Your DNS workflow
summary:
what does your dns workflow look like if you are using a 3rd party local resolver?
i recall fw documentation cautions against setting the boxes dns for the pi hole due to risks but (and maybe i'm just missing it) i haven't seen explicit documentation on what those risks are, can someone point me to the right literature? or provide a topline?
I was just curious how folks were implementing a 3rd party resolver like adguardhome or pi hole.I think i have over designed mine creating upkeep and general busy work. I currently have my main resolver and clone on their own vlan (adguardhome) which then points to nextdns. The main pain point is having to manually remove dns booster and the annoyance of booting up devices that fail to reach the internet. Also due to segmentation i often have to generate individual device rules allowing traffic to the resolvers.
The main reason i don't just use the firewalla is that I like being able to add cutsom lists through a nice GUI, and also being able to see query management on the local resolver and rebinds.
I'm fast learning simple is both less of a headache and works better.
-
I just got my FWG set up, and have been running Technetium DNS for some time before this.
T-DNS is also set up to be my DHCP server, so it gets all client requests first of all, resolves all local DNS, does major DNS filtering, then passes the baton over to FWG for outside resolution and its filtering.
I've been running this less than 12 hours now, and it all seems to be working flawlessly so far, but my network is not otherwise segmented, just one straight domain/subnet with about 50'ish devices in total, so fairly simple.
Please sign in to leave a comment.
Comments
1 comment