====== Tailscale, Pi-Hole, and the Raspberry Pi Zero ======
As many other people do I also have a pihole running on a Raspberry Zero in my network to get around ads and other unwanted DNS requests (one of the most regular things trying to communicate home by the way is Windows on our laptops).
It technically is a RPi Zero W, but I don't use the wireless function at all, having it connected via a USB-to Ethernet connector instead.
And for the last few years it was working quite dependably, filtering out DNS requests, and even resolving actual requests via unbound. That is, until recently when I installed Tailscale on it. 
Tailscale, if you're not familiar, is an app that allows you to basically create your own VPN network and assign your devices to it. And it works quite brilliantly when it works.
I originally added it to the pihole machine as a way to start other machines in my network when I was going abroad but my wife stayed home.
And it worked. I was able to do stuff on my home server while I was in Germany, while my wife noticed only that the machines occasionally powered up and down. Oh, and internet became spotty.
Why though?
Well, it turns out tailscale is just a tiny sliver too demanding for unbound to do it's magic. In my experience whenever I used tailscale for anything all of a sudden DNS resolution with my pihole/unbound combination didn't work consistently (it started throwing SERVFAILs)
Ok, it might also have been because I updated the Debian to the newest version.

So, what did I do about it?
I could have replaced the pi zero with something beefier, but I do like it's otherwise VERY low demands.
It also worked if I just switched to external resolvers. So if you have this issue and don't mind using external DNS servers that always is an option.
Me, I of course made it more complicated: I installed a technitium docker container on my home server. Which to be fair is pretty stupid as that's basically a full-blown replacement for the pihole in the first place. Technitium is a full DNS server with adblocking capabilities. It's not sleek enough to run on a zero though, from what I've seen it needs at least a Pi 4. It's barely noticeable on my home server though.
It's not quite ideal, but at least it works. The issue here is that, as I often work on my home server having it down without a replacement would mean DNS resolution is off in the whole network. So the zero keeps running with pihole and unbound, and while most DNS requests are done by technitium, if that machine is off it instantly goes back to the old pihole/unbound combo.


{{tag>pihole rpi technitium unbound}}

~~LINKBACK~~
~~DISCUSSION~~