DNS Switch. I need more DNS

[ChaseB]

My router has 2 DNS ip sections. I use one of the DNS sections for my custom Pi Hole DNS and the other section is using 1.1.1.1. My issues is my Servers. I have 2 and the network needs to point to both of them. I need two more DNS Sections. What can I do or what are my options. I do have a windows server with the DNS role installed. I dont know how to use the role but I can learn if that is an option. I don't know. Help is always welcome. 

 

Thanks,

Chase B 

[NelizMastr]

What you're probably looking for is DNS forwarders. That way, you can use your local DNS resolving and any request not matching an internal record is forwarded to the internet, using DNS servers like 1.1.1.1, 8.8.8.8 etc.

 

Creating multiple lookup zones shouldn't require Windows' implementation specifically, but having an easy management UI does help. My home network uses a Windows Server 2019 VM for DNS and DHCP.

[Mr Technician]

Why do DNS queries need to be sent to your servers if you already have a pihole? Could you explain your network better, please?

[myselfolli]

Instructions unclear got ...

 

Let's not go there. But I don't really get what you are trying to achieve either, please elaborate

[ChaseB]

12 minutes ago, NelizMastr said:

What you're probably looking for is DNS forwarders. That way, you can use your local DNS resolving and any request not matching an internal record is forwarded to the internet, using DNS servers like 1.1.1.1, 8.8.8.8 etc.

 

Creating multiple lookup zones shouldn't require Windows' implementation specifically, but having an easy management UI does help. My home network uses a Windows Server 2019 VM for DNS and DHCP.

Do you have any trusted links that tell me how to use Windows Server DNS. 

[NelizMastr]

Just now, ChaseB said:

Do you have any trusted links that tell me how to use Windows Server DNS. 

Explain what you're trying to achieve first, in detail please.

[ChaseB]

2 minutes ago, myselfolli said:

Instructions unclear got ...

 

Let's not go there. But I don't really get what you are trying to achieve either, please elaborate

I need to forward 4 DNS Records.

 

149.XXX.1.XX

1.1.1.1

192.168.0.156

192.168.0.123

 

My router only allows me to use 2. I want to use all 4 

[ChaseB]

1 minute ago, NelizMastr said:

Explain what you're trying to achieve first, in detail please.

I just replied to  to @myselfolli with all of the info. Hopefully it makes sense.

[ChaseB]

16 minutes ago, ThatFlashCat said:

Why do DNS queries need to be sent to your servers if you already have a pihole? Could you explain your network better, please?

My windows server is my Long Term NAS and my AD for my Workstaions

My UnRaid Server is my Steam, and windows update cache server. It also is my Back Up NAS Server

[Alex Atkin UK]

As this appears to be what your router is using to serve DNS to the whole LAN then you don't want different queries going to different DNS servers, it can cause all sorts of problems.  When setting multiple DNS servers its expected that all those servers are at the same host with the same results.

For example Cloudflare 1.1.1.1 and 1.0.0.1 are different servers but will give you the same results back.  Likewise Google with 8.8.8.8 and 8.8.4.4.

 

Unfortunately this means you would have to use your UnRaid server as the only DNS on your router.  Anything else is going to cause havock with your Steam/Windows Update cache as sometimes it will be pointed to your UnRaid server, other times it will be pointing to the REAL servers.

[ChaseB]

10 minutes ago, Alex Atkin UK said:

As this appears to be what your router is using to serve DNS to the whole LAN then you don't want different queries going to different DNS servers, it can cause all sorts of problems.  When setting multiple DNS servers its expected that all those servers are at the same host with the same results.

For example Cloudflare 1.1.1.1 and 1.0.0.1 are different servers but will give you the same results back.  Likewise Google with 8.8.8.8 and 8.8.4.4.

 

Unfortunately this means you would have to use your UnRaid server as the only DNS on your router.  Anything else is going to cause havock with your Steam/Windows Update cache as sometimes it will be pointed to your UnRaid server, other times it will be pointing to the REAL servers.

Can  I point all traffic to one DNS and inside there, I can have all the DNS's. I have been running the PI Hole DNS alongside 1.1.1.1 for a year now with no issue.

[brwainer]

1 hour ago, ChaseB said:

Can  I point all traffic to one DNS and inside there, I can have all the DNS's. I have been running the PI Hole DNS alongside 1.1.1.1 for a year now with no issue.

You may not have noticed, but any time a client device used 1.1.1.1 directly, it wouldn’t be affected by your pihole settings. What should really happen is all of your devices *only* go to your pihole, and the pihole then uses 1.1.1.1 as its source for DNS queries it doesn’t know (which would be most of them). If you wanted to program in any local hosts to the DNS, you would add them to the pihole, not to your router or to other computers/servers directly.

[ChaseB]

1 hour ago, brwainer said:

You may not have noticed, but any time a client device used 1.1.1.1 directly, it wouldn’t be affected by your pihole settings. What should really happen is all of your devices *only* go to your pihole, and the pihole then uses 1.1.1.1 as its source for DNS queries it doesn’t know (which would be most of them). If you wanted to program in any local hosts to the DNS, you would add them to the pihole, not to your router or to other computers/servers directly.

So I have the 1.1.1.1 as a backup. Pi Hole uses 1.1.1.1 and 1.0.0.1 as well. If the Pi Hole goes down, I still want the internet to work. Those other two servers are the big issue. That is what I need to figure out

 

[brwainer]

31 minutes ago, ChaseB said:

So I have the 1.1.1.1 as a backup. Pi Hole uses 1.1.1.1 and 1.0.0.1 as well. If the Pi Hole goes down, I still want the internet to work. Those other two servers are the big issue. That is what I need to figure out

 

The other two are DNS servers? What things are they responsible for? Is it for an Active Directory system? Can you have the pihole use them as its DNS servers, and then they point to cloudflare?

[Scheer]

Use Pi-hole as your primary and 1.1.1.1 as your secondary so, as you said, internet still works when Pi-hole goes down.

 

Then put the two other IPs into Pi-hole's upstream's custom fields:

 

Or you can use your Windows Server with the DNS roll installed as your primary, and put the other Server and Pi-hole in as forwarders. 

 

https://www.faqforge.com/windows-server-2012-r2/set-dns-forwarder-windows-server-2012-r2/

[Alex Atkin UK]

The problem here is that while Windows may use DNS in order, routers AFAIK generally don't.  They will randomly jump between different DNS servers to spread the load.

The way to do it without risking any complications would be to have a second identically configured PiHole.  But then, how often is the PiHole going to be down in the first place?  If its happening often I'd argue its not fit for purpose.

 

Its in fact the only reason I do not have a Steam/Windows cache myself as I want DNS handled by my pfSense box which only ever goes down when its being updated.

[ChaseB]

13 hours ago, Alex Atkin UK said:

The problem here is that while Windows may use DNS in order, routers AFAIK generally don't.  They will randomly jump between different DNS servers to spread the load.

The way to do it without risking any complications would be to have a second identically configured PiHole.  But then, how often is the PiHole going to be down in the first place?  If its happening often I'd argue its not fit for purpose.

 

Its in fact the only reason I do not have a Steam/Windows cache myself as I want DNS handled by my pfSense box which only ever goes down when its being updated.

Pi hole is in the Cloud. Just in case the whole server goes down, I don't want the internet to go down. So far, pi hole has never gone down.

[Alex Atkin UK]

1 hour ago, ChaseB said:

Pi hole is in the Cloud. Just in case the whole server goes down, I don't want the internet to go down. So far, pi hole has never gone down.

Like I said though, the problem is with a router you don't have any control over which DNS it decides to use for each query.  If the router is based on Linux then things often go pear shaped if the primary is down anyway, even when secondary is available.

If you insist on using both I'd definitely look for a tool to do many DNS queries and check the results for consistency to see if it is sticking to primary or jumping between the two.  What I'm unsure of at this point is where the Steam cache comes into this, as for that to work all DNS should be pointing to THAT box.