dns Archives - John Beales

Make a Pi-Hole Work with a Bell Giga Hub

Due to a recent 10-block move there were shenanigans and my previous ISP was incapable of transferring my service to our new address. As a result, I signed up for the much faster Bell Fibe, fibre-to-the-home service. Now I have a 1.5 Gigabit internet connection, and pay less than I did for the 25 megabit connection. Sweet! I had some trouble getting my Pi-Hole up & running so I’m sharing what I did in case others have similar problems.

The Previous Setup

My old setup consisted of a DSL modem in bridge mode and an TP-Link Archer C7 router V2 that handled all networking tasks except for responding to DNS queries. The C7’s DHCP settings pointed to the Pi-Hole as the main DNS server for the network, and it worked great.

The Plan: Giga Hub + Pi-Hole

Included with my new service is a Bell Giga Hub, which is a combination ONT and router, (with a 10 gigabit ethernet port and wifi 6e!). Despite some complaints in /r/bell it seems like a very capable device, so I planned to use it as the main network device, and try to use it to point all devices on the network to a Raspberry Pi running Pi-Hole.

The Roadblock

Despite a place in the Giga Hub’s admin interface where it looks like I should be able to point the DNS at the Pi-Hole, I couldn’t get it to work. Every time I pointed DNS at the Pi-Hole the Pi-Hole couldn’t access the internet. It couldn’t even ping an IP address.

A screenshot of the Bell Giga Hub's dns settings — It looks like I should be able to set a DNS server here… but it doesn’t work.

Side Quest: Restoring Internet Access to the Pi-Hole

I ended up with a Raspberry Pi that couldn’t access the internet, which wasn’t ideal. The Pi was accessible on the local network, so I initially restored its internet access by changing it’s IP address. I later realized that turning setting the Giga Hub’s DNS back to “Obtain DNS information automatically” and changing or deleting the IP address in the “Manually specify DNS information” would restore the Pi’s internet access. It seemed that even though the router was using external, upstream, DNS, it was still doing something weird with the IP address in the inactive “Manually specify DNS information” screen.

DHCP to the Rescue

The solution ended up being relatively simply. Pi-Hole has the option to use the Pi-Hole as a DHCP server, and it is smart enough to tell connecting devices to also use the Pi-Hole for DNS. So I turned on the Pi-Hole’s DHCP server and configured it to allocate IP addresses in the same range as the Giga Hub, then turned off the DHCP server on the Giga Hub and everything worked. DHCP is a broadcast service so there is no configuration telling clients where to find the server. If there’s a DHCP server on the network the devices will find it.

Some posts in /r/bell had me worried that I would have to either use my C7 or another, faster, router in PPPoE mode, but switching to the Pi-Hole as the DHCP server was enough. That’s great because I didn’t want to buy another fast router, or use my older C7 when there’s a perfectly capable Wifi 6e router in the Giga Hub.

When I set this all up my Giga Hub was on Firmware version 1.14.something. The firmware was recently updated to version 1.16 and is still working. It may be that Firmware 1.16 also fixes the problem I had setting the DNS server on the Giga Hub, but what I have is working, and if it ain’t broke don’t fix it.

A screenshot of my pi hole admin panel showing that it is processing thousands of DNS queries. — My Pi-Hole is processing thousands of DNS queries, (yes, I know blocking is off at the moment).

Switching to an External DNS Provider

The other day I discovered, and tweeted, that Bell Canada, my ISP, has started doing DNS Redirection. That is, if I try to visit a domain that does not exist, they send me to a page of search results for whatever I typed. This can be considered convenient, but it is kind of like connecting you to 411 if you misdial a telephone number – not exactly what I want. Bell offers an “opt-out”, but despite the name it it’s not an opt-out. They simply set a cookie in your browser that redirects you to yet another webpage that they attempted to make look like the error page from your browser, (and failed).

This wouldn’t really be a problem if I wasn’t developing a program for BonzoBox right now that checks to see if user-entered URLs really exist. All of the sudden I can’t test my work because no matter what domain name a URL starts with, it resolves, and returns a 200 status code to boot! This will not do.

I needed a new DNS provider, however, who do you trust? I tried out OpenDNS, but they do the same thing as Bell just started doing, (except, they’ve been doing it for a while, maybe always, and they’re up front about it). I read about how Level3 has great DNS servers, but if you look at level3.com it doesn’t mention it anywhere, (it’s not exactly what they’re known for).

I did run across some Level3 DNS Server addresses on DSLReports.com, but are they really Level3’s servers, or are they some hacker’s servers that has seeded the forum with some bogus info in order to capture my banking info? Well, a whois lookup told me that they do belong to Level3, so my new DNS servers are now 4.2.2.1 – 4.2.2.4. They’re even easy to type!

FYI: This does not appear to be a paid service from Level3, but if it was, it is something that I would be willing to pay a few dollars a year for.

Bell, on the other hand, is barely hanging on to my business. The only reasons I am still with them is 1) I am too lazy to research the alternatives, and 2) I have an old account with no monthly bandwidth cap. If I can find another service that is reliable and has no bandwidth cap, I may very well consider switching.

Frugal Subversion Setup

A while ago I read about, and downloaded the new Versions subversion client. I had never used subversion before except for grabbing a bit of code once in a while and was excited to try it out. Even though I usually work alone the idea of versioning is very appealing – that way if anything goes wrong I can revert quickly to a previous working version.

Versions is great, but thats a topic for another post. The problem I ran into was the 1-repository and 20 MB limit on the free Beanstalk account is too low for me, and the entry-level price of $15 a month is higher than I want to pay. Maybe if I become a svn-a-holic I’ll pay it, but not right now. I looked at some other free subversion hosts, but decided to set up my own, without paying for anything. First, the components:

The PC that is now my Subversion server.
VisualSVN Server, (it’s free, and I don’t have to deal with the command-line).
A WRT54G running dd-wrt firmware.
A DynDNS.org account, (so I can access the repository from the outside world – if you have a static IP you shouldn’t need this).
Your own domain name, (optional – just to make the DynDNS.org URL look nicer).

The basic setup is really simple. Download VisualSVN Server and run the installer. Choose where you want the program and the repositories to live. It works like any other Windows installer and only takes a few clicks. Once installed, the VisualSVN Server Manager provides a GUI to manage the server and you can set up a repository and a user with just a few more clicks. It’s super easy.

Once the VisualSVN server is set up you should be able to easily access the repositories from your LAN, but what if you want to work from a coffee shop?

This is where DynDNS.org comes in. If you don’t have a static IP address, and it changes all of the time, you will need an update service to make yourself findable from the outside internet. I looked at several services, but ended up going with DynDNS.org because of its long history, it is free, and it allows enough requests per month that I don’t think I’ll ever hit the limit. Go ahead and set up a DynDNS.org, (or your provider of choice), account and chose a domain, it’s Pretty simple.

Next, you will have to configure an update client for DynDNS.org. This is a program that tells DynDNS.org when my IP changes. Luckily, there is one built into dd-wrt. In order for the router to know my WAN IP I had to set up the router to connect by PPPoE, (instead of the default DHCP setup, where it gets an IP address from the modem). Luckily on dd-wrt this is very simple. Under the setup tab there’s a drop-down for PPPoE, then you find your connection username & password and enter them in the boxes. Hopefully it will be just as easy for you. Once PPPoE is set up, go to DDNS, (a sub-tab of Setup), and enter your DynDNS.org info. Remember to hit “Apply Settings” each time.

That’s all great, but what happens when you’re at a coffee shop and try to connect? Nothing. DD-wrt has a pretty strong firewall. There’s a little more setup still to do. First, the computer with the SVN server needs to have a static IP within the LAN. Since I don’t enjoy messing with windows network settings, I do this with the router. Under the Services tab, in the DHCP server box, there is a place for static leases. Enter your Subversion Server’s MAC address, hostname, (the computer name), and desired IP address there, then scroll to the bottom of the page and click “Apply Settings.” Now that we’ve got the static IP address, we can go to the NAT/QoS tab forward the the port that your Subversion Server uses to the static IP address you just set up.

Finally, to make things a little nicer, if you have a domain name, and your DNS provider allows you to add records, you can add a CNAME record to point a subdomain do your DynDNS.org domain, giving you access to your Subversion repositories via the URL subdomain.yourdomain.com. Fancy!

One note on testing: dd-wrt seems to be smart and knows if a request is coming from the LAN or the internet, so it’s kind of hard to test your remote access from within your LAN. I was able to get around this by logging in to a remote desktop session of another windows computer that is far, far, away from my LAN.

That’s it, now you should have a fully-function SVN server of your own, without paying a penny. Have fun, and feel free to experiment with your code – you always have the previous version to roll back to!