addresses too
Sorry, I should have said, all of the mac minis have dietpi on them, obviously
Thank you for the tutorials on them by the way… I use the wifi tutorial to actually set up linux on any mac machine, whatever the distro. The time taken to help others in this forum is much appreciated, even if we lurk / are silent !
Ah, so you are saying that devices which do NOT have a static DHCP are probably not worth being able to be pinged? hahaha
So essentially, say my IoT devices, they may get a hostname plus domain, but I shouldn’t be able to ping them on the same name over the year, because actually their IP may change a lot because it’s not really that important?
And if I have made a LXC on proxmox, if it is good enough for me to be able to keep… then I should take an extra moment to put it in the static leases??
I think I am starting to get this now. So IP address/number… for things not important. And then name things which are.
I guess like a mobile phone phone book Bad analogy, I know, but as I said – I am pretty simple!
Probably a misunderstanding. Every single device that has an IP address can be reached via PING. It is irrelevant whether the IP address is STATIC or was assigned via DHCP. These systems can also be reached by host name. At least if you use the name that the DNS server recognises.
Transferred to PiHole you can see it as follows.
For DHCP you can see the current host names under “Currently active DHCP leases”. Every system should be reachable via these names. If you want to assign your own host names for DHCP, you must do this via “Static DHCP leases configuration”. It does not matter whether you have an IP address permanently assigned via DHCP or always use a free one.
On the other hand, there are systems that do not obtain an IP via DHCP, but have a fixed address configured on the device (STATIC). The PiHole does not recognise these systems at first, as these systems do not report to the DHCP server. In such cases, you have to create a “Local DNS record” in PiHole yourself. It should then also be possible to resolve these systems via DNS.
AAAhh!! OR, grab it via DHCP so it is in the table, and then convert it to Static on the device?
I think you did a too good a job of making dietpi so easy, that I didn’t realise this was how it worked.
But then on the other hand, you have not made it too easy, so this is also how I learn.
By the way, it’s all working now. I even managed to set up a second pihole on a different machine, sync the settings and dns and dhcp, and both also give out the opposite DNS server as the 2nd one!!! Thanks again
You shouldn’t do that. If you configure a STATIC IP directly on a device, the address should not be from the DHCP address range. Either take an IP outside the DHCP range or do the whole thing via DHCP address reservation
Thanks for taking the time, once again, for helping.
So are you saying (for best practice moving forward) I should not get an IP via DHCP and then convert? I generally only do that because I learnt it from dietpi hahahha. I actually start my scope at .20 always for preconfigured static IP addresses (which I think is what you mean). Bt are you saying if a client gets and address via DHCP… say… 192.168.0.94 or something… then thee clients should not be converted to static and that is bad practice?
for example:
your ip range is 192.168.1.1-254.
1.1 is gateway.
255 broadcast
dhcp pool is a portion of the remaining 253 addresses in that subnet. Yyour choice how much. If you need static ip addresses, make sure your dhcp pool doesn’t overlap.
if you have a static ip set that IS in the dhcp pool and another machine requests it, neither of you will have internet most likely, or at least, your machine will be named that machine’s name in the DNS.
they only do what you tell them to do. Keep that in mind.
tell them dhcp pool from 2-50. and keep the rest for static or testing or whatever.
i have a personal domain and Ii use it on my local lan as well as public. It’s “advanced” dns configuring, and most of it not done on your home machines but on a domain name rgistrar’s DNS server. it just says your domain = your ip. You can use a service with dietpi like duckdns.org if you want to have “remote access” with your own domain names.
Set duckdns & dietpi up. Confirm working. You can go to yourname.duckdns.org and get to your local network now. If you have a public domain name you can config the dns to a CNAME record which says that yourdomain.com can be found at the “alias”’ yourname.duckdns.org
on your local network whatever you call your network domain or workgroup, if configured on your dns pihole servers, will be fine. so mypc1.mydomain.com etc. No worries. most use .local so you know visually where you are and also so youre not going out to the net to check for dns for a service that is on your local network. That’s where you will discover you configed something wrong, so most just say dont do it.
I do it. I like it. I know what’s happening though. But try it on a spare domain name first that you dont need working or “live” and have fun. This is how I learn as well friend.
