full image - Repost: Issues With AdGuard Home, DNS Resolution + Hostname Lookup with Ubiquiti Network (from Reddit.com, Issues With AdGuard Home, DNS Resolution + Hostname Lookup with Ubiquiti Network)
Mining:
Exchanges:
Donations:
Thought I would re-post with more information as I continue to have ‘interesting’ issues with AdGuard Home so have another question (appreciate your patience). I have an end to end Ubiquiti network with a UDMP at the front end. I recently built a PI4 running AdGuard Home and setup for DNS. I then added the IP address of the PI4 (.4.2 IP address which sits on the main LAN rather than 1 of the 5 VLAN’s) to the DHCP DNS server field of the main Network configuration page.On each of the VLAN Network config pages I have their DNS server set to the GW for that network. For example, using the table below the VLAN1 network config is set to have its DNS server as .5.1 as that is the GW for that network. The reason I did this is because the .5.1 would of course not reach natively the .4.2 (address of PI4) for DNS resolution.LAN Layout & Additional Information For ReferenceMain lan = .4.1 - Pi4 Running Adguard on this network and PI4 itself has IP of .4.2VLAN1 = .5.1VLAN2 = .6.1VLAN3 = .7.1VLAN4 = .8.1VLAN5 = .9.1FW RulesI have FW rules in place to ensure the DNS from the PI4 is allowed but no other DNS.Port ConfigurationThe PI4 is sitting on a switch port with access to ALL networks (from a tagging perspective) but is assigned its IP off the Main .4.1 network and gets a .4.2 addressIssuesI do not see any hostnames from the VLAN’s in AdGuard logs. If I check query logs then I can see the sites that were visit by the VLAN BUT it is against the .4.1 GW of the main LAN therefore no hostname lookup of the VLAN devices.When I go into Private Reverse DNS Servers on the AdGuard Home DNS configuration and enter the GW address for the main LAN (.4.1) all NSLOOKUP traffic along with browsing traffic stops and I cannot reach the Internet. All local traffic works find, just external internet.QuestionsHow do I keep the UDMP (Dream Machine Pro) as the DHCP server BUT critically have the PI4 do hostname lookup and ensure that those IP’s of the VLAN devices are showing in the AdGuard logs ?How do I correctly configure the Private Reverse DNS Servers so it doesn’t then block all traffic the moment I place the .4.1 GW for the Dream Machine Pro in ? The only way to get around the blocking is for me to disable the FW rule that states for each ‘Network’ block ANY DNS traffic going to the port 53. This rule for dropping of course sits below the allow rules therefore should ONLY be blocking traffic that is not destined for the .4.2 DNS server in the allow rule. These rules work fine UNTIL I add the main NW GW IP (.4.1) to Private Reverse DNSI do notice that after I add the .4.1 GW address to the Private Reverse DNS that an additional line shows up in the GUI 'AdGuard Home could not determine suitable private reverse DNS resolvers for this system.' How do I resolve that ?I’ve read a lot of documentation, reddit posts, unified posts and still cannot resolve this. Thanks so much for any advice/guidance that can be offered. Hope the additional information helps
Social Media Icons