Conditional forwarding lets your Pi-hole ask your router for the IP addresses of local devices by their hostnames, which is pretty neat.
Let’s see it in action. Imagine you’ve got a server named nas.local at 192.168.1.50 and your Pi-hole is 192.168.1.10. Normally, if you try to ping nas.local from a client using Pi-hole for DNS, Pi-hole won’t know what to do and will just punt the request upstream. But with conditional forwarding, Pi-hole becomes a bit of a local DNS guru.
Here’s the setup:
On your Pi-hole, navigate to Settings -> DNS. Scroll down to the "Conditional Forwarding" section.
You’ll see a few fields:
- Enable Conditional Forwarding: Check this box.
- Local network: Enter your local network’s IP address range. For example,
192.168.1.0/24. This tells Pi-hole which network it’s part of. - Local domain: Enter your local domain name. This is often
localorlan. If you’re unsure, check your router’s settings. For example,lan. - Router IP address: Enter the IP address of your router. This is the IP Pi-hole will forward requests to for local hostnames. For example,
192.168.1.1.
Once you save these settings, Pi-hole will add specific DNS entries to its configuration. When a client asks Pi-hole for nas.local, Pi-hole sees that nas.local is within the 192.168.1.0/24 network and that the local domain is lan. Instead of sending the query to Cloudflare or Google, it sends a DNS query for nas.local directly to your router at 192.168.1.1. Your router, which usually handles local DNS resolution for devices on your network, will then reply with 192.168.1.50.
This solves the problem of not being able to resolve local hostnames. Before, you’d have to use IP addresses or static entries in Pi-hole’s DNS records. Conditional forwarding automates this by leveraging your router’s existing local DNS capabilities. It’s particularly useful for devices that don’t register their hostnames with your router automatically, or if you prefer to manage hostnames centrally on your router.
The magic happens because Pi-hole, when conditional forwarding is enabled, dynamically adds forwarding rules. It essentially says, "If the query is for a hostname ending in .lan (or whatever your local domain is) and the client is on 192.168.1.0/24, send it to 192.168.1.1." Your router then does its DHCP/DNS lookup and sends back the IP.
A subtle but important point is how Pi-hole prioritizes these requests. When a query comes in, Pi-hole first checks its own blocklists. If it’s not blocked, it checks its local DNS records. If not found there, it then looks at its upstream DNS servers. Conditional forwarding adds a layer before the upstream servers but after its own records, effectively treating your router as a special upstream DNS server for local domains. This means your local hostnames will resolve before Pi-hole even considers querying Google DNS for them.
The next hurdle is ensuring your router actually knows the hostnames of your devices. If your router doesn’t have an active DHCP server that assigns hostnames, or if devices are configured not to announce their hostnames, conditional forwarding will still fail to resolve them.