Don’t monitor Pi-holes and wireless APs?

Comments

3 comments

  • Avatar
    Firewalla

    Firewalla will enforce that policy.  (not monitor your DNS server).  The reason is a circular dependency, which pretty much will kill your DNS services

    0
    Comment actions Permalink
  • Avatar
    Jon Cbert

    I can't help think not monitoring the Pi-Hole provides a week point in your network as the Pi-Hole is essentially now a vulnerability. Have I missed something?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    This is because by monitoring pi-hole and pihole is inside of your network, it creates a DNS lookup loop.   This is purely because firewalla intercepts DNS.

    1. Firewalla gets DNS request

    2. Firewalla forward to pi hole

    3. pi hole does a DNS lookup 

    4. Firewalla get pihold DNS request

    5. Firewalla forward to pi hole 

    ...

    Another way to avoid this is to install pihole inside Firewalla, or turn off Firewalla DNS cache.  

    https://help.firewalla.com/hc/en-us/articles/360034635473-Tutorial-Running-Pi-Hole-on-Firewalla-Blue-in-5-min

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk