Link 3 (wlp2s0)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.1.20
DNS Servers: 192.168.1.20 fe80::7297:41ff:fe43:63d6 fe80::ba27:ebff:febc:9ced
DNS Domain: home
My router is still showing up as a DNS server. Is there any way to see if it is actually being used by any queries?
Usage is at your client's discretion, so your Pi-hole may be by-passed at times.
Your client's resolvectl status would then show your router's IPv6 as current DNS server again.
If you reboot that client machine, would the DNS server list still contain your router's IPv6?
Yes after rebooting the DNA server list still contains my router's IPv6. Could this be something the router itself is doing?
We've checked the RAs as supplied by your router, and they were correctly advertising your Pi-hole machine's LLA twice, at least back then.
You may rerun pihole-FTL dhcp-discover at any time to actively solicit RAs from your router and see if that's still the case.
To preclude that other network equipment would advertise your router's LLA, you may also passively listen for RAs, but you'd need additional software for that, e.g. radvdump:
sudo apt install radvdump
Then just run
sudo radvdump
and wait for a while looking at a blank screen until the RAs fill your screen (that may take a few minutes), and maybe a litter longer.
Then press Ctrl+C to exit, and search the output for occurrences of your router's LLA, or share it here.
I think I have fixed it. In the IPv6 settings for the network connection on the troublesome client, I changed the Method from Automatic, to Automatic, DHCP only and it now only sees the IPv4 addresss for the DNS server.
Thanks for all your help on this, I have learnt a lot in the process.
I have one issue remaining, in that my windows client won't resolve http://pi.hole:8089 (using 192.168.1.20:8089 is fine), where all my linux and android clients do it without issues now. Are there any obvious things I should check on the windows client?
That may have fixed that one client only.
If that client has learned your router's IPv6 address from a rogue RA, then that would mean that your other clients would do so as well.
RA results as solicited from Pi-hole's dhcp-discover indicate your router behaves correctly, but either your router or another piece of network equipment in your network may still regularly advertise your router's LLA as DNS server.
Only if your router's LLA does not show up as an RDNSS value on radvdump listening on your network, then we could conclude that your client was misbehaving, holding on to your router's LLA for DNS longer than it should have.
That would indicate that your client or the browser still doesn't use Pi-hole for DNS.
Browsers may by-pass Pi-hole using DNS-over-HTTPS. You should verify that your browser's respective features are disabled.
I let it run for a good while, and only the pi-hole was showing as a RDNSS value
I've disabled DNS over HTTPS on all browsers on my windows client and also in the registry but it is still nor resolving.
I can resolve a different computer on the network using the local hostname minipc.local and that name is specified in the pi-hole local DNS records settings.
I have got it to work, I needed to add the RPi to my VPN as a custom DNS server and now it all works! I had forgotten that this windows PC was configured to use a VPN as I haven't been using it long.
I think I can finally close this thread 
Thanks again for all your help!
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.