There are several reasons to use a private DNS-Server within a network.
Some of these may be:
- Network-wide protection
- Block domains or advertisements
- Improve network performance
- Monitor and analyze DNS lookups
- Wrong or missing Hairpin-NAT (aka. NAT Loopback)
This is a well-known issue in widely used T-Mobile/UPC/Magenta/A1/Huawei/… routers.Example references:
- Just trying new stuff
This post is about how to set up a private DNS-Server based on Pi-hole and using Docker. Pi-hole is a very lightweight, scalable, robust, open-source software that provides a beautiful and responsive web interface to control the DNS-Server and view statistics.
To setup Pi-hole within your network infrastructure, I recommend using one of the available RaspberryPi’s.
Step 1: Install and launch Pi-hole
The most simple and also fastest way to launch Pi-hole is to use Docker. Therefore make sure Docker is installed. Using Docker, Pi-hole can be started using
docker run -d -p 53:53/tcp -p 53:53/udp -p 80:80 \
-v /host/pihole/etc-pihole/:/etc/pihole/ \
--name pihole pihole/pihole
DNS works on port 53, so Docker needs to export this port (
-p 53:53/tcp -p 53:53/udp). Furthermore, for the provided web interface port 80 needs to be exposed (
-p 80:80). In order to persist, backup and adjust the individual DNS entries as well as other settings easily, I recommend mounting a volume to the Pi-hole container’s location
-v /host/pihole/etc-pihole/:/etc/pihole/ ).
For detailed configuration options please visit Pi-hole’s documentation.
Step 2: Individual configuration
Pi-hole comes with ready to use basic settings, so before modifying anything or adding some DNS entries you can already visit the password-protected web interface on port 80 (http://<serverIP>/admin).
The generated interface password is written to the container’s log. Use
docker logs pihole to print the logging output.
Some basic settings can be modified already through the web interface.
More detailed configuration changes of Pi-hole can be done by editing the files located at the mountpoint of
To add DNS entries for your LAN, add IP-Address to Domain mappings to
After modifying the configuration files do not forget to restart Pi-hole using
docker restart pihole.
Step 3: Use Pi-hole
To use the private DNS-Server inside your LAN, the network devices need to be instructed to use Pi-hole.
Therefore it is important to configure your network router to distribute the IP-Address of the DNS-Server’s host (in the example below 192.168.1.200) to your devices.
for that reason, login to the router and navigate to the DHCP Server Settings where you can set the IP-Address of the Pi-hole host.
After restarting the router, your devices will use Pi-hole and the setup is done.
A view moments later you will see the first statistic evaluations in Pi-hole’s web interface.