network:pihole_npm
This is an old revision of the document!
Table of Contents
Pi-hole High Availability (HA) Architecture
This page documents the complete high-availability DNS filtering solution used in the TorresVault network. The setup provides fault-tolerant DNS, automatic sync, and a floating VIP so clients always reach a working Pi-hole instance.
Overview
Two Pi-hole servers provide DNS filtering:
- PiHole1 β 192.168.1.2
- PiHole2 β 192.168.1.4
- VIP (Virtual IP) β 192.168.1.5 (clients use this)
High availability is provided by:
- Keepalived for virtual IP failover
- Orbital-Sync (Docker) for Pi-hole configuration synchronization
- Unifi DHCP providing the VIP (192.168.1.5) as the primary DNS server
- Both Pi-holes fully running at all times, but only one holds the VIP
This ensures:
- Zero downtime if a Pi-hole reboots
- Identical configs on both systems
- DNS continuity for all VLANs
Network Layout
| Component | Hostname | IP Address | Role |
|---|---|---|---|
| Pi-hole 1 | pihole | 192.168.1.2 | Primary Pi-hole, may own VIP |
| Pi-hole 2 | pihole2 | 192.168.1.4 | Secondary Pi-hole, may own VIP |
| DNS VIP | n/a | 192.168.1.5 | Floating IP assigned via Keepalived |
| DHCP Server | UCG Max | 192.168.1.1 | Hands out DNS = 192.168.1.5 |
Keepalived Configuration
Both Pi-holes run `keepalived` and use VRRP.
Pi-hole1 (/etc/keepalived/keepalived.conf)
network/pihole_npm.1769458278.txt.gz Β· Last modified: by nathna