dnsmasq: Custom DNS resolvers for specific domains

Learned a neat thing today — it’s possible to set custom DNS resolvers for certain domains. I can create a custom config file for dnsmasq and specify the DNS resolvers to use for those domains. I don’t have a need for it today, but may be handy in cases like archive.is not loading on Cloudflare DNS.

These requests still go through pihole, so ad-blocking capabilities are available. It’s just the upstream that changes. My test below confirms so: I have set dnsleaktest.com to be queried using Google DNS but requests still pass through pihole.

/etc/dnsmasq.d/02-test.conf

server=/dnsleaktest.com/8.8.8.8 
server=/dnsleaktest.com/8.8.4.4
A screenshot from my pihole dashboard that shows requests to dnsleaktest.com made using Google DNS, but requests still pass through the pihole.

I use two Raspberry Pi devices at home, both running pihole with Unbound as a recursive DNS resolver. These devices are connected to my Tailscale network, so all of my devices (and my friends) can enjoy Unbound and pihole’s ad-blocking capabilities.

Leave a reply