Using dnsmasq and Pi-Hole for DNS Services in the Network

All Screenshots are © of their respective owners. Visit The Web Design Museum for More Screenshots

I know you're 🙄...

No one likes ads. Blocking almost all ads over the network was a distant dream. I had deployed my own DNS Service using dnsmasq back in Grade 10, but only for resolving my internal domains — cloud.atheesh.org, inside.atheesh.org, wan.atheesh.org, mediacenter.atheesh.org, etc.

Blocking so many ad-servers using dnsmasq by resolving those domains to 0.0.0.0 was next to impossible. Then I came to know about Pi-Hole, a wrapper around dnsmasq which just adds ad-lists from https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts to dnsmasq.conf. Although I could have grabbed the ad-list (a dnsmasq configuration file) and directly put it in my server, I didn't do so, the really beautiful user interface of Pi-Hole prevented me.

Thank Gravity-Sync, a Pi-Hole DNS Replication service. It helps me sync DNS Entries uniformly among all three Dynamic Name Servers — ns01.atheesh.org, ns02.atheesh.org and ns03.atheesh.org.

A DHCP Server?

As I mentioned earlier, I used to use dnsmasq for DNS Services. I also used to use it as a DHCP Server for all the clients in my network. (I made sure to disable my router's internal DHCP Server. You know what two DHCP Servers do when left improperly configured do...)

Why did I need one? To Resolve domains differently for different clients. I used the DHCP Service of dnsmasq to Group Clients (Called tagging in dnsmasq) and block certain websites for those specific groups (that is, resolving certain domains like youtube.com as 0.0.0.0 for all clients in that group).

Again Pi-Hole to the rescue. Pi-Hole could do the same thing without much complexity but by just using the source IP from DNS Request headers (again, it's a wrapper around dnsmasq with improvements) which dnsmasq couldn't do. I configured Pi-Hole to do the same and made my router the DHCP Server creating simplicity in the network.

Screenshots

Primary DNS

Secondary DNS

Tertiary DNS

What does my Internal Network Have?

The Auto Backup Service

Self-Hosting NextCloud

The Project Tracker, Self-Hosting OpenProject

OpenLDAP as an Authentication Provider for All Hosted Websites

Using dnsmasq and Pi-Hole for DNS Services in the Network

VPN Services - OpenVPN, OpenConnect on Ubuntu Server, OpenWRT

Active Directory Services (Hosting SAMBA on Linux Server)

Monitoring all Internal Servers Real-Time, Self-Hosting Grafana, Prometheus and Node-Exporter

Self-Hosting Bookstack, You're Reading from this Deployment

Recording and Live Viewing all CCTVs using Shinobi

My Docker Infrastructure

The Family Media Center, Self-Hosting Jellyfin

Torrent Management (qBittorrent-nox, Jackett, Flaresolvrr and Tor)

Central Downloads Repository, Self-Hosting DirectoryLister

Internal Email, CalDAV and CardDAV Server (Self-Hosting Mailcow)

Self-Hosting OnlyOffice, WOPI Integration with NextCloud

Internal Password Manager, Self-Hosting Vaultwarden

Viewing the Real-Time Status of all Internal Websites

An Internal Wordpress Blog (Guides, Documentation on Internal Network)

Instant File Sharing, Self-Hosting Snapdrop

Internal Network Time Protocol Servers

Instant Messaging using Rocket.Chat

Fliger (The Linux Spotlight)

Marquer (Bootable Image Creator)

Ordne (A Pomodoro Timer)

Status Center (Server Availability Checker using Telnet)

Monitoring Center (Android/iOS App for Veyon)

The BackupPC Desktop Client

Parte (A Wireless Display Extension App)

A Simple Form Filler

Cloud Print (Printing from your Phone without a Wireless Printer)

EduPortal (A Live Class and Ed-tech Platform)

WorkSpace (Employee Attendance, Payrolls, Claims)

Using dnsmasq and Pi-Hole for DNS Services in the Network

I know you're 🙄...

A DHCP Server?

Screenshots

No Comments