What's new

DNS Director does not work properly

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jonejonathan

New Around Here
Hey,

Im running latest asus merlin firmware on my ax56u with skynet and pihole on seperate machine. Today i noticed that my dns director does not work as it supposed to work it does not force all devices to use my piholes ip as dns.
My settings are:

Global redirection: Router
and my piholes mac to no redirection
It used to work before but i dont know why it does not now.
 
Hey,

Im running latest asus merlin firmware on my ax56u with skynet and pihole on seperate machine. Today i noticed that my dns director does not work as it supposed to work it does not force all devices to use my piholes ip as dns.
My settings are:

Global redirection: Router
and my piholes mac to no redirection
It used to work before but i dont know why it does not now.
If the pihole is on a seperate machine, shouldn't DNSDirector be pointing towards that, and not the router?

Unless you have the router's dnsmasq server using the pihole as its upstream dns server, from what you've said I can't see how DNSDirector would know to force people to use the pihole. At the moment your settings are forcing devices to use the router's dns server, not the pihole's.
 
Im running latest asus merlin firmware on my ax56u with skynet and pihole on seperate machine. Today i noticed that my dns director does not work as it supposed to work it does not force all devices to use my piholes ip as dns.
My settings are:

Global redirection: Router
and my piholes mac to no redirection
It used to work before but i dont know why it does not now.
Are you using VPN of any sort?
How is the router configured to use Pi-Hole?
Is the router doing the DHCP or the Pi-Hole?
Do you have the Pi-Hole IP address(s) input into the router's LAN > DHCP Server > DNS Server 1/2 fields? Or is the Pi-Hole IP address in the router's WAN DNS fields?
Is Advertise router's IP in addition to user-specified DNS on the LAN > DHCP Server page set to No?
Have you made any other recent changes on the router or addon scripts (like updating firmware or scripts, or added/changing settings)?
As a troubleshooting step, have you rebooted all network devices, both router and clients?
Maybe post a screen shot of your DNS Director settings so others can verify your settings.
 
If the pihole is on a seperate machine, shouldn't DNSDirector be pointing towards that, and not the router?
From the DNS Director page:
"Router" will force clients to use the DNS provided by the router's DHCP server (or, the router itself if it's not defined).
This means enforce LAN DHCP DNS1 if set, otherwise enforce the router’s IP.
 
From the DNS Director page:

This means enforce LAN DHCP DNS1 if set, otherwise enforce the router’s IP.
Ah ok, didn't know that, that makes sense.

So is that the reason why in other threads I've seen you recommend setting DNSDirector to the router address as the Custom 1 field when using a non-router dns server, as opposed to just leaving it set as Router / the IP of the pihole/adguardhome/etc.? So it acts more as a second line of defence against non-conforming DHCP DNS1 lookups?
 
Hey,

Im running latest asus merlin firmware on my ax56u with skynet and pihole on seperate machine. Today i noticed that my dns director does not work as it supposed to work it does not force all devices to use my piholes ip as dns.
My settings are:

Global redirection: Router
and my piholes mac to no redirection
It used to work before but i dont know why it does not now.

I think OP needs to give more info with regards what they have set as DNS server and where before a solution can be offered for this.
Answering all bennor's questions will be useful
 
Are you using VPN of any sort?
How is the router configured to use Pi-Hole?
Is the router doing the DHCP or the Pi-Hole?
Do you have the Pi-Hole IP address(s) input into the router's LAN > DHCP Server > DNS Server 1/2 fields? Or is the Pi-Hole IP address in the router's WAN DNS fields?
Is Advertise router's IP in addition to user-specified DNS on the LAN > DHCP Server page set to No?
Have you made any other recent changes on the router or addon scripts (like updating firmware or scripts, or added/changing settings)?
As a troubleshooting step, have you rebooted all network devices, both router and clients?
Maybe post a screen shot of your DNS Director settings so others can verify your settings.
No im not using VPN.
My router gives out addresses, so my router is my dhcp server not my pihole machine.
Yes both of fields are filled with my piholes ip address in the correct section.
Yes Advertise routers ip is set to NO.
Yes again i rebooted all of my devices including my router and pihole server.
No i didnt change any settings and i only have skynet installed which got an update recently but i dont think thats the cause.
I will post screenshots when i get home.
 
I think OP needs to give more info with regards what they have set as DNS server and where before a solution can be offered for this.
Answering all bennor's questions will be useful
Lan Dns server has my pihole address and wan has quad9 dns.

sorry double post.
 
No im not using VPN.
My router gives out addresses, so my router is my dhcp server not my pihole machine.
Yes both of fields are filled with my piholes ip address in the correct section.
Yes Advertise routers ip is set to NO.
Yes again i rebooted all of my devices including my router and pihole server.
No i didnt change any settings and i only have skynet installed which got an update recently but i dont think thats the cause.
I will post screenshots when i get home.
An example, on a RT-AC68U, of DNS Director with Pi-Hole (two of them). Not using Skynet. Not using AiProtection, QoS, VPN, or anything else like that. Am using YazFi and YazDHCP addons.
DNS_Director.jpg


When DNS requests are routed back to the Pi-Hole by DNS Director, in my case the Pi-Hole indicates the DNS request comes from router not from the network client that initially made the request.
 
An example, on a RT-AC68U, of DNS Director with Pi-Hole (two of them). Not using Skynet. Not using AiProtection, QoS, VPN, or anything else like that. Am using YazFi and YazDHCP addons.


When DNS requests are routed back to the Pi-Hole by DNS Director, in my case the Pi-Hole indicates the DNS request comes from router not from the network client that initially made the request.
In the text it states it will use the router itself if not defined, yellow highlighted in my screenshot.
Given the OP states he has Quad9 in the WAN section that might be why it isnt working for him.
I have it configured as below, where 10.11.12.5 is my Pihole.
1675084918380.png
 
In the text it states it will use the router itself if not defined, yellow highlighted in my screenshot.
Given the OP states he has Quad9 in the WAN section that might be why it isnt working for him.
I have it configured as below, where 10.11.12.5 is my Pihole.
View attachment 47580

The "not defined" that you are referencing is the DNS server fields being blank in the LAN DHCP settings, not the custom fields in DNS Director. So on your screen shot the IP you entered is being ignored, since you have the global mode set to router and not Custom 1. As it says in your screen shot, setting it to router will force clients to use the DNS defined in your DHCP settings.

His WAN setting will have nothing to do with PiHole not working, if he set things up correctly. Your WAN DNS should be a server outside of your network, so it shouldn't be set to the PiHole IP in your network. If you are using the WAN DNS settings as part of a local PiHole setup, then you are setting things up the wrong way.
 
In the text it states it will use the router itself if not defined, yellow highlighted in my screenshot.
Given the OP states he has Quad9 in the WAN section that might be why it isnt working for him.
The Asus-Merlin Wiki has a brief explination of the DNS Director page and it's settings:
https://github.com/RMerl/asuswrt-merlin.ng/wiki/DNS-Director
As to the WAN DNS being set to Quad9 causing a problem. I have the WAN DNS fields set to Quad9 and my Pi-Holes work work as they're supposed to. The Pi-Hole IP's are input into the LAN DHCP DNS Sever fields. The DNS Director is set to route to my two Pi-Holes (per my screen capture above) and the DNS Director works to properly route DNS requests that attempt to bypass the Pi-Holes back to the Pi-Holes. As indicated in the bottom screen capture below from my Pi-Hole; it shows the router requests (DNS Director kicking in) when I manually set my PC's DNS entries to public DNS servers (CloudFlare) and then tried to go to CNN. Note: I'm using Unbound in conjunction with Pi-Hole which is the reason for the localhost#5335 in the status in the Pi-Hole screen grab below.

WANDNS.jpg

PiHole.jpg
 
One other note. Something to keep in mind that has been mentioned in previous discussions by others. If one enabled DoH in their web browser it will likely bypass the router DNS/Pi-Hole.
 
The Asus-Merlin Wiki has a brief explination of the DNS Director page and it's settings:
https://github.com/RMerl/asuswrt-merlin.ng/wiki/DNS-Director
As to the WAN DNS being set to Quad9 causing a problem. I have the WAN DNS fields set to Quad9 and my Pi-Holes work work as they're supposed to. The Pi-Hole IP's are input into the LAN DHCP DNS Sever fields. The DNS Director is set to route to my two Pi-Holes (per my screen capture above) and the DNS Director works to properly route DNS requests that attempt to bypass the Pi-Holes back to the Pi-Holes. As indicated in the bottom screen capture below from my Pi-Hole; it shows the router requests (DNS Director kicking in) when I manually set my PC's DNS entries to public DNS servers (CloudFlare) and then tried to go to CNN. Note: I'm using Unbound in conjunction with Pi-Hole which is the reason for the localhost#5335 in the status in the Pi-Hole screen grab below.

View attachment 47587
View attachment 47588
My wan dns settings are same as yours.
 
My wan dns settings are same as yours.
How are you determining that DNS Director isn't working?
Have you checked the Pi-Hole configuration to ensure you have block lists and upstream DNS servers selected.
Are you running the latest version of Pi-Hole? (Pi-hole v5.15.3 FTL v5.20.1 Web Interface v5.18.3)
 
How are you determining that DNS Director isn't working?
Have you checked the Pi-Hole configuration to ensure you have block lists and upstream DNS servers selected.
Are you running the latest version of Pi-Hole? (Pi-hole v5.15.3 FTL v5.20.1 Web Interface v5.18.3)
Pinging flurry.com with manually setting cloudflares dns on my devices goes through.
Yes i have the latest version of pihole.
 
Okay, android devices have "Private DNS" setting it was set to Auto but still why does it bypass dns director?
Because Private DNS uses a different port and uses TLS, and therefore cannot be redirected.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top