DNS over HTTPS with Pi-hole on Firewalla Blue

Follow

Alak

• October 08, 2020 20:01

I wanted to know if the Firewalla built-in DNS over HTTPS does anything useful if you're running Pi-hole on Firewalla?  My understanding is that Firewalla is forwarding its DNS requests upstream to Pi-hole and it is Pi-hole that is actually communicating with external DNS servers.  So given this arrangement does it even make sense to turn this feature on?  Might it cause the Pi-hole DNS to be inadvertently bypassed by communicating directly with external DNS servers?  Or does it actually work to allow Pi-hole to use DNS over HTTPS externally?

0

• 

  Firewalla

  • October 08, 2020 20:51

  The Firewalla DoH will very likely bypass Pi-hole if you have it running.   DoH encrypts everything, so in your case, you need to turn on DoH on Pi-hole. (not sure if pi-hole has it ...)

  1

  Comment actions Permalink
• 

  Alak

  • October 08, 2020 21:29
  • Edited

  Thanks!  So you are confirming that DoH bypasses Pi-hole so Firewalla's DoH should be turned off when using Pi-hole for DNS?  Should this information be added to the following article?

  https://help.firewalla.com/hc/en-us/articles/360034635473-Tutorial-Running-Pi-Hole-on-Firewalla-Blue-in-5-mins

  Regarding running DoH on Pi-hole, it seems that this feature is not built in but there are some instructions about how to do this.  Not sure if it works well on Firewalla.

  https://docs.pi-hole.net/guides/dns-over-https

   

  0

  Comment actions Permalink
• 

  Alak

  • October 09, 2020 06:52
  • Edited

  I just installed cloudflared on Pi-hole following these instructions and it works fine on Firewalla Blue.

  https://docs.pi-hole.net/guides/dns-over-https

  DoH is turned off in Firewalla.  DoH is enabled in Pi-hole via cloudflared.

  1

  Comment actions Permalink

Please sign in to leave a comment.