adminmat Posted October 10, 2019 Share Posted October 10, 2019 (edited) Just set up pihole on my Secure LAN. Its working great but I have 4 VLANs running on an EdgerouterX. All VLANs are segregated and VLAN10 can establish communication with any other VLAN (via firewall rules) I have a pihole on VLAN10 in an unRAID server. How can I let VLAN20 utilize the pihole as well? I've tried many firewall rule to no success. Is my only option to set up a pihole for every VLAN? Surely there is a better way. Edited October 12, 2019 by adminmat Quote Link to comment
bonienl Posted October 10, 2019 Share Posted October 10, 2019 If you want to keep network segregation, the best way is to set up a dedicated pi-hole server for each VLAN (network). Below an example of my setup Quote Link to comment
adminmat Posted October 10, 2019 Author Share Posted October 10, 2019 36 minutes ago, bonienl said: If you want to keep network segregation, the best way is to set up a dedicated pi-hole server for each VLAN (network). Below an example of my setup But wouldn't I have the same problem because of my VLAN firewall rules? Being my client devices on the guest/family network would not be able to connect to the secure network (unRAID box/Pi-Hole) in order to access the Pi-Hole DNS server? Since the Pi-Hole server is on the Secure LAN? For example: My unRAID server is on the 192.168.10.0/24 subnet. Pi-Hole is on the 192.168.10.0/24 subnet. My guest/family network is 192.168.20.0/24. Or maybe i'm not understanding and you can totally set up different subnets on the unRAID server. I can set this all up using one physical ethernet interface on the unRAID server? Also, others are recommending just opening port 53 from VLAN to VLAN. Which I've tried unsuccessfully. Quote Link to comment
adminmat Posted October 10, 2019 Author Share Posted October 10, 2019 Well I went to restart unRAID and I got this: Quote Link to comment
adminmat Posted October 10, 2019 Author Share Posted October 10, 2019 update: I'm not sure why but the network setting for pihole and unraid were all scrambled. I deleted and reinstalled pihole. It's working now but not across VLANS still. I'm considering scrapping all my EdgrouterX's firewall rules and starting over. Quote Link to comment
adminmat Posted October 12, 2019 Author Share Posted October 12, 2019 (edited) Ok update on this I finally got it working. I created a rule in the GUEST_TO_LAN ruleset to allow destination traffic to the pihole's IP address on port 53. But it was important to move this rule to the top of the ruleset to get it working properly. See my post here for more info. @bonienl, out of curiosity what router are you using? And another thing I found out today. Every time I rebooted my unRAID server the Pi-Hole docker would fail to open again. It was happening because the unRAID server was getting a new DNS of the Pi-Hole itself. So in unRAID's network settings I had to set the DNS to Static and list my Edgerouter IP as the DNS. Does this make sense? Is there another way? Edited October 12, 2019 by adminmat Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.