Pihole standalone install
NOTE:
as far as I know, this is an archlinux-specific configuration (mostly of dnsmasq), but it could be ported to other OSs
Archlinux
Install
pacaur -S pi-hole-standalone# update domain denylist sudo systemctl start pi-hole-gravity.timer pihole -gFree port 53
You'll also need to start
pihole-FTL.service
, which listens on port53
.
If this port is already occupied, you'll need to free it.
# is port 53 in use? netstat -an | grep ':53' # try identifying program using it lsof -i :53
systemd-resolved.service
may be using port-53.
If this is the case, disable the stub listener.# /etc/systemd/resolved.conf [Resolve] DNSStubListener=noConfigure dnsmasq
If you're leasing IPs with DHCP, update your dnsmasq configuration.
# /etc/dnsmasq.conf bind-interfacesEnable DNS
sudo systemctl enable pihole-FTL.service sudo systemctl start pihole-FTL.service # make sure it started alright sudo journalctl -u pihole-FTL.serviceOnce running, confirm DNS resolves with host or drill.
drill @127.0.0.1 A google.com host 127.0.0.1 google.comDNS with pihole
Configure your network manager so that it uses 127.0.0.1 as it's DNS server.
NOTE:
Before changing your nameserver, be sure to test queries using
host google.com 127.0.0.1
.
If this does not work, apparently your router may have rebind protection enabled.troubleshooting
tail -f /run/log/pihole/pihole.log # lists nameservers, hosts, interfaces ... # confirm server is listening netstat -ln46 | grep :53 # confirm there is a route for DNS queries to be performed netstat -r # show routing table # test DNS resolution host google.com 127.0.0.1 # with 'host' drill @127.0.0.1 A google.com # with 'drill'
Use pi-hole for DNS
First, confirm pi-hole DNS is working with ldns drill.
drill @127.0.0.1 google.comNetworkManager
NetworkManager also runs an instance of dnsmasq.
You'll need to disable it to use pi-hole.# /etc/NetworkManager/NetworkManager.conf [Main] dns=noneConfigure NetworkManager to use pihole.
nmcli con # list all connections nmcli con mod <connectionName> ipv4.dns "127.0.0.1" nmcli con mod <connectionName> ipv4.ignore-auto-dns yes sudo systemctl restart NetworkManager.service
netctl
todo
Confirm Working
pihole status # confirm pihole DNS is started cat /etc/resolv.conf # only nameserver should be 127.0.0.1Service Tweaks
I've had issues with the network interfaces not being brought up before pi-hole,
which prevents dnsmasq from starting.You can fix this by restarting pi-hole, but I don't have a better fix just yet.
systemctl restart pihole-FTL.service