fspoettel/fritzbox_dns.md

Last active January 4, 2024 13:00

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/fspoettel/b6161226cf8220c4a87fac133f860478.js"></script>
Save fspoettel/b6161226cf8220c4a87fac133f860478 to your computer and use it in GitHub Desktop.

Download ZIP

Pi-Hole setup with a FritzBox!

Raw

fritzbox_dns.md

This config sets up our Pi-Hole for the local network and the guest network while preserving proper host names in the query log.

See here for more context and other possible configuration.

FritzBox!

Internet > Zugangsdaten > DNS Server

DNSv4-Server
[x] Andere DNSv4-Server verwenden
  Bevorzugter DNSv4-Server  {IP pihole}
  Alternativer DNSv4-Server {IP pihole}
  
DNSv6-Server
[x] Andere DNSv6-Server verwenden
   Bevorzugter DNSv6-Server  {ULA pihole (fd00::...)}
   Alternativer DNSv6-Server {ULA pihole (fd00::...)}

Heimnetz > Netzwerk > Netzwerkeinstellungen

DNS-Rebind-Schutz
Hostnamen-Ausnahmen:
pi.hole

Heimnetz > Netzwerk > Netzwerkeinstellungen > IPv4 Konfiguration

Lokaler DNS Server: {IP pihole}

Heimnetz > Netzwerk > Netzwerkeinstellungen > IPv6 Konfiguration

Lokaler DNSv6-Server: {Link-Local pihole (fe80::...)}

Pi-Hole

Settings > DNS

[x] Never forward non-FQDNs
[x] Never forward reverse lookups for private IP ranges
[x] Use DNSSEC
[x] Use Conditional Forwarding
192.168.178.0/24 | 192.168.178.1 | fritz.box

Raw

fritzbox_ntp.md

It's vital that the internal system clock of the Rpi is accurate when DNSSEC is used. This is usually done via ntp. We are going to setup the FritzBox!'s internal time server and configure the Pi-Hole to use it as its ntp upstream.

Other devices in the network can optionally be set to use the local fritz.box time server as well.

FritzBox!

Heimnetz > Netzwerk > Netzwerkeinstellungen

Zeitserver: 0.debian.pool.ntp.org; 1.debian.pool.ntp.org; 2.debian.pool.ntp.org; 3.debian.pool.ntp.org
[x] FRITZ!Box als Zeitserver im Heimnetz bereitstellen

Pi-Hole

# via ssh
timedatectl set-ntp true

# sudo nano /etc/systemd/timesyncd.conf
NTP=fritz.box

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment