Internal Domains with DNSMasq and Pi-Hole

stjohnjohnson profile image St. John Johnson ・2 min read

Running services inside your own household is an absolute blast. It usually starts with some application you need to keep running after you close your laptop. Before you know it, you have a Raspberry Pi in every room, at least one Intel NUC, and a small server rack in your Amazon shopping cart.

When going down this path myself, I noticed an interesting problem arose after I introduced the second server. Talking to one machine is easy, just memorize the static IP. But once you start to introduce multiple machines or multiple services on the same machine, it becomes a game of "what IP, what port, what path." And for the other people in the household, it's impossible to understand.

For me to continue, I needed my own DNS server. Luckily, I already introduced one into my ecosystem when I starting running Pi-Hole (for blocking tracking/ads).

In the next section, I'm going to show you how to quickly augment Pi-Hole to serve internal domains as well as block those pesky external domains.

1. DNSMasq

Pi-Hole, under the hood, is running DNSMasq. So we want to provide it with some additional hosts to resolve.

First is the additional configuration to run after Pi-Hole:

Second is the list of hosts and their static IPs:

2. File Placement

The .conf file should be placed in the /etc/dnsmasq.d/ folder. And the .list file should be placed in the /etc/pihole/ folder.

For this demonstration, we're going to manage Pi-Hole locally in a Docker container. Here is my docker-compose file that mounts those files correctly:

3. Validating

If we run Pi-Hole with those settings, we can validate they are accepted by using dig:

$ dig @ haas.example.com +short
$ dig @ pihole.example.com +short
$ dig @ plex.example.com +short
$ dig @ go +short
$ dig @ modem +short

And that external domains are still routed:

$ dig @ google.com +short
$ dig @ github.com +short


All of the steps and configurations you saw in this guide are available to checkout from my GitHub Gist:

$ git clone https://gist.github.com/d441e26e4d77a975fd3ebb4e6f19e3d6.git
$ cd d441e26e4d77a975fd3ebb4e6f19e3d6
$ make

Posted on by:

stjohnjohnson profile

St. John Johnson


I am a director, developer, open source contributor, and explorer of home automation.


Editor guide

Alternatively, you can also add hostnames to /etc/hosts and pihole restartdns. Or

sudo pihole -a -r foo.example.invalid