Redirect Hard-coded DNS To Pi-hole Using EdgeRouter X

Spread the love

This guide will show you how to use your Ubiquiti EdgeRouter X to redirect any devices that have hard-coded DNS to your Pi-hole so that your Pi-hole can block ads and tracking on those devices.

The Issue

If you are running a Pi-hole on your network you more than likely are wanting every DNS query to pass through it so that it can work the way it is intended to. The problem is that there are devices out there that have hard-coded their DNS, such as the Chromecast, so that no matter where you point your router’s DNS to, they will still use the hard-coded DNS within the device. This means that any advertisement or tracking the device has will still be able to work.

The solution to this issue is to use your EdgeRouter X to capture any DNS query on port 53 and then force it to go through your Pi-hole. With two simple NAT rules we can do this.

Add Source Nat Rule

Login to your EdgeRouter X and then click the Firewall/Nat tab. Once the page has loaded click the Nat sub tab. We are going to click the Add Source Nat Rule button which will open a new window. Now, your details will more than likely not be exactly like mine. I set my router up using the Wan+2LAN2 wizard which ended up giving me a usuable DHCP range of 192.168.1.38-192.168.1.243. My Pi-hole IP addresses are 192.168.1.42 and 192.168.1.43. Keep those in mind when you view the below screenshots and adjust according to your setup.

Add Source NAT Rule To Capture Hard-coded DNS Queries.
Add Source NAT Rule To Capture Hard-coded DNS Queries.

Once done click save.

Add Destionation NAT Rule

Below we are going to route all traffic that does not belong to our Pi-holes (or other DNS server) to our Pi-hole. Please notice that there is a ! before the rule.

Add Destination NAT Rule To Capture Hard-coded DNS Queries To Pi-hole.
Add Destination NAT Rule To Capture Hard-coded DNS Queries To Pi-hole.

Once done click save.

Final Results

Once you have it set up, if you have any devices actively communicating on your network using hard-coded DNS, you should start to see the count column start going up as well as you should see your router’s IP address showing up in your Pi-hole. Any hard-coded DNS queries captured will show up under your router’s IP address.

EdgeRouter X NAT Page
EdgeRouter X NAT Page

and here is my router’s IP address (192.168.1.1) showing up in Pi-hole.

Pi-hole Chromecast
Pi-hole showing captured hard-coded DNS queries from Chromecast.

Thanks to this reddit thread and this reddit comment for the guidance!


Spread the love

Leave a Reply

avatar
  Subscribe  
Notify of