Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 02-24-2018, 09:30 PM   #1
Registered: Oct 2012
Posts: 562

Rep: Reputation: Disabled
placement of dns server service

I am running pi hole, and was wondering where the best placement for it would be on the server; the lan interface or the wan? Is one safer than the other?

EDIT: Also, I have dns servers defined in my interfaces file. If I want it to hit the pi hole first, then somewhere else, should I not have dns servers defined in the interfaces file then? will this bypass the local pi hole dns server?

Last edited by sniper8752; 02-24-2018 at 09:33 PM.
Old 02-26-2018, 05:04 AM   #2
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 15,702

Rep: Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222Reputation: 2222
You know your network, but we don't. Such things are best done with a full chart of the network to hand.

You want the DNS server serving all the network I presume, and not the world. At the same time it may refer outside and should receive answers, and updates. That pins it down to one or two places. You might be able to dispense with it altogether and use external services as the internet is well supplied with free services.
Old 02-26-2018, 06:10 PM   #3
Registered: Oct 2012
Posts: 562

Original Poster
Rep: Reputation: Disabled
It would only be serving internal requests. I assume the best place for this is the lan interface. My setup: internet => server (wan interface) => same server (lan interface) => WAP => wireless clients.
Old 03-02-2018, 01:10 PM   #4
Registered: Oct 2014
Posts: 174

Rep: Reputation: 16
If you read the docs for Pi Hole, you will see that it needs to be "THE" DNS server on your network. Period.

As far as your client devices are concerned, the ONLY IP address(es) they should get as DNS servers are those associated with your Pi Hole devices only. The Pi Hole allows you to configure "upstream" DNS servers, and in here you point to your LAN-based DNS servers that a) can resolve your local network information and b) either forward out to another server (your provider, Google, etc.) or are TLD-aware.

ANY OTHER SETUP leaves your client devices potentially exposed as they could request information from servers that do not contain the Pi Hole logic to block the advertising domains.

And, you want the device inside your edge device(s). Inside the router and any firewall devices.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Proxy Server Placement and Cisco 2811 Zone Base Firewall metallica1973 Linux - Enterprise 10 10-15-2008 03:27 AM
DNS/Web Server Placement metallica1973 Linux - Security 5 04-12-2008 11:10 AM
LXer: LPI adds open-source job placement service LXer Syndicated Linux News 0 08-18-2006 04:03 AM
HOW-TO placement of DNS #s, etc. jdh77 Linux - Networking 2 12-05-2003 09:11 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:24 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration