Currently have nice long docker compose file that hosts my PiHole V6 container (along with a bunch of other containers) however, reason i ask this question is because whenever I go to pull an updated image and recreate the container I experience about 20 minutes of no DNS resolution which to my knowledge is due to the NTP clock being out of sync.
What’s the best way to host a DNS sinkhole/resolver that can mitigate this issue?
Was thinking of utilizing Proxmox & LXC but I suspect I’ll get the same experience.
Update: Turns out PiHole doesn’t support two instances, I got both of them on separate devices also set the 2nd DNS server in my routers WAN & LAN DNS settings which did in fact split DNS between both instances however, I lost access to my routers web-ui, my Traefik instance & reverse proxies died and I lost all internet access.
So, don’t do what I did.
Update 2: So everything I said in my first update let’s disregard that, turns out I had my router forcing all DNS to PiHole server 1 which caused my issues mentioned above.
Two servers appears to work!
If you run a single DNS server, you will always have downtime when it’s restarted.
The only way to mitigate that, is to run 2 DNS servers.
I setup my network to use pihole as the first DNS and the router as the second, most of the time pihole is used. Unless it’s down
Why wouldn’t you just use DNS on your router
Router may not have a function you want.
Instead of paying for a raspberry Pi you could just get a OpenWRT device. You can get the router equivalent of a rust bucket since chances are you are not using the Wireless portion anyway.
Just be sure that the second server in the list is also a black hole. If you don’t, all black holed requests will fallback to the second DNS… which, if it doesn’t also black hole them, will wind up serving you ads and defeating the point!
Personally I find a single Pi is just fine for DNS. It only takes like 10 seconds to reboot. Less, if you use M.2 storage via a HAT or boot from USB! That’s pretty fine downtime. But if you’re afraid you’ll knock over the network and get yelled at by your family or housemates, best to use a backup :)
When it comes to a “secondary”DNS… [there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.](https://discourse.pi-hole.net/t/primary-vs-secondary-dns/1536/2)
[Most operating systems implement DNS servers as alternatives, not as fallbacks, i.e. they will query any of both servers from time to time, so it is quite likely that you will loose your Pi-hole filtering capabilities (at least partially) [if you specify a secondary DNS server on your network].](https://discourse.pi-hole.net/t/secondary-dns-server-for-dhcp/1874)
The **ONLY** DNS server you should have set on your network is a/the PiHole(s).
How do you set up clients so they will always use the first one? I thought if a client knows 2 servers they will switch between them.
I plan to add a second Pihole at some point and keep them synced
Yeah, you can’t. There is no guarantee that clients will use dns servers in any particular order.
Not that it particularly matters for just queries. The problem is that DHCP can only be enabled on one host. If that one fails then devices can’t get on to the network themselves. I’d like to know a good way to have a failover DHCP server - my janky cronjob isn’t great.
You can just run two DHCP servers. Give them non-overlapping ranges or give them the same MAC to IP mapping.
How do the DNS servers resolve local hostnames then? The pihole DHCP integration adds local hostnames to DNS when they are assigned an address. If there’s two DHCP servers handing out leases, presumable only one would be accepted, how then would the DNS servers sync those names?
I think I had my secondary pihole resolve local names from the primary, and leases were copied over on a cronjob in case the secondary DHCP server had to be enabled.
Use the second option of a static MAC to IP map and add the relevant records to each pihole’s local DNS.
When it comes to a “secondary”DNS… [there is nothing like a primary and secondary DNS server. These indications are quite misleading but many systems adopted it this way. Pihole only list the DNS servers as primary and secondary, because this is what the providers write on their pages. The bad phrasing is supported especially by how Windows handles it.](https://discourse.pi-hole.net/t/primary-vs-secondary-dns/1536/2)
[Most operating systems implement DNS servers as alternatives, not as fallbacks, i.e. they will query any of both servers from time to time, so it is quite likely that you will loose your Pi-hole filtering capabilities (at least partially) [if you specify a secondary DNS server on your network].](https://discourse.pi-hole.net/t/secondary-dns-server-for-dhcp/1874)
The **ONLY** DNS server you should have set on your network is a/the PiHole(s).
That’s what I thought. Btw, your formatting seems to be broken.
Thanks for that; the formatting is broken.
I’ll try and figure out how to fix it (it was formatted for the “site that shall not be named”)
Are you using pihole to also create custom local DNS records?
Yes, mostly just the hostnames