Pi-Hole New User

deepak_lebdeepak_leb OG
edited January 2021 in Help




Hola,

Hope some of LEB users use Pi-Hole here.

I just now installed Pi-Hole to one of my US Server. Ok everything runs ok.

But is there any point the A record to that Pi-Hole IP Address ?, I mean it is hard to remember the Ipv4 address.

And I would like to use a sub-domain as my DNS Server ( Pi-Hole server ), So Anyway to do that ?.

Is this possible ?

And want to use that sub-domain dns on private DNS setting

Comments

  • BochiBochi OG

    Well, you would then have a classic "chicken-and-egg" problem: whom would you ask for the IP of the entered A record? ;)

    Thanked by (1)deepak_leb
  • FreekFreek Senpai

    Please don't setup an open DNS resolver if you don't know what you're doing: https://blogs.infoblox.com/community/how-dangerous-can-an-open-dns-resolver-be-part-i/

    Especially Pi-hole is not meant to be setup as a public dns resolver. Instead it's designed to be used within a closed network, for example over VPN. Pi-hole does not feature any rate limiting and will happily answer ANY queries, which are notorious for being used in DNS amplification attacks.

    So please, restrict access to you pi-hole instance by using (for example) pi-VPN.

    Thanked by (1)deepak_leb

    LinuxFreek.com — Hosted on 🇪🇺 Scaleway Stardust with Native IPv6 | IPv4 Proxy, WAF & DNS powered by 🇳🇱 DutchIS

  • vimalwarevimalware OG

    Change the listen interface to tun0/wg0 (openvpn/wireguard) and tunnel dns/all your traffic through the vpn.

    Thanked by (1)deepak_leb
  • saibalsaibal OG

    vimalware said:

    Change the listen interface to tun0/wg0 (openvpn/wireguard) and tunnel dns/all your traffic through the vpn.

    ^^This^^

    For extra cookie/brownie points setup Unbound as the upstream recursive DNS resolver. Follow this if you get stuck.

    Thanked by (1)deepak_leb
  • deepak_lebdeepak_leb OG

    @Freek said:
    Please don't setup an open DNS resolver if you don't know what you're doing: https://blogs.infoblox.com/community/how-dangerous-can-an-open-dns-resolver-be-part-i/

    Especially Pi-hole is not meant to be setup as a public dns resolver. Instead it's designed to be used within a closed network, for example over VPN. Pi-hole does not feature any rate limiting and will happily answer ANY queries, which are notorious for being used in DNS amplification attacks.

    So please, restrict access to you pi-hole instance by using (for example) pi-VPN.

    ok noted

  • deepak_lebdeepak_leb OG

    @saibal said:
    vimalware said:

    show previous quotes

    ^^This^^

    For extra cookie/brownie points setup Unbound as the upstream recursive DNS resolver. Follow this if you get stuck.

    Will follow this

  • vimalwarevimalware OG

    @deepak_leb said:

    show previous quotes

    Will follow this

    Also, (obviously) firewall off port 53 (DROP) on public interfaces using whatever layering of rules you prefer.

    Thanked by (1)deepak_leb
Sign In or Register to comment.

© LowEndSpirit 2025

ipv6 ready