I'm setting up a pi-hole remotely for my buddy in Thailand. We've been unable to get into the fiberoptic modem/router to change dns settings so he purchased this GL-AR750 and connected it to the fiberoptic modem/router over wireless and then connected his computer via ethernet cable to the new travel router. The new network is working fine, and we can see where to forward and force router dns inquires to the pi-hole, but when we do=no internet at all.
Modem/router=192.168.1.1 --> (assigns AR750 192.168.1.150),
New travel router AR750=192.168.8.1assigns--> Pi-hole=192.168.8.124 and his computer 192.168.8.xx
Any ideas on what we're doing wrong?
Hey I have the the same device and tried setting up pihole.
I got it working with some caveats.
Unfortunately the simplest method could have been achieved with the original router by manually setting DNS for each client.
However, seeing a we have a great OpenWRT based router to work with, the simplest solution for your friend to have all DNS routed through pihole automatically for all clients is as follows:
OPTION1:
CAVEATS:
OPTION2:
Now all clients connected to the ar750 will automatically use the pihole for DNS.
CAVEATS:
You cannot just put pihole on the same subnet/ar750 network instead as this will create a DNS loop where the router forces the pihole to use itself as DNS. You can set up DoH on the pihole to get past this and this could be an easier solution than setting up firewall rules to access the pihole admin console as with option1.... Thinking about it now I would suggest option2 as the easier of the two options.
You have to use DoH on th pihole (not the ar750) to make the setup function simply.
So there are options, but none of them will be as simple as a regular setup.
You could probably also setup DHCP on the ar750 either through the advanced openwrt settings or via ssh but this is probably not what your friend will want considering that they need you to set up their pihole for them. You see, from what i understand, the custom DNS features on the ar750 are a bit more involved than just setting DHCP (i believe that they could be firewall-based) so using the DoH method will allow you to retain full functionality of the router admin interface settings. As soon as you start editing DHCP settings in the openwrt underneath it will almost certainly have some knock-on effect with the custom dns options, as well as VPN and TOR functions of the ar750 router. To not interfere with the ar750 firmware I recommend option 2. If they ever need to reset the router or the pi, then option 2 also has the benefit of having two separate and independent functioning configurations - if the pi is fucked, they can easily bypass it in the router settings - if the router gets fucked then the pi is still happily configured and just waiting for a router reset. If you mess with the DHCP internals of the ar750 it is likely to affect the functionality of the gl-inet layer.
Honestly, after getting the ar750 I stopped using pihole because it was too complicated to configure when using as VPN client simultaneously and I did not want to use cloudflare/DoH.
Instead I installed adblock on the openwrt advanced settings with some efficient settings and blocklists.
The blocking is not as comprehensive as pihole, there are no stats either, but everything runs smooth and I can enable and disable the VPN and move the router around (it is a travel router after all) without the pi stuck to it or having to reconfigure absolutely everything for each new connection - just flipping the programmable switch is all that's needed.
EDIT:
There is also the option of not forcing all clients to use a custom DNS whilst still setting manual DNS. The benefit is forgoing DoH on the pi, but in my testing I had mixed results with this method. Using the VPN client or other features of the ar750 might have been the cause here. If you use option 2 as I suggested, all these functions work regardless of the other features you enable.
https://www.reddit.com/r/pihole/comments/f2v6gr/pihole_and_glar750_help_please/
Any ideas on what we're doing wrong?
Hey I have the the same device and tried setting up pihole.
I got it working with some caveats.
Unfortunately the simplest method could have been achieved with the original router by manually setting DNS for each client.
However, seeing a we have a great OpenWRT based router to work with, the simplest solution for your friend to have all DNS routed through pihole automatically for all clients is as follows:
OPTION1:
- Put the pi/pihole on the original router's network with ip of 192.168.1.2 for instance.
- On the AR750 router admin page, go to "more settings" > "custom dns server"
- Here your friend must select: Override DNS Settings for All Clients - yes
- Manual DNS Server Settings - yes & input 192.168.1.2 as manual DNS
CAVEATS:
- You might not be able to connect easily to the pihole admin page this way as there is now a firewall in the way and because of the double NAT. However, you can create rules via the 'advanced settings' option which takes you to openWRT's luci to be able to access firewall rules.
- This will force your DNS for all clients - even when using the VPN or TOR functions of the ar750. However, it is possible to set your VPN's DNS as the upstream for pihole if you make the pihole also connect to the VPN as client to avoid DNS leaks.
OPTION2:
- You connect the pihole to the ar750 directly - with an IP of 192.168.8.2 for instance.
- You set up DoH to cloudflare on the pihole by following the guide on pihole docs.
- On the AR750 router admin page, go to 'more settings' > 'custom dns server'. Override DNS Settings for All Clients - yes Manual DNS Server Settings - yes & input 192.168.8.2 for manual DNS
Now all clients connected to the ar750 will automatically use the pihole for DNS.
CAVEATS:
You cannot just put pihole on the same subnet/ar750 network instead as this will create a DNS loop where the router forces the pihole to use itself as DNS. You can set up DoH on the pihole to get past this and this could be an easier solution than setting up firewall rules to access the pihole admin console as with option1.... Thinking about it now I would suggest option2 as the easier of the two options.
You have to use DoH on th pihole (not the ar750) to make the setup function simply.
So there are options, but none of them will be as simple as a regular setup.
You could probably also setup DHCP on the ar750 either through the advanced openwrt settings or via ssh but this is probably not what your friend will want considering that they need you to set up their pihole for them. You see, from what i understand, the custom DNS features on the ar750 are a bit more involved than just setting DHCP (i believe that they could be firewall-based) so using the DoH method will allow you to retain full functionality of the router admin interface settings. As soon as you start editing DHCP settings in the openwrt underneath it will almost certainly have some knock-on effect with the custom dns options, as well as VPN and TOR functions of the ar750 router. To not interfere with the ar750 firmware I recommend option 2. If they ever need to reset the router or the pi, then option 2 also has the benefit of having two separate and independent functioning configurations - if the pi is fucked, they can easily bypass it in the router settings - if the router gets fucked then the pi is still happily configured and just waiting for a router reset. If you mess with the DHCP internals of the ar750 it is likely to affect the functionality of the gl-inet layer.
Honestly, after getting the ar750 I stopped using pihole because it was too complicated to configure when using as VPN client simultaneously and I did not want to use cloudflare/DoH.
Instead I installed adblock on the openwrt advanced settings with some efficient settings and blocklists.
The blocking is not as comprehensive as pihole, there are no stats either, but everything runs smooth and I can enable and disable the VPN and move the router around (it is a travel router after all) without the pi stuck to it or having to reconfigure absolutely everything for each new connection - just flipping the programmable switch is all that's needed.
EDIT:
There is also the option of not forcing all clients to use a custom DNS whilst still setting manual DNS. The benefit is forgoing DoH on the pi, but in my testing I had mixed results with this method. Using the VPN client or other features of the ar750 might have been the cause here. If you use option 2 as I suggested, all these functions work regardless of the other features you enable.
https://www.reddit.com/r/pihole/comments/f2v6gr/pihole_and_glar750_help_please/
No comments:
Post a Comment
Canada Internet Service Review Discussion Group
InternetCanada@groups.io
Canada 🇨🇦 Internet Service Review
https://groups.io/g/InternetCanada