tailscale and pihole (on Raspberry Pi) - to be only available to some of my tailscale machines
by mazzo from LinuxQuestions.org on (#6J2JT)
Hi
I was using pivpn and pihole on the same pi and it worked flawlessly. Since then I have a new internet provider who uses CGNAT and I can no longer get through, so have switched to tailscale, which is brilliant so far.
However, I cannot get tailscale to serve only specific machines to the pihole. In fact, the only way to do it is for pihole to listen on all ports - which I do not want - and for me to force the pihole as an exit node for everyone.
I set up a tag (VPN) and want any tagged machine to use the pihole - just as I would have done when out and about in coffee shops etc.
Has anyone done this successfully - and if so, please can you explain what I need to do in tailscale (and presumably the ACLs) and on the pihole itself.
Thanks in advance - I have spent a good few days trying to sort this but am getting nowhere. Everything I read is about pushing ALL traffic through the pihole and I simply do not want that to happen.
I was using pivpn and pihole on the same pi and it worked flawlessly. Since then I have a new internet provider who uses CGNAT and I can no longer get through, so have switched to tailscale, which is brilliant so far.
However, I cannot get tailscale to serve only specific machines to the pihole. In fact, the only way to do it is for pihole to listen on all ports - which I do not want - and for me to force the pihole as an exit node for everyone.
I set up a tag (VPN) and want any tagged machine to use the pihole - just as I would have done when out and about in coffee shops etc.
Has anyone done this successfully - and if so, please can you explain what I need to do in tailscale (and presumably the ACLs) and on the pihole itself.
Thanks in advance - I have spent a good few days trying to sort this but am getting nowhere. Everything I read is about pushing ALL traffic through the pihole and I simply do not want that to happen.