What's the problem:
- dig, nslookup can resolve domains using PiHole dns server
- ping, browser etc. can't
What I tried to do:
- reboot :d
- flush cache (
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
) - add/remove wildcard entries from the registrar
- use second level domain or subdomain (hmwsl.de vs int.hmwsl.de)
- add a DNS server entry in network settings apart from DHCP
sudo networksetup -setdnsservers "Wi-Fi" 192.168.69.10
this worked
So the immediate questions are:
- why DHCP-given DNS resolvers are not enough?
- how
dscacheutil
and friends actually work?
What I want:
- reach my raspberry-pi services either from afar or from home LAN
- use a single domain name (with subdomains)to ease authentication with Authelia
- have a single Authelia instance
- use proper Let's Encrypt certificates
- use Traefik as a reverse proxy
What I did:
- got a domain
- set up Traefik, Authelia and a few services (they do work with a .local domain with Avahi)
- set up PiHole with a wildcard DNS entry for the domain (see below)
What's going on:
Dig and nslookup resolve the (wildcard) domain:
➜ dig foo.int.hmwsl.de
; <<>> DiG 9.10.6 <<>> foo.int.hmwsl.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2173
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;foo.int.hmwsl.de. IN A
;; ANSWER SECTION:
foo.int.hmwsl.de. 0 IN A 192.168.69.10
;; Query time: 40 msec
;; SERVER: 192.168.69.10#53(192.168.69.10)
;; WHEN: Tue Jul 18 15:11:12 CEST 2023
;; MSG SIZE rcvd: 61
➜ nslookup bar.int.hmwsl.de
Server: 192.168.69.10
Address: 192.168.69.10#53
Name: bar.int.hmwsl.de
Address: 192.168.69.10
But ping and Mac utils doesn't:
➜ ping foo.int.hmwsl.de
ping: cannot resolve foo.int.hmwsl.de: Unknown host
➜ dscacheutil -q host -a name foo.int.hmwsl.de && echo end
end
❯ dns-sd -q foo.int.hmwsl.de
DATE: ---Tue 18 Jul 2023---
15:15:07.504 ...STARTING...
Timestamp A/R Flags IF Name Type Class Rdata
15:15:07.505 Add 40000002 0 foo.int.hmwsl.de. Addr IN 0.0.0.0 No Such Record
^C
I think my local DNS is configured properly:
➜ scutil --dns
DNS configuration
resolver #1
nameserver[0] : 192.168.69.10
nameserver[1] : 62.233.233.233
nameserver[2] : 8.8.8.8
if_index : 12 (en0)
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
Also ping from the raspberry-pi works alright:
$ ping baz.int.hmwsl.de
PING baz.int.hmwsl.de (192.168.69.10) 56(84) bytes of data.
64 bytes from pi-hole.int.hmwsl.de (192.168.69.10):
And the relevant entry in PiHole:
$ cat pi-hole/etc/dnsmasq.d/02-local-wildcard-dns.conf
address=/int.hmwsl.de/192.168.69.10