Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2024-11-15 02:42:58 +00:00
Code Issues Projects Releases Packages Wiki Activity
pi-hole/advanced
History
deHakkelaar ad39ba30bd
Enable DNS forwarding loop detection 
Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
       --dns-loop-detect
              Enable code to detect DNS forwarding loops; ie the  situa‐
              tion  where  a  query  sent  to one of the upstream server
              eventually returns as a new query to the dnsmasq instance.
              The  process  works  by generating TXT queries of the form
              <hex>.test and sending them to each upstream  server.  The
              hex is a UID which encodes the instance of dnsmasq sending
              the query and the upstream server to which it was sent. If
              the  query  returns  to the server which sent it, then the
              upstream server through which it was sent is disabled  and
              this  event  is  logged.  Each  time  the  set of upstream
              servers changes, the test is re-run on all  of  them,  in‐
              cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
  [✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
2020-10-22 18:54:04 +02:00
..
bash-completion Remove references to privacy level 4 (no longer functional) 2020-10-13 23:53:23 +01:00
GIFs Multiple gif files to choose from 2015-06-06 23:29:54 -05:00
Scripts Merge pull request #3794 from pi-hole/security/non_FQDNs_locality 2020-10-21 21:09:05 +02:00
Templates Fine-tune adlist:adte_modified trigger and don't default new date_updated column to now but use NULL instead 2020-09-07 21:11:57 +02:00
01-pihole.conf Enable DNS forwarding loop detection 2020-10-22 18:54:04 +02:00
blockingpage.css Fix/tweak blocking page 2020-05-31 15:54:11 +03:00
cmdline.txt consoleblank=0 2016-02-20 01:15:14 -06:00
console-setup file to set lcd font size 2016-01-23 11:48:12 -06:00
dnsmasq.conf.original Assorted typo fixes. (#3126) 2020-03-08 16:53:14 -07:00
index.php Sign-off for DCO 2020-09-06 13:53:03 +02:00
lighttpd.conf.debian Tweak lighttpd configs 2020-07-02 12:28:26 +03:00
lighttpd.conf.fedora Tweak lighttpd configs 2020-07-02 12:28:26 +03:00