MB Tech
Attachments
History
Blame
View Source
Changelog
Documentation
Toggle dark mode
Login
Home
A - Z
Page Index
About Me
Docker Compose Files
Census-server
Dashy
Dozzle
Excalidraw
Ghost
Homebox
It-Tools
Jellyfin
Koffan
Librenms
Minecraft
Otterwiki
Piman
Piwigo
Portainer
Retroassembly
Rsspub
Smokeping
Stirlingpdf
Tugtainer
Uptime-Kuma
Wallos
Home
Pbs-Home
Pihole-Info
Secure Pi-hole & UniFi "Chained DNS" Configuration
Ubuntu Host Preparation for Pi-hole (Port 53 Conflict Fix)
pve-Home
Pve-Prod
Pvedge
Scripts
Linux-System-Info
The Brain of My Home: A Deep Dive into My Homelab 2026
An Otter Wiki
Secure Pi-Hole & Unifi "Chained Dns" Configuration
07b034
Commit
07b034
2026-01-19 21:33:16
mb tech
: updated
secure pi-hole & unifi "chained dns" configuration.md
..
@@ 9,7 9,7 @@
```mermaid
flowchart LR
%% Nodes
-
Clients[Network Clients<br/>(Laptops, IoT, Phones)]
+
Clients["Network Clients<br/>(Laptops, IoT, Phones)"]
PiHole[("Pi-hole Container<br/>(Ad Blocking)")]
UniFi[("UniFi Gateway<br/>(Local Names & GeoIP)")]
Upstream["Secure Upstream DNS<br/>(Quad9 / Cloudflare)"]
@@ 29,12 29,78 @@
%% Firewall Logic
subgraph LAN_Security [UniFi Firewall Rules]
direction TB
-
Rule1[Allow: Pi-hole to Internet:53]
-
Rule2[Block: All Clients to Internet:53]
+
Rule1["Allow: Pi-hole to Internet:53"]
+
Rule2["Block: All Clients to Internet:53"]
end
```
+
```mermaid
+
flowchart LR
+
Clients[Clients]
+
PiHole[PiHole]
+
UniFi[UniFi]
+
Upstream[Upstream]
+
Blocked[Blocked]
+
+
Clients --> PiHole
+
PiHole --> Blocked
+
PiHole --> UniFi
+
UniFi --> Upstream
+
```
+
```mermaid
+
flowchart LR
+
%% Nodes
+
Clients["Network Clients<br/>(Laptops, IoT, Phones)"]
+
PiHole[("Pi-hole Container<br/>(Ad Blocking)")]
+
UniFi[("UniFi Gateway<br/>(Local Names & GeoIP)")]
+
Upstream["Secure Upstream DNS<br/>(Quad9 / Cloudflare)"]
+
Blocked[("Blocked Domains<br/>(Ads/Trackers)")]
+
+
%% Styles
+
style PiHole fill:#f9f,stroke:#333,stroke-width:2px
+
style UniFi fill:#bbf,stroke:#333,stroke-width:2px
+
style Blocked fill:#ff9999,stroke:#333
+
+
%% Connections
+
Clients -->|"1. DNS Query (Port 53)"| PiHole
+
PiHole -->|"2. Blocked?"| Blocked
+
PiHole -->|"3. Allowed?"| UniFi
+
UniFi -->|"4. Resolve External"| Upstream
+
+
%% Firewall Logic
+
subgraph LAN_Security ["UniFi Firewall Rules"]
+
direction TB
+
Rule1["Allow: Pi-hole to Internet:53"]
+
Rule2["Block: All Clients to Internet:53"]
+
end
+
```
+
```mermaid
+
flowchart LR
+
%% Nodes
+
Clients["Network Clients<br/>(Laptops, IoT, Phones)"]
+
PiHole[("Pi-hole Container<br/>(Ad Blocking)")]
+
UniFi[("UniFi Gateway<br/>(Local Names & GeoIP)")]
+
Upstream["Secure Upstream DNS<br/>(Quad9 / Cloudflare)"]
+
Blocked[("Blocked Domains<br/>(Ads/Trackers)")]
+
+
%% Styles
+
style PiHole fill:#f9f,stroke:#333,stroke-width:2px
+
style UniFi fill:#bbf,stroke:#333,stroke-width:2px
+
style Blocked fill:#ff9999,stroke:#333
+
%% Connections
+
Clients -->|"(1) DNS Query (Port 53)"| PiHole
+
PiHole -->|"(2) Blocked?"| Blocked
+
PiHole -->|"(3) Allowed?"| UniFi
+
UniFi -->|"(4) Resolve External"| Upstream
+
+
%% Firewall Logic
+
subgraph LAN_Security ["UniFi Firewall Rules"]
+
direction TB
+
Rule1["Allow: Pi-hole to Internet:53"]
+
Rule2["Block: All Clients to Internet:53"]
+
end
+
```
---
## Implementation Steps
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9
