1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Merlin + Guest Network + 2xPiHoles

Discussion in 'Asuswrt-Merlin' started by RighteousPy, May 28, 2020.

  1. RighteousPy

    RighteousPy New Around Here

    May 27, 2020
    Hoping there may be some gurus that could assist. First and foremost wanted to thank Merlin and the associated members of this great community for their scripts (Diversion, Yazfi, Unbound etc)!

    I have the basics down but looking to do something a little more 'complex' and have been running into a brick wall for the last few days. What I'm trying to achieve is the following:

    1. VPN Client running on for select devices (no DNS Leaks) - working
    2. Guest Network Wifi setup for my IoT devices (192.168.5.x) - this is easily solved with Yazfi (not running through the VPN) - working
    3. A PiHole running for those IoT (Static IP, excluded from VPN tunnel and this is set to Force DNS on the Guest Wifi) - working
    4. A PiHole for just the VPN clients, so they can block Ads (so as to avoid DNS Leaks) - not working

    Some background - at the moment my RPi is setup using Docker, and one Container for PiHole. It's using the IP of the Host (Eth0 - This works wonderfully for non-VPN clients setup by:
    • Excluded from the VPN Tunnel
    • Static IP -
    • Set to LAN DNS1
    • DNSFilter is set to Router
    • DNSFilter is excluding the RPi
    • On PiHole, the Upstream server is set to (my Router)
    However, if I put my VPN clients through it as well, I obviously get DNS leaks as the PiHole is using my ISP's DNS/IP (not interested in using Cloudflare etc - will eventually look at Unbound). So my thinking is to create another Docker Container for a 2nd PiHole and place it on the Guest Network's 192.168.5.x IP range.

    Issue is I'm unsure how to get a Docker Container to have the 192.168.5.x address range as the RPi only has Eth0. I've looked into macvlan and ipvlan through Docker but won't it still have issues as the host is using Eth0 (and as such the 192.168.1.x range?). I can't do VLANs because I believe ASUS/Merlin don't support it. Obviously without buying another physical RPi :p

    Is there something I'm missing in using one PiHole for both sets of devices - I haven't found anything online to allow me to split certain devices to certain Upstream servers or punch it to the Router to handle. Has anyone had any luck on how to best make the above work?