Set node as DNS server for external clients

[KingMichaelPark]

Hello Netmaker team,

I'm not raising this as a bug ticket because it's probably me doing something stupid, but I am trying to set my network to use the my pihole (set up as a node) as the dns resolver for requests made for clients who connect as an external client. I have set the pihole's subnet IP 10.10.10.1 for example as the network's external_client_dns IP field that is on the network.

However, upon connecting with my phone using the wireguard client, my dns requests do not seem to be going through that dns as the site blocking does not work, and as soon as I turn off the VPN, the blocking immediately comes back on.

That said, I am setting the IP for that node much in the same way as Tailscale did it https://tailscale.com/kb/1114/pi-hole/#step-3-set-your-raspberry-pi-as-your-dns-server, using just the node IP and I want to make sure that is what I should be setting it as.

Network:
10.10.10.0/24
Netmaker-ingress-main-node: 10.10.10.254
Pihole: 10.10.10.1

External clients config contain a
dns = 10.10.10.1 entry.

Thanks for such a great product !

[DrDoug88]

I was looking to do something similar. What I did was set the DNS upstream from CoreDNS to my AdGuard container (PiHole would be the same way) with a static IP. CoreDNS looks to be pretty well integrated into the server, so chaining it onto the end was much easier. Then, I can also do local internal DNS resolution in AdGuard as well, mainly because CoreDNS does not handle wildcard entries (while AdGuard does). To set the upstream for CoreDNS, bind mount the CoreDNS volume to a specific directory, i.e.

./coredns/dnsconfig:/root/config/dnsconfig

Then, change the forward ip address in Corefile inside of this directory, it should look like this:

. {
reload 15s
hosts /root/dnsconfig/netmaker.hosts {
fallthrough
}
forward . <The IP address of AdGuard/PiHole>
log
}

Make sure you also change the bind mount on the NetMaker server container as well. Restart your containers and you should be good.

By the way, I'm a huge fan of NetMaker as well. Thanks for all of the hard work put into it.

[KingMichaelPark]

Thank you for the explanation and suggestion @DrDoug88 I will give this a go when I get the chance.

[afeiszli]

Did this work @KingMichaelPark ? wondering if we can mark @DrDoug88 's response as an answer.

[squromiv]

I have Technitium DNS Server, installed in some node, that is connected to netmaker network. I need to push address of this DNS-server to certain devices (smartphones, tablets) from this network as primary source of DNS. Also I need to push alternate DNS-server (Cloudflare, Google, OpenDNS etc.) if the main node will become unavailable. How to achieve this?

[mattkasun]

From wg-quick man page:
DNS — a comma-separated list of IP (v4 or v6) addresses to
be set as the interface's DNS servers, or non-IP hostnames
to be set as the interface's DNS search domains. May be
specified multiple times.

so, in netmaker UI add comma seperated list of DNS servers in Default exp client field on Network Tab