Jump to content

Raspberry Pi DNS Server

HomerJayK
By HomerJayK
in Networking
 Share
Posted

I have the need to put a local DNS server on my network and I was wondering what the options are. It will most likely go on a Pi, but I might also have a Ubuntu box I can use.

 

In the past I have used DNSmarq to handle DHCP, and DHCP reservations, on my NDI network. That was a couple of years ago, and I don't know what options people are actually using now.

 

So, what are you using, and what environment are you using it in? Thanks.

Link to comment
https://linustechtips.com/topic/1513292-raspberry-pi-dns-server/
Share on other sites
Link to post
Share on other sites
Posted

I think the easiest and most useful thing you can do is put PiHole on it and use that for your DNS.  

CPU: Ryzen 7 9700X  | Motherboard: ASROCK B850 Pro-A WIFI | RAM: DDR5-6000 CL30 2x16GB  | GPU: PowerColor Hellhound RX 9070 XT | Case: Fractal North

Link to post
Share on other sites
Posted
2 hours ago, HomerJayK said:

I have the need to put a local DNS server on my network and I was wondering what the options are. It will most likely go on a Pi, but I might also have a Ubuntu box I can use.

 

In the past I have used DNSmarq to handle DHCP, and DHCP reservations, on my NDI network. That was a couple of years ago, and I don't know what options people are actually using now.

 

So, what are you using, and what environment are you using it in? Thanks.

I used PiHole on RPi for DNS ad blocking, but getting the right set of rules became tedious. I actually found AdGuard Home to be better at ad blocking with it's built-in blacklists. And it runs on RPi.

 

You can use either PiHole or AdGuard to handle DHCP as well, but if your router is already doing this, I don't see the need to add another function to the RPi.

 

When the RPi works, it works well. However, in my experience, where there's no UPS or prolonged power outages (common during summer), the RPi takes down the entire network due to its inability to reboot properly. Worse yet if the SD card becomes corrupted. You can imagine what would happen if you also ran the DHCP server on the RPi. Currently testing using CloudFlare as secondary DNS and migrating the AdGuard to a local appliance that I already have, which does graceful shutdown during power loss.

Link to post
Share on other sites
Posted

Pihole

Rig: i7 13700k +Contact Frame - - Asus Z790-P Wifi - - RTX 4080 - - 4x16GB 6000MHz - - Samsung 990 Pro 2TB NVMe Boot + Main Programs - - Crucial P3 2TB NVMe for photo work - - Corsair RM850x - - Sound BlasterX EA-5 - - Corsair XC8 JTC Edition - - Corsair GPU Full Cover GPU Block - - PTM 7950 - - XT45 X-Flow 420 + UT60 280 rads externally mounted - - EK XRES RGB PWM - - Fractal Define S2 - - DellAlienware AW3423DWF 34" -- Logitech Pro X Superlight - - Logitech G710+ - - LTT Northern Lights Deskpad

 

Headphones/amp/dac: Schiit Bifrost Multibit - -  Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/Media Server: Proxmox VE host - - 512 NVMe Samsung 980 RAID Z1 for VM's/Proxmox boot - - Xeon e5 2660 V4- - Supermicro X10SRF-i - - 128 GB ECC 2133 - - 10x8TB WD Red RAID Z2 - - 2x 800 GB SAS SSD’s (1 SLOG, 1 L2Arc) - - 45 HomeLab HL15 15 Drive 4U - - Corsair RM650i - - LSI 9305-16i HBA - - TreuNAS + many other VM’s

 

Unifi UDM Pro in front of full unifi network infrastructure

 

iPhone 17 Pro - - MacBook Air M3

Link to post
Share on other sites
Posted

Pi-hole is wonderful!  I "only" have around 130,000 blocked domains, but at one point, plan to build it back again, had about 800 manually added entries, now down to under 700.

 

I love that I can boot windows and block absolutely every single default connection until I am ready to update or when I want to upload telemetry data, not just whenever.

 

I can block web trackers before NoScript can return the CNAME requests for each script on a webpage, further reducing outbound network traffic.

 

I can make my network footprint locally, and externally, quite small, saving network electricity use and blocking needless junk on websites that take too long to load, in the days of fast Internet connection, being wasted on tracking.  Advertisments are currently an essential part of the web to fund websites, but advertisments have become so terrible, that the United States FBI and others now recommend adblockers to prevent some malware!

: JRE #1914 Siddarth Kara

How bad is e-waste?  Listen to that Joe Rogan episode.

 

"Now you get what you want, but do you want more?
- Bob Marley, Rastaman Vibration album 1976

 

Windows 11 will just force business to "recycle" "obscolete" hardware.  Microsoft definitely isn't bothered by this at all, and seems to want hardware produced just a few years ago to be considered obsolete.  They have also not shown any interest nor has any other company in a similar financial position, to help increase tech recycling whatsoever.  Windows 12 might be cloud-based and be a monthly or yearly fee.

 

Software suggestions


Just get f.lux [Link removed due to forum rules] so your screen isn't bright white at night, a golden orange in place of stark 6500K bluish white.

released in 2008 and still being improved.

 

Dark Reader addon for webpages.  Pick any color you want for both background and text (background and foreground page elements).  Enable the preview mode on desktop for Firefox and Chrome addon, by clicking the dark reader addon settings, Choose dev tools amd click preview mode.

 

NoScript or EFF's privacy badger addons can block many scripts and websites that would load and track you, possibly halving page load time!

 

F-droid is a place to install open-source software for android, Antennapod, RethinkDNS, Fennec which is Firefox with about:config, lots of performance and other changes available, mozilla KB has a huge database of what most of the settings do.  Most software in the repository only requires Android 5 and 6!

 

I recommend firewall apps (blocks apps) and dns filters (redirect all dns requests on android, to your choice of dns, even if overridden).  RethinkDNS is my pick and I set it to use pi-hole, installed inside Ubuntu/Debian, which is inside Virtualbox, until I go to a website, nothing at all connects to any other server.  I also use NextDNS.io to do the same when away from home wi-fi or even cellular!  I can even tether from cellular to any device sharing via wi-fi, and block anything with dns set to NextDNS, regardless if the device allows changing dns.  This style of network filtration is being overridden by software updates on some devices, forcing a backup dns provuder, such as google dns, when built in dns requests are not connecting.  Without a complete firewall setup, dns redirection itself is no longer always effective.

Link to post
Share on other sites
Posted
  • Author
5 hours ago, E-waste said:

Pi-hole is wonderful!  I "only" have around 130,000 blocked domains, but at one point, plan to build it back again, had about 800 manually added entries, now down to under 700.

 

I love that I can boot windows and block absolutely every single default connection until I am ready to update or when I want to upload telemetry data, not just whenever.

 

I can block web trackers before NoScript can return the CNAME requests for each script on a webpage, further reducing outbound network traffic.

 

I can make my network footprint locally, and externally, quite small, saving network electricity use and blocking needless junk on websites that take too long to load, in the days of fast Internet connection, being wasted on tracking.  Advertisments are currently an essential part of the web to fund websites, but advertisments have become so terrible, that the United States FBI and others now recommend adblockers to prevent some malware!

I'm not so much after external DNS blocking, just a name server on my local networks. Is pihole still a good choice for that?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×