Workshop on 08/10/2019: DNS Sinkholes

The talk this week was about setting up a DNS sinkhole. Essentially instead of the machines on your network sending their DNS requests either to your ISPs recursive name server (or to your router which then forwards the request to the same place)… instead setup your own DNS server which forwards these requests on instead, but it has the ability to record and create statistics for the kinds of things seeking to be resolved.

The software used in the lab demonstration was…

Click to visit their website

Basically we had a number of Raspberry Pi Zero boards in cases powered by PoE (with PoE splitters) and hooked up to USB ethernet adapters scattered around the desks.

Pi-hole can however run on various platforms including VMs and pretty much any distribution or hardware you like. See their website.

The Pi’s had been pre-setup with Raspbian already and just needed the software installing which is largely just done with a one liner (see this page for details)… Please note: this is very case sensitive!

curl -sSL | bash

Richard was leading this particular talk as he’d used the software before and was following his own notes which are provided below and were available for people to download on the day… (note: these are largely based on a thread/guide found over in the Linus Tech Tips forum)

Worked out very well, got some interesting results. Will definitely be revisiting this topic and others similar again in the near future.

In action!

You might have noticed we chose to go with Raspberry Pi Zero devices when testing out Pi-hole mostly due to their affordability, but they do need an additional USB ethernet adapter.

We’ve also found that a Zero model (compared to say a normal v3 model B for example) can be powered (if you’ve got a PoE switch or injector) with little micro USB PoE splitter adapter quite well.

Richard has also very graciously donated two kits of Raspberry Pi Zero’s to Function Office so they can be used with other similar StaffsLUG workshops which might need to use them.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.