vault backup: 2025-11-08 15:53:52

Affected files:
.obsidian/workspace.json
2 Personal/Home Lab/Pi-Hole in Homenetwork.md

.obsidian/workspace.json

@@ -577,13 +577,13 @@
   },
   "active": "d11cf0eb0cd13ef9",
   "lastOpenFiles": [
+    "2 Personal/Home Lab/Pi-Hole in Homenetwork.md",
     "0 Journal/0 Daily/2025-11-07.md",
     "0 Journal/0 Daily/2025-11-03.md",
     "99 Work/0 OneSec/OneSecThoughts/Status Quo OneSec.md",
     "Attachments/Pasted image 20251104121740.png",
     "2 Personal/Home Lab/Devices/Dell Studio 1558.md",
     "2 Personal/Home Lab/MAC/Dotfiles.md",
-    "2 Personal/Home Lab/Pi-Hole in Homenetwork.md",
     "2 Personal/Home Lab/Devices",
     "Attachments/Pasted image 20251017195849.png",
     "Temporary/OneSec Propulsion System.md",

2 Personal/Home Lab/Pi-Hole in Homenetwork.md

@@ -70,7 +70,77 @@ Pi-hole → **Settings → DHCP**:
 sudo pihole -a enabledhcp 192.168.1.100 192.168.1.200 192.168.1.1
 ```
 
+> At this point Pi-hole is ready to serve DHCP, but your router is still doing it too.
 
+---
+### **Step 3 — Disable DHCP on the router (Zyxel AX7501-B1)**
+
+Router UI → **Home Networking → LAN Setup**:
+
+- **DHCP Server State**: **Disable**
+    
+- Apply/Save
+    
+> From now on, only Pi-hole hands out leases, setting DNS to 192.168.1.51 and gateway to 192.168.1.1.
+
+---
+### **Step 4 — Renew client leases** 
+Force a couple of devices to renew so they switch immediately.
+
+- **macOS**: System Settings → Network → Wi-Fi → Details → TCP/IP → **Renew DHCP Lease** (or sudo ipconfig set en0 DHCP)
+    
+- **Linux**: sudo dhclient -r && sudo dhclient (or reconnect Wi-Fi)
+    
+- **Windows**: ipconfig /release then ipconfig /renew (run in elevated CMD)
+    
+- **iOS/Android**: toggle Wi-Fi off/on or “Forget” and reconnect
+
+Verify on a client:
+- IP is in 192.168.1.100–200
+- Gateway is 192.168.1.1
+- DNS is 192.168.1.51
+
+---
+### **Step 5 — Verify Pi-hole is the resolver**
+On a client:
+- nslookup example.com → **Server/Address** should show 192.168.1.51
+- Or dig google.com and check the **SERVER** line 
+
+In Pi-hole:
+- **Dashboard → Query Log** should show that client’s queries.  
+
+(Optionally visit a test page such as ads-blocker-test.com.)
+
+---
+### **Step 6 — Add static leases (optional)**
+
+Pi-hole → **Settings → DHCP → Static DHCP leases**:
+
+- Reserve fixed IPs for NAS, printers, servers, etc., so their IPs never change.
+---
+### **Day-to-day operation**
+
+- Keep the Dell/Pi-hole **on 24/7** (it’s now your DHCP + DNS).
+- For maintenance windows, either temporarily re-enable the router’s DHCP or set manual DNS on your workstation (e.g., 1.1.1.1) so you stay online while tinkering.
+---
+### **Undo / Rollback (if anything fails)**
+1. Router: **Enable** DHCP again
+    - Router → Home Networking → LAN Setup → **DHCP Server State: Enable** → Apply
+2. Pi-hole: **Disable** DHCP
+    - Pi-hole → Settings → DHCP → **Disable** → Save
+    - CLI: sudo pihole -a disabledhcp
+3. Renew leases on clients (same steps as above) so they use the router again.
+4. Emergency quick-fix on your own machine: set manual DNS (e.g., 1.1.1.1 / 8.8.8.8) until the LAN is restored.
+---
+### **Troubleshooting quick hits**
+
+- **Clients still show router DNS** → They kept old leases. Renew or reconnect Wi-Fi. Confirm router DHCP is disabled.
+    
+- **Pi-hole unreachable** → Ensure it has a reserved/static IP in the same subnet; ping 192.168.1.51.
+    
+- **Local hostnames don’t resolve** → Use **Conditional Forwarding**, or add **Local DNS → DNS Records** for key devices.
+    
+- **Resolution slow/spotty** → Try a single upstream first; keep DNSSEC off until stable; avoid binding Pi-hole to a single interface.
 ## Todos
 - [ ] disable blocking - automation: should be easy for every user
 - [ ] backup pihole settings