DNS Filter redundant DNS Server

[Laxarus]

I have jsut started to use this feature to prevent my chromecast devices forcibly using google dns servers. I must say I totally missed this feature previously.

I do have a question though. I use "Router" as the Global Filter Mode and "no filtering" for my adguard home instance running on a rpi.

I noticed that whenever the rpi goes down whole DNS goes down as well. Does "Router" mode not use the secondary DNS server defined in the DHCP settings? I sure would like to have some redundancy in case the rpi goes down. Even the router DNS server itself would work. Is there no way to achieve this?

 

[DJones]

I have jsut started to use this feature to prevent my chromecast devices forcibly using google dns servers. I must say I totally missed this feature previously.

I do have a question though. I use "Router" as the Global Filter Mode and "no filtering" for my adguard home instance running on a rpi.

I noticed that whenever the rpi goes down whole DNS goes down as well. Does "Router" mode not use the secondary DNS server defined in the DHCP settings? I sure would like to have some redundancy in case the rpi goes down. Even the router DNS server itself would work. Is there no way to achieve this?

I believe it only goes to the ip you specify.

Your better off just firewall blocking 8.8.8.8 and 8.8.4.4 in firewall or skynet. Unless you actually want to use googledns for other devices.

I personally would leave DNSfilter in router mode if you want to firewall block it.

That said I prefer cloudflair using DoT for encrypted dns.

 

[SomeWhereOverTheRainBow]

I have jsut started to use this feature to prevent my chromecast devices forcibly using google dns servers. I must say I totally missed this feature previously.

I do have a question though. I use "Router" as the Global Filter Mode and "no filtering" for my adguard home instance running on a rpi.

I noticed that whenever the rpi goes down whole DNS goes down as well. Does "Router" mode not use the secondary DNS server defined in the DHCP settings? I sure would like to have some redundancy in case the rpi goes down. Even the router DNS server itself would work. Is there no way to achieve this?

I prefer to run adguardhome on the router to skip the potential RPI failure.

 

[DJones]

I prefer to run adguardhome on the router to skip the potential RPI failure.

Another good alternative, I use Diversion along with my setup, but adguardhome is just as good and brings much the same features as using, Skynet, DNSFilter - router, DoT, and Diversion separately. Plus it has a parental features.

Either way is good!

 

[bennor]

Does "Router" mode not use the secondary DNS server defined in the DHCP settings?

What is the secondary DNS IP address you have set in the LAN DHCP DNS server section? If using a public DNS server as the secondary (or backup) to an Raspberry Pi running Adguard, there will exist the possibility of network clients bypassing the Raspberry Pi AdGuard ad blocking/filtering.

Note what the information indicates for the options on the DNSFilter page; ""Router" will force clients to use the DNS provided by the router's DHCP server (or, the router itself if it's not defined)." You might need to set the second DNS entry in the LAN DHCP server section's DNS fields rather than the DNSFilter DNS fields. Or maybe (not sure if possible) one would set the router itself as a Client with No Filtering.

Personally I just specify two Raspberry Pi's (each running Pi-Hole and Unbound) in the DNSFilter Client MAC section with No Filtering. Seems to work fine when one goes down. If you can, setup a second instance of AdGuard or similar (Diversion or Pi-Hole) to avoid network clients bypassing the first instance of AdGuard. I also specifically block 8.8.8.8 and 8.8.4.4 in the Route tab/section. See this link and or this one for general directions on blocking a specific DNS IP address using the LAN Route tab. Examples:

 

[ColinTaylor]

Does "Router" mode not use the secondary DNS server defined in the DHCP settings?

No. As @DJones said, DNSFilter can only redirect to a single IP address. If your DHCP/DNS servers are blank it will redirect to the router. If both DNS servers are specified DNSFilter will redirect to the first one. If the first DNS server is blank but the second isn't, it will redirect to the second server. It cannot redirect a DNS query to more than one address.

 

[Laxarus]

No. As @DJones said, DNSFilter can only redirect to a single IP address. If your DHCP/DNS servers are blank it will redirect to the router. If both DNS servers are specified DNSFilter will redirect to the first one. If the first DNS server is blank but the second isn't, it will redirect to the second server. It cannot redirect a DNS query to more than one address.

As expected, thanks for clarifying this @ColinTaylor, do you know a way to setup redundancy for it (Script
configuration files etc...)?