F5F Stay Refreshed Power Users Networks Looking for guidance on building a Pi-hole setup across several networks.

Looking for guidance on building a Pi-hole setup across several networks.

Looking for guidance on building a Pi-hole setup across several networks.

F
Fritztech
Member
Find
218
09-03-2024, 11:17 PM
#1
I'm working on a home network upgrade to boost security. I think I've got most of the setup organized, but I'm unsure about DNS and gateway configurations. On my gateways, I've assigned the IP address of the next hop from the device they're connected to. If this isn't correct, let me know what adjustments are needed. For DNS, I'm having trouble finding guidance on using a remote IP address across different networks. Is it safe to assume all three networks should share the same DNS settings (192.168.2.3/24), or does each network require its own? This is why I added two Pi-Holes for the first and third networks, with the second network being an IPSec tunnel. Could you confirm if my DNS and gateway settings are accurate? Also, I'm worried that using just one Pi-Hole at the start might interfere with DNS filtering inside the IPSec tunnel. It seems like a tricky area—I don't want to disrupt the filtering process. Thank you for reviewing my plan. I appreciate any advice you can offer. By the way, IPSec should be included in this design as planned; other hardware and servers outside this scope are not considered.
Reply
Reply
F
Fritztech
09-03-2024, 11:17 PM #1

I'm working on a home network upgrade to boost security. I think I've got most of the setup organized, but I'm unsure about DNS and gateway configurations. On my gateways, I've assigned the IP address of the next hop from the device they're connected to. If this isn't correct, let me know what adjustments are needed. For DNS, I'm having trouble finding guidance on using a remote IP address across different networks. Is it safe to assume all three networks should share the same DNS settings (192.168.2.3/24), or does each network require its own? This is why I added two Pi-Holes for the first and third networks, with the second network being an IPSec tunnel. Could you confirm if my DNS and gateway settings are accurate? Also, I'm worried that using just one Pi-Hole at the start might interfere with DNS filtering inside the IPSec tunnel. It seems like a tricky area—I don't want to disrupt the filtering process. Thank you for reviewing my plan. I appreciate any advice you can offer. By the way, IPSec should be included in this design as planned; other hardware and servers outside this scope are not considered.

Reply
Reply
T
TheAnnieBunneh
Junior Member
Find
25
09-03-2024, 11:17 PM
#2
As long as round-trip communication is feasible between the host and DNS, location becomes irrelevant. You won't require several DNS servers unless additional constraints apply. For example, 8.8.8.8 may not be on your network yet but remains accessible.
Reply
Reply
T
TheAnnieBunneh
09-03-2024, 11:17 PM #2

As long as round-trip communication is feasible between the host and DNS, location becomes irrelevant. You won't require several DNS servers unless additional constraints apply. For example, 8.8.8.8 may not be on your network yet but remains accessible.

Reply
Reply
B
bartlott
Member
Find
82
09-03-2024, 11:17 PM
#3
On the Wireless Router, you can configure the DNS for all DHCP devices to point to the 192.168.2.3 address on another network. This should work well, avoiding any unnecessary restrictions. Regarding the lack of dual PI-Hole DNS for both networks, there may be a reason not to implement it, as it might not offer any clear advantages.
Reply
Reply
B
bartlott
09-03-2024, 11:17 PM #3

On the Wireless Router, you can configure the DNS for all DHCP devices to point to the 192.168.2.3 address on another network. This should work well, avoiding any unnecessary restrictions. Regarding the lack of dual PI-Hole DNS for both networks, there may be a reason not to implement it, as it might not offer any clear advantages.

Reply
Reply
M
MineFloYT
Member
Find
190
09-03-2024, 11:17 PM
#4
There is a potential benefit from a redundancy perspective, but no reason "not" to have 2. It just depends on how you wish to use them.
Reply
Reply
M
MineFloYT
09-03-2024, 11:17 PM #4

There is a potential benefit from a redundancy perspective, but no reason "not" to have 2. It just depends on how you wish to use them.

Reply
Reply
X
xHuntex
Member
Find
203
09-03-2024, 11:17 PM
#5
Great thanks! I think it would be best to include both of them. It will also work better long-term since I can adjust the second Pi-Hole without impacting users in the leftmost network. Appreciate your assistance—I'll refresh this thread within a month or so after making these updates, and I'll also revise the design for anyone interested.
Reply
Reply
X
xHuntex
09-03-2024, 11:17 PM #5

Great thanks! I think it would be best to include both of them. It will also work better long-term since I can adjust the second Pi-Hole without impacting users in the leftmost network. Appreciate your assistance—I'll refresh this thread within a month or so after making these updates, and I'll also revise the design for anyone interested.

Reply
Reply