Currently have nice long docker compose file that hosts my PiHole V6 container (along with a bunch of other containers) however, reason i ask this question is because whenever I go to pull an updated image and recreate the container I experience about 20 minutes of no DNS resolution which to my knowledge is due to the NTP clock being out of sync.

What’s the best way to host a DNS sinkhole/resolver that can mitigate this issue?

Was thinking of utilizing Proxmox & LXC but I suspect I’ll get the same experience.

Update: Turns out PiHole doesn’t support two instances, I got both of them on separate devices also set the 2nd DNS server in my routers WAN & LAN DNS settings which did in fact split DNS between both instances however, I lost access to my routers web-ui, my Traefik instance & reverse proxies died and I lost all internet access.

So, don’t do what I did.

Update 2: So everything I said in my first update let’s disregard that, turns out I had my router forcing all DNS to PiHole server 1 which caused my issues mentioned above.

Two servers appears to work!

  • Jjoiq@lemmy.worldEnglish
    3·
    1 day ago

    2 pihole instances 1 pi5 1 pi4 Keepalived provides vrrp at a set address.

    Instances kept in sync via orbital

    1 goes down the other takes over.

    Quite elegantly.

    • Morphit @feddit.ukEnglish
      2·
      1 day ago

      Where do you do DHCP? I had a primary pihole with DHCP enabled and a secondary with a cron job that enabled DHCP if the primary was down or disabled it if the primary was working. The cron job did sync DHCP leases from one to the other but it was a bit janky. I tried to update the secondary to pihole v6 and hosed it so I have no backup for now. I’d like to re-image the secondary and get a better setup - when I have time.

      Edit to say I really wanted to try keepalived - that’s really cool to fail over without clients noticing.

      • Jjoiq@lemmy.worldEnglish
        1·
        9 hours ago

        Debian & ubuntu sudo apt install keepalived

        sudo apt install libipset13

        Configuration

        Find your IP

        ip a

        edit your config

        sudo nano /etc/keepalived/keepalived.conf

        First node

        vrrp_instance VI_1 {

        state MASTER

        interface ens18

        virtual_router_id 55

        priority 150

        advert_int 1

        unicast_src_ip 192.168.30.31

        unicast_peer {

        192.168.30.32

        }

        authentication {

        auth_type PASS

        auth_pass C3P9K9gc

        }

        virtual_ipaddress {

        192.168.30.100/24

        }

        }

        Second node

        vrrp_instance VI_1 {

        state BACKUP

        interface ens18

        virtual_router_id 55

        priority 100

        advert_int 1

        unicast_src_ip 192.168.30.32

        unicast_peer {

        192.168.30.31

        }

        authentication {

        auth_type PASS

        auth_pass C3P9K9gc

        }

        virtual_ipaddress {

        192.168.30.100/24

        }

        }

        Start and enable the service

        sudo systemctl enable --now keepalived.service

        stopping the service

        sudo systemctl stop keepalived.service

        get the status

        sudo systemctl status keepalived.service

        Make sure to change ip and auth pass.

        Enjoy

      • Jjoiq@lemmy.worldEnglish
        2·
        12 hours ago

        On the router.

        My router is locked down so i assign the vrrp address to wach client (pain in the ass) but it works.

        Pivpn takes care or wireguard too.