I’ve been using pi-hole for the last 3 or 4 years and I’m pretty satisfied with it. Now I’m thinking about the next step. Nowadays I have my local network and a tailscale to access my hosts. I’m thinking about a DNS solutions to solve the names on the locla network and thru tailscale simultanely, while been able to block ads on DNS like pi-hole do. What do you think would be a better solution for this next step? I’ve only used bind before, but I think and old dog can learn a new trick.
Another +1 for Technitium DNS if you’re comfortable with the basics and want some more control. You can use the Split Horizon “app” in Technitium to return either the Tailnet or LAN IP for the same domain depending on the client IP. It’s awesome! It also does DNS ad blocking and the log querying is great. Honestly I’ve ended up playing with so many features I didn’t even know I wanted.
You should add your DNS forwarder as its own node in Tailscale, and configure the tailnet to resolve DNS through it. That way you’ll be able to resolve both MagicDNS node names and your local domains, as well as being blocklist-enabled. Besides, I think you can also define custom A/AAAA records on your Tailscale console, skipping local records on Pi-hole altogether.
I’d also recommend Technitium for a new DNS solution, mainly because they’re going to add support for clustering soon. This could be highly useful if you want to configure blocklists once and sync them between different Technitium nodes. Should it works out, I’m thinking of installing it alongside every Tailscale exit node, for the benefit of synced blocklists, local domains, and exit-node geolocated IPs for external domains.
I’m pretty sure pi-hole has dns capabilities, as do alternatives like AdGuard home. Depending on your needs, staying with your current setup may be the most desirable option.
I use Technitium, for that purpose. You can set up DNS records easily and it still has blocking like pi-hole. You can log DNS requests if you need to track down where certain requests are coming from or which devices are making lots of requests. It has quite a few features but I only need a couple.
Yeah, came here to write about Technitium. It is rock solid. Absolutely. It looks intimidating at first but you soon figure out you hardly need 10% of the options in the beginning.
But it’s so rock solid and good…
I’ve been using technitium dns server for this. It is an all in one solution and is working well for me through tailscale as a global name server.
I’ve had pihole running in the past, then Adguard, but moved to NextDNS several years ago and have been happy with it. For a small fee, it removes all need for self hosting your own. I set up profiles for the kids, wife etc, then set the DNS in their phones, tablets, so I know its always working wherever they are. You can set local IPs in it if you want, but I use a reverse proxy for all LAN requests instead.
Only slight issue I’ve had with it was recently making several quick changes to DNS in Cloudflare, and NextDNS took several hours to propagate which was a PITA at the time.
Edit: I’ve just seen that they now offer a free tier which they didn’t in the past.
And how do you fix the problem with applications that have hard coded dns?
If you’re referring to network based DNS, I use their script to have it on my Ubiquiti router as well. I have that with its own profile with full blocking for iot etc.
I had PiHole with unbound on my OPNsense way back when, but the internet just needs to work for both me and my family and not go offline with me tinkering with the homelab. NextDNS takes all of that hassle out of the equation.
@q7mJI7tk1 @StopSpazzing This is the way. NextDNS is awesome.
