this post was submitted on 21 Jul 2023
18 points (95.0% liked)

Selfhosted

40006 readers
646 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi there, On my router/modem I cannot change the DNS entries, thus just using Adguard/PiHole for DNS blocking ads doesn't work. Would a seperate Router circumvent this problem? Could I set up Adguard (or PiHole) on a Raspberry and use it as a DNS server for my home network?

The plan would be to use my ISP-provided router just as a modem to connect to the internet. Then us a second router to provide my home network, where also Adguard/PiHole can do their thing.

Would this setup work and how would I need to configure it?

top 11 comments
sorted by: hot top controversial new old
[–] rambos@lemmy.world 5 points 1 year ago (1 children)

Cant you just set PiHole's IP as DNS on your clients?

load more comments (1 replies)
[–] zikk_transport2@lemmy.world 4 points 1 year ago (1 children)

I've done something similar in Ireland, where ISP router was the only way to connect. Managed to setup everything on OpenWRT router, but it kept disconnecting, so I put openwrt router behind ISP router.

Interesting thing I found in ISP router is DMZ host - just point it to your own router and that's it. Basically ISP router doesn't exist lol.

Then you have absolute freedom with your router.

[–] vzq@lemmy.blahaj.zone 2 points 1 year ago

I ran like this for years. As long as you have DMZ/exposed host functionality everything works great. The only thing that needed some massaging was IPv6, but if you want/need that, you probably know enough about it to get it working.

“Double NAT” is a bit of a bugbear in the home lab community, but as long as you can port forward in bulk you should not even notice it, aside from a tiny bit of additional latency.

[–] flathead@quex.cc 2 points 1 year ago

Connect the router's WAN port into the cable modem. Plug your stuff into the router LAN ports or connect to the new router wifi. Set pi hole to a static address and then set the router's DNS to point to that. Remove any secondary DNS in the router settings. Reboot everything and make sure it all works. That should be about it.

[–] lal309@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

I had this same problem but Pihole can act as your DHCP server too. I turned off DHCP on my ISP router, turned it on in Pihole and configured my range (with some buffer for static IPs for servers and others) and off it went. When all my clients (laptops, workstations, phones, etc.) requested an IP (which I saw them trickle in almost immediately), they got their IP from Pihole and also automatically directed all DNS queries to Pihole. No need for complicated setups.

Edit: fix typos.

[–] the_thunder_god@kbin.social 2 points 1 year ago

Bridge mode on the ISP router is what you want. Then it just passes through the internet connection to the internal router on the edge of your network. It's what I do with Comcast.

[–] exu@feditown.com 1 points 1 year ago* (last edited 1 year ago) (1 children)

It's not really optimal, having two firewalls and double NAT. Maybe check if your ISP router supports a modem-only mode.

[–] Voroxpete@sh.itjust.works 1 points 1 year ago

This is also sometimes referred to as "bridge" mode. Even if the ISP doesn't officially support it, some googling may reveal how. It's shockingly easy to find the default credentials for these things, for example.

[–] randomTingler@lemmy.world 1 points 1 year ago

Wireguard + pihole?

[–] bogo@sh.itjust.works 1 points 1 year ago* (last edited 1 year ago)

You can do this with Tailscale. Added plus is you can then use Tailscale on you phone to access your pihole for DNS when on the go.

https://tailscale.com/kb/1114/pi-hole/

https://shotor.com/blog/run-your-own-mesh-vpn-and-dns-with-tailscale-and-pihole/

[–] IsoKiero@sopuli.xyz 1 points 1 year ago

Yes, that will work. On your router plug in WAN (or whatever that's called on your router) port to the ISP router, set up IP-range and NAT (plus DHCP and whatever other services you might want to use) and plug in the rest of your network on the LAN side of the router. That way the only thing ISP router will see is your own router and everything else is behind that & yours to configure however you wish.

I've ran setup like this on several locations and (if possible) I've used bridged port on the ISP router, so that ISP router is only a 'media converter' and my own router connects directly to the public internet. Just make sure to have proper firewall configuration and keep safety in mind when doing that. If bridging isn't possible your traffic just goes trough NAT twice (your router and ISP router) which in some odd edge cases can cause problems, but they're very rare.

load more comments
view more: next ›