Pihole standalone install: Difference between revisions

From wikinotes
No edit summary
Line 1: Line 1:
{{ NOTE |
{{ NOTE |
as far as I know, this is an archlinux-specific configuration, but it could be ported to other OS's }}
as far as I know, this is an archlinux-specific configuration (mostly of dnsmasq), but it could be ported to other OSs }}

= Archlinux =
= Archlinux =

Revision as of 21:27, 11 October 2021


as far as I know, this is an archlinux-specific configuration (mostly of dnsmasq), but it could be ported to other OSs



pacaur -S pi-hole-standalone
# update domain denylist
sudo systemctl start pi-hole-gravity.timer
pihole -g

Free port 53

You'll also need to start pihole-FTL.service, which listens on port 53.
If this port is already occupied, you'll need to free it.

# is port 53 in use?
netstat -an | grep ':53'

# try identifying program using it
lsof -i :53

systemd-resolved.service may be using port-53.
If this is the case, disable the stub listener.

# /etc/systemd/resolved.conf


Configure dnsmasq

If you're leasing IPs with DHCP, update your dnsmasq configuration.

# /etc/dnsmasq.conf


Enable DNS

sudo systemctl enable pihole-FTL.service
sudo systemctl start pihole-FTL.service

# make sure it started alright
sudo journalctl -u pihole-FTL.service

Once running, confirm DNS resolves with host or drill.

drill @ A google.com
host google.com

DNS with pihole

Configure your network manager so that it uses as it's DNS server.


Before changing your nameserver, be sure to test queries using host google.com
If this does not work, apparently your router may have rebind protection enabled.


tail -f /run/log/pihole/pihole.log  # lists nameservers, hosts, interfaces ...

# confirm server is listening
netstat -ln46 | grep :53

# confirm there is a route for DNS queries to be performed
netstat -r  # show routing table

# test DNS resolution
host google.com       # with 'host'
drill @ A google.com   # with 'drill'

Use pi-hole for DNS

First, confirm pi-hole DNS is working with ldns drill.

drill @ google.com


NetworkManager also runs an instance of dnsmasq.
You'll need to disable it to use pi-hole.

# /etc/NetworkManager/NetworkManager.conf


Configure NetworkManager to use pihole.

nmcli con  # list all connections
nmcli con mod <connectionName> ipv4.dns ""
nmcli con mod <connectionName> ipv4.ignore-auto-dns yes
sudo systemctl restart NetworkManager.service



Confirm Working

pihole status         # confirm pihole DNS is started
cat /etc/resolv.conf  # only nameserver should be