How to setup Pi-hole to work with Merlin?

[bennor]

Yes ... I use www.no-ip.com.

Probably an issue with your configuration settings. In a quick and dirty test (WAN DNS fields set to CloudFlare) of a single no-ip.com free account I've had for ages I don't seem or appear to have a warning indicator (exclamation point) when I enable DDNS and input my no-ip info.

How to Configure DDNS (Dynamic DNS) in a Router - Support | No-IP Knowledge Base

Learn how to configure DDNS in a rotor by clicking through to this helpful Knowledge Base article.

www.noip.com

Setup and Configure Dynamic DNS in an ASUS Router

Learn how to setup and configure your dynamic DNS in an ASUS Router, by clicking through to this helpful Knowledge Base article.

www.noip.com

Asus DDNS - Support | No-IP Knowledge Base

If you have a Asus Router with Firmware 3.0.0.4.220 you can now use its embedded DDNS client to update your No-IP.com hostname.

www.noip.com

 

[cptnoblivious]

If I don't put my Pi's IP address in the WAN DNS field, I get an "exclamation mark" on the Network Map page next to my DDNS address and my router cannot perform an NTP sync. Those issues go away when I reference my Pi in the WAN DNS field.

RT-AC68U on 386.3_2 but I had the same behavior on prior releases so it's not specific to the current release.

View attachment 35787

I use DDNS and have the Canadian Shield servers as me WAN DNS servers. My Pihole servers are in the LAN settings.

No exclamation mark, everything works, time is accurate.
Started this config with Merlin 384.x, then 386.x to now 368.2_6, never had any issues FWIW.

 

[shabbs]

Interesting. What DNS entries have you tried on your WAN DNS that are not your Pi-hole's?

I have DDNS Enabled (using the DynDns.org services) and have Quad9 DNS IPs in my WAN DNS setup. No issues here.

I do not Pi-hole my WAN DNS.

 

[stargazer]

Does this 2020 approach still work?

How to set up Pi-Hole on AsusWRT Merlin from scratch for home-wide ad-blocking

In six easy steps and approximately 30 minutes

www.augusteo.com

 

[bennor]

Does this 2020 approach still work?

How to set up Pi-Hole on AsusWRT Merlin from scratch for home-wide ad-blocking

In six easy steps and approximately 30 minutes

www.augusteo.com

There are many online setup guides for setting and configuring Pi-Hole for use on Asus routers that are similar to that one. In the guide you linked there is one setting that is not necessarily recommended. If one enabled (sets to Yes) Advertise router's IP in addition to user-specified DNS in the LAN > DHCP Server > DNS and WINS Server Settings section it will include the Asus router as a second or third DNS server to network clients. Depending on how you have the Asus-Merlin router configured this could cause DNS requests to bypass the Pi-Hole. This is why quite a few directions will recommend one set "Advertise router's IP in addition to user-specified DNS" to No.

 

[cptnoblivious]

Does this 2020 approach still work?

How to set up Pi-Hole on AsusWRT Merlin from scratch for home-wide ad-blocking

In six easy steps and approximately 30 minutes

www.augusteo.com

The LAN - DHCP screenshot is wrong.
"Advertise the routers IP in addition ..." box needs to be set to "no".

Otherwise some clients may use the router as the DNS server and bypass Pihole.

 

[WRobertE]

Interesting. What DNS entries have you tried on your WAN DNS that are not your Pi-hole's?

I have DDNS Enabled (using the DynDns.org services) and have Quad9 DNS IPs in my WAN DNS setup. No issues here.

I do not Pi-hole my WAN DNS.

I want all DNS requests to go thru my Pihole.

 

[shabbs]

I want all DNS requests to go thru my Pihole.

Me too. My LAN DHCP settings give out my Pi-hole IPs as DNS. DNSFilter is enabled to catch anyone trying to by-pass (IOT devices etc...) with hard coded DNS entries. That covers all LAN originated traffic.

The WAN DNS is set to an external DNS to ensure my Router can still find "outside" for proper time-sync etc...

I believe Pi-hole's own docs also don't recommend putting the Pi-hole IP in your WAN DNS.

 

[bennor]

Generally the Pi-Hole documentation does not recommend or suggest inputting the Pi-Hole device IP addresses into the router's WAN fields. They recommend using just the DHCP server's DNS fields. See here: https://docs.pi-hole.net/main/post-install/ and here https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245

If one insists on inputting the Pi-Hole into the router's WAN DNS fields, do not enable Conditional Forwarding in the Pi-Hole GUI. Doing so creates the potential for a "loop" that can spam or flood the local network. (see here, and here for some discussion.)

 

[Galgofa]

Just setup Pihole and setup Merlin as advised above. "DNS Server 1" ip is Pihole's IP and "Advertise router's IP in addition to user-specified DNS" seto to "NO"

Also i still have running Diversion on the router, do i need to deactivate it or uninstall completely ? Is it additional settings required to be changed in the "WAN DNS Setting" part ?
I have like this for now:

Spoiler: print WAN