DNS Hierarchy? WAN DNS v DHCP Server v DNSFilter

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

peepsnet

Regular Contributor
Can someone explain the hierarchy in the 3 systems?

Which one is the final authority in assigning the DNS servers to the clients?
 

dave14305

Part of the Furniture
1. DNSFilter overrides everything else for clients.
2. LAN DHCP comes next, assuming it is populated with external DNS IPs.
3. If no 1 or 2 is defined, then the router receives the client requests and forwards to the WAN DNS servers.
 

peepsnet

Regular Contributor
Thank you so much for the quick answer!! This is what I though but wanted to make sure

1. DNSFilter overrides everything else for clients.
2. LAN DHCP comes next, assuming it is populated with external DNS IPs.
3. If no 1 or 2 is defined, then the router receives the client requests and forwards to the WAN DNS servers.
What is the function "Global Filter Mode" under DNSFilter in this whole process???
 

dave14305

Part of the Furniture
What is the function "Global Filter Mode" under DNSFilter in this whole process???
Global mode is what every device is subject to, unless they have a client-specific rule defined in the lower section to either a) set as No Filtering or b) choose a different filter than the Global default. For example, I might want Quad9 setup for the whole network (Global mode), but want Cleanbrowsing Family for my childrens’ devices. Or I might want my iPad exempt from filtering so I can go wherever I want.
 

Chris_J

Regular Contributor
Not wishing to hijack your thread, but I had a similar question and it saves making another thread.

Since we now know that DNSFilter takes first priority, can one use this to point to a DNS server located inside the network (i.e. Unbound running on a RPi)?
 

Vexira

Part of the Furniture
Not wishing to hijack your thread, but I had a similar question and it saves making another thread.

Since we now know that DNSFilter takes first priority, can one use this to point to a DNS server located inside the network (i.e. Unbound running on a RPi)?
Yes I use to for pihole, you have to point it to the server IP, in my case the pi's IP.

I set it to custom one and global filter to custom one.
 

Chris_J

Regular Contributor
Perfect. This is what I expected so it makes me feel more sure of what I am doing.

So basically:

DNSFilter > Custom > Custom 1 > 192.168.1.XX

Hopefully this works just as well with Unbound as it does with Pihole.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top