Source of DNS queries not seen in adguard of alternative dns server like Pi-hole

Why is the router, Brume in my case, listed as the only client in Adguard or when using an alternative DNS server, like Pi-hole?

This prevents me from seeing the source of DNS queries.

Could you sent a diagram how your network looks?

From what I think why it might happen is because your pihole is before the flint and not connected as client on flint?

Basicly it works as follows: everything on wan will see your router ip as client, so if you would have a setup like modem->flint between the modem and flint its being threated to use only the routers ip as client, and vise versa on the side of isp they will see your modem ip.

So in order to have clients work…

  1. You can do the easiest and connect the pihole on the router as client and make flint advertise this dns.

  2. you can also turn the flint router in a switch setup by moving the modem cable in ethernet 1 or turning wan to lan (edit: quick search says you can use Access Point Mode), you dont have to use dhcp anymore on the flint.

  3. or you may even be able to lease a section of flints dhcp and gain access, or by advertising the dhcp (it might not work, also things like authorative dhcp and fw zones come to mind which can make it difficult, and upstream is never aware of downstream).

Thanks for the quick reply. However I am a Brume router.

iPhone → USB tethering → BRUME → clients

When looking in the logs I only see the as a client which handles all client requests. When changing over from adguard to the an alternate DNS, like Pi-hole, I see the same behaviour.

This behaviour is unexpected to me.

And the adguard instance runs on your router correct?

And the pi-hole instance is also set as a client and not in front of brume?

In that case I agree this seems a little strange, I have never used a situation with tethering, but I believe the tether gateway should be just considered as wan, and if it happens before this, maybe there is a bug or metric issue?

You are sure you also tested it without vpn in case it was on?

Indeed I reverted the settings to default; adguard on the Brume same result. Then reverted to default again, removed adguard and set the alternate DNS to a Pi-Hole (running on a VM, VMware ESxI host); same result.

No VPN configured in both cases.

Can you confirm what is the IP address of the DNS server on the client devices? Are all the clients using DHCP from the router?

I do not work for and I do not have formal association with GL.iNet

When i execute a nslookup it results in a as the DNS server. This is also valid when the alternative DNS server is used. I think that this is the culprit as the clients don’t directly connect the AdGuard/Pi-Hole but to the Brume and that dnsmasqd acts as a passtrought to Adguard or Pi-Hole.

When you use Pi-Hole as your DNS server, the DNS server on the client devices should be the Pi-Hole’s IP address, not the Brume’s IP address. You can change what the DHCP server sends to clients via LuCI → Network → Interfaces → LAN → Edit → DHCP Server → Advanced Settings → DHCP-Options. I don’t think the GL.iNet UI has this setting, but not sure.

I do not work for and I do not have formal association with GL.iNet

1 Like

@wcs2228 This works as expected, thanks!