Hi, I have a Pi-Hole server up and running on a linux machine.
I have 2 LAN Subnets on 2 ports which are -
ether1=10.10.10.1/24 and ether2=10.10.9.1/24
Both of the subnet is assigned for an individual DHCP server which gateways are 10.10.10.1 and 10.10.9.1
Pi-Hole Server is sitting under ether1 Interface, which IP is 10.10.10.5. I have configured this IP as my DNS server accross all of my devices using DHCP Server
For better understanding, here’s my network diagram
If your end devices are configured to use the gateway-IP as DNS then this is normal and you will never see requests from individual LAN devices.
You have the correct DNS-settings in your DHCP-config ? Please post some relevant config pieces for DHCP etc and conceptual drawing if the Pihole is sitting on some special separate network or something. What is the LAN-IP of the Pihole etc,etc,etc
Adapt your masq-rules and include the outgoing ISP interface ??
Without specifying the exiting “Internet” interface it will probably do a bit more more snat/masq where you don’t want it.
You want traffic from/between 10.10.10.x and 10.10.9.x to flow without any translation/nat/masq actions I guess, just “routed”.
I agree that masquerade rules should include outgoing ISP interface. But if masq rules are changed that way, you can probably only keep one and omit specifying the src-address. This way router will masq anything going out of ISP interface, no matter what original src-address of packet was. Hence single rule would be enough.
If you only have one WAN connection
add action=masquerade chain=src-nat in-interface=wanconnectionport
DHCP server-network DNS setting for the the user network should be the IP address of the pi-hole device.
Ensure the user subnet has access tot he pi-hole device in forward chain.
Ensure the pi-hole device and the users have access to the internet
