Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GT-AXE16000 - How to enforce router's (PiHole) DNS on manually configured devices?

newyorker
Level 7

‎01-01-2024 10:23 AM - edited ‎01-06-2024 07:39 AM

I've set up a PiHole with Unbound to filter DNS traffic, but some devices like Fire TV and Google Home are still using 8.8.8.8 instead of the PiHole's DNS. I've configured my router to use the PiHole as its primary and secondary DNS, but this hasn't resolved the issue. Also, manually configuring DNS settings on individual devices isn't always feasible due to hardcoded settings or accessibility restrictions. I've tried the following without success:

  • Blocking port 53 for 8.8.8.8 in Network Services Filter
  • Adding PiHole DNS to both WAN and LAN settings
  • Enabling "prevent Auto DOH"
  • Disabling "secure DNS" on browsers
  • Disabling "Advertise router's IP in addition to user-specified DNS"

Is there any solution that ensures all devices on my network use the PiHole's DNS, ideally without changing my router as a DHCP server ? I've read about loopback or NAT-based approaches, but I haven't found those options in my router's settings (running on Asus's latest frmware).

I'd appreciate any guidance on how to achieve network-wide DNS routing to my PiHole, even for devices that may be manually configured or hardcoded to use external DNS servers.

0 Kudos
1,556 Views
3 REPLIES 3

Indigian
Level 10

‎01-06-2024 04:38 AM - edited ‎01-06-2024 04:40 AM

@newyorker wrote:

I've set up a PiHole with Unbound to filter DNS traffic, but some devices like Fire TV and Google Home are still using 8.8.8.8 instead of the PiHole's DNS. I've configured my router to use the PiHole as its primary and secondary DNS, but this hasn't resolved the issue. Also, manually configuring DNS settings on individual devices isn't always feasible due to hardcoded settings or accessibility restrictions. I've tried the following without success:

  • Blocking port 53 for 8.8.8.8 in Network Services Filter
  • Adding PiHole DNS to both WAN and LAN settings
  • Enabling "prevent Auto DOH"
  • Disabling "secure DNS" on browsers

Is there any solution that ensures all devices on my network use the PiHole's DNS, ideally without changing my router as a DHCP server ? I've read about loopback or NAT-based approaches, but I haven't found those options in my router's settings (running on Asus's latest frmware).

I'd appreciate any guidance on how to achieve network-wide DNS routing to my PiHole, even for devices that may be manually configured or hardcoded to use external DNS servers.

Did you try the DNSfilter in LAN settings or is that what you mean,its not working?

DNSFilter allows you to force LAN devices to use a specific DNS server, which can be useful if you want to force them to use a filtering service that would block malicious or adult sites. You can set a global network-wide server, or client-specific servers. Beside the available presets you can also define up to three different custom servers to use.

A few special System options are available in the presets. "No Filtering" will disable/bypass the filter, and "Router" will force clients to use the DNS provided by the router's DHCP server (or, the router itself if it's not defined).

newyorker
Level 7
In response to Indigian

‎01-06-2024 07:30 AM

Thank you so much for your response!

As you mentioned, the "redirection" feature I was looking for is indeed part of the DNS Director function, which was previously known as DNSFilter. Unfortunately, it's only available on Merlin firmware. I'm currently using the factory firmware, and that version doesn't seem to have the "redirection" section where this feature could be configured in the settings. I also stopped the router from advertising it's IP in addition to user-specified DNS, but manually set devices are unaffected.

The factory firmware does allow SSH access, so wondering if it might be possible to achieve a similar redirection configuration through iptables or another method, even though the built-in feature is missing. Any guidance you can offer would be incredibly helpful!

0 Kudos

Indigian
Level 10
In response to newyorker

‎01-08-2024 12:51 PM

@newyorker wrote:

Thank you so much for your response!

As you mentioned, the "redirection" feature I was looking for is indeed part of the DNS Director function, which was previously known as DNSFilter. Unfortunately, it's only available on Merlin firmware. I'm currently using the factory firmware, and that version doesn't seem to have the "redirection" section where this feature could be configured in the settings. I also stopped the router from advertising it's IP in addition to user-specified DNS, but manually set devices are unaffected.

The factory firmware does allow SSH access, so wondering if it might be possible to achieve a similar redirection configuration through iptables or another method, even though the built-in feature is missing. Any guidance you can offer would be incredibly helpful!

Indeed I am using Merlins but alas can only use 386 builds so am missing a few features.

Also sounds like you know more than me 🙂

Are the Fire TV and Google Home hard coded to use said  DNS maybe?

How are you determining that they don't use the DNS/IP you set?

Which LAN tab/setting did you use/set?

0 Kudos