I have been trying to setup my own DIY router with Ubuntu server 18.04.3 LTS. I have managed to get working: networking, DHCP, IP forwarding and masquerading, but I am stuck on the DNS server.
I installed pi-hole on the router and it seems to be working:
dig google.com dig googletagmanager.com
only the first resolves
dig @220.127.116.11 google.com dig @18.104.22.168 googletagmanager.com
both resolve, so it appears as if pi-hole is working properly.
The client gets assigned an ip address (e.g. 192.168.16.10) through dhcp. If I configure isc-dhcp-server to assign the DNS server 22.214.171.124 (google) then the client can browse the internet without problem. However, if I assign the DNS 192.168.16.1, then I can open websites using their IP address, but not using their domain name.
From the client
dig @126.96.36.199 example.com
dig @192.168.16.1 example.com
does not work:
; <<>> DiG 9.9.5-3ubuntu0.11-Ubuntu <<>> @192.168.16.1 example.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached
This suggests that the client cannot access the router directly, but when the client opens the IP 192.168.16.1 in a web browser, the pi-hole admin panel shows up.
The firewall is configured in firehol:
version 6 interface enp7s0 wan client all accept for i in 3 4 5 6 do # accept all traffic on lan interface enp"$i"s0 "lan$i" policy accept # server "dns http" accept # route packets between lan and wan router "lan2wan$i" inface enp"$i"s0 outface enp7s0 masquerade route all accept done
Does anyone know what is causing the DNS resolution to fail, or even better, what needs to be done to fix the problem?