Question Best router for my setup that includes DNS/Firewall?

[isabasu]

Dear community,

I'm diving into my first Raspberry Pi project and wanted to share my experience with you. Currently, I'm experimenting with setting up a self-hosted website on my local network and trying out a few other fun tasks.

However, I've run into a roadblock. My ISP-provided router works well within my LAN, but I've encountered an issue with it when it comes to using a user-friendly domain name on my Wi-Fi network. While I can access my website using its name (or rather the NetBios name of my Raspberry Pi) when connected via LAN, I'm unable to do so through Wi-Fi.

This situation has made me contemplate the idea of getting a router that comes with an integrated DNS server. Another option would be to establish a DNS server on my Raspberry Pi and pair it with a basic router that supports custom DNS settings. However, I have some reservations about the latter approach as I'm uncertain about its reliability. Additionally, I'm thinking ahead to the possibility of making my website accessible from the internet, which might necessitate an integrated firewall.

Here are my questions:

1. Do you have any recommendations for a router that can meet these requirements?
2. Is my plan feasible, given the issue I'm experiencing with LAN and Wi-Fi?
3. If you have an alternative setup or approach in mind, please share your insights.

I must confess, I'm quite new to this, but I'm eager to learn and experiment. Your guidance and suggestions would be invaluable.

Thank you in advance for your assistance!

 

[bill001g]

Not sure what you are asking about. It is very common for people to use a raspberry pi when they run pihole.
The only thing that might get tricky is if the router is stupid and will not let you give a dns server to the end devices via DHCP.
In that case you disable the DHCP and let the raspberry pi do the dhcp function also. Unlike a router a linux machine can give the end device any gateway IP it wants, a router always give the end device its own lan IP as the gateway.

 

[isabasu]

That's the thing - my router can't configure a specific DNS server. Even if it could, I don't want my raspberry PI to be the DNS server for all devices inside my network.
I'm clueless about what router I should buy that has an integrated DNS server with a Firewall.

 

[bill001g]

So can you access the raspberry pi via its ip address rather than a name. You could also ping the raspberry pi address.

If you get no access it would be more likely it is some feature on the router preventing wireless to lan. The guest wireless function on many routers does this but you can manually turn on options.

A router that can run a DNS server function is not something you are going to find off the shelf. You generally need a router that you can run third party firmware on. Most of these are just linux distributions so you can run a dns server. Problem is these routers likely have a faction of the cpu as your raspberry pi. You almost need a small computer to be able to run a dns server...or maybe a second raspberry pi.

Maybe a hack solution ...assuming you can get access via ip....just put the name/ip mapping in the HOSTS file. This is in effect is a painful way to run DNS server but if you only have a couple ip address it will be simpler than setting up actual server.

 

[isabasu]

So can you access the raspberry pi via its ip address rather than a name. You could also ping the raspberry pi address.

If you get no access it would be more likely it is some feature on the router preventing wireless to lan. The guest wireless function on many routers does this but you can manually turn on options.

A router that can run a DNS server function is not something you are going to find off the shelf. You generally need a router that you can run third party firmware on. Most of these are just linux distributions so you can run a dns server. Problem is these routers likely have a faction of the cpu as your raspberry pi. You almost need a small computer to be able to run a dns server...or maybe a second raspberry pi.

Maybe a hack solution ...assuming you can get access via ip....just put the name/ip mapping in the HOSTS file. This is in effect is a painful way to run DNS server but if you only have a couple ip address it will be simpler than setting up actual server.

On my computer (ethernet) I can access the Netbios name of the Raspberry. On mobile devices (WiFi) not. However, I can always access my Raspberry Pi with the IP address.

Oh.. so not something you find off the shelf? That's exactly where I had my doubts. Good to know...
The hosts file isn't a solution for me as I wouldn't be able to do it on mobile devices.

As for a second computer/another Raspberry Pi to run a DNS:
Is there really no other way than running a third-party firmware on a router? If I'd use another server, it always would need to be up & running for all devices in the network to surf. Once it's down, I basically wouldn't have internet anymore. Unless I change the router back to something else. Or unless the router has a primary/secondary DNS option. So that's how my idea of a router with a built-in DNS came up.

 

[bill001g]

It sounds like everything is working fine if you can access via ip.

You I guess are quickly finding out why running a actual web server gets complex. Wait until you try to get certificates and HTTPS to work.

Your average consumer has no idea what there router does, it is a magic box that they plug in. Most do not even change the default passwords which is why manufactures have started to set unique ones at the factory.
There is very little demand for a dns server function on a consumer router. I guess you could check if your current router supports third party firmware. Even if it does it might not be a valid thing to even try if you have a fast internet connection..ie more than 300mbps. Consumer routers move the NAT function to hardware to reduce the cpu load. Many third party firmware does not support this feature and in addition if the cpu must actually see and process the traffic you can't allow the traffic to bypass the cpu. The cpu chip in a router is tiny and without this acceleration feature most routers cap out near 300mbps.

There are companies that sell pc based routers that can do all kinds of firewall/dns/vpn etc. They just tend to be rather expensive.

Don't know a simple way to solve this. You need something that will translate the name to the IP. Most people give up and just use ip address.

 

[isabasu]

I figured there is something called avahi, installed on each raspberry pi. This makes the Raspberry discoverable in the whole WAN by using <netbios name>.local. In my case, it would be raspi.local.

Thanks anyway for your response.

 

[bill001g]

Since netbios is not used a lot I forget the details. My guess would be that your current router is somehow blocking the netbios broadcast messages that work similar to ARP. The wifi device should be sending out a netbios broadcast asking who is using name xxxxxxx and expects a response. It could also be the end devices since andriod and apple only kinda support netbios. They could be attempting to send the netbios request to a dns server instead of the local network not knowing that it is a netbios name.