If you’re using any DNS based blockers and the IP is in the hosts file it will still resolve, right? To block IP you would have to setup some completely different solution like a firewall.
No, a machine won’t even contact the pihole if it finds the address in its hosts file. Hosts is step 0 for DNS, so if it finds something there it doesn’t even bother with contacting an external server (like a pihole).
i realized that the problem with an hosts file is the the system will completely bypass the dns server and directly contact the address. There is the need of something that enforces an IP address blocklist at the router level like opnsense
If you’re using any DNS based blockers and the IP is in the hosts file it will still resolve, right? To block IP you would have to setup some completely different solution like a firewall.
Right, it won’t ask the DNS server to resolve it, the solution requires a much more expensive blocking on firewall
Unless you run a pihole server
No, a machine won’t even contact the pihole if it finds the address in its hosts file. Hosts is step 0 for DNS, so if it finds something there it doesn’t even bother with contacting an external server (like a pihole).
i realized that the problem with an hosts file is the the system will completely bypass the dns server and directly contact the address. There is the need of something that enforces an IP address blocklist at the router level like opnsense