@jfb beat me to it again but as I typed up below anyway:
Ads, and other unwanted content, most of the times come from domains other than the one you are browsing to.
So Pi-hole looks up all the domains your browser is requesting against its own blocklists configured below:
If the domain is on any of the blocklists, it returns IP 0.0.0.0 to the browser client (or any app doing DNS queries).
If the domain isn't on the blocklists, Pi-hole forwards the "domain name to IP" query to its upstream configured DNS servers below:
Right next to it is my PC monitor. So when i am on my PC and go to websites nothing shows in the quaries related to what im actually doing on the PC. Or my laptop, or either one of my mobiles. If i am on reddit.com there is nothing showing in the Pi that i am going to reddit.com
I can however visit websites on the actual Pi and it works. I get no ads in duckduckgo. i get no adds on speedtest.net hell it wont even let me open facebook or instagram on the Pi unless i agree to Whitelist them and put the password in. So i am assuming it is installed correctly. There is something not correct between the Pi and my Router i feel. The only thing ive ever seen in the taillog that comes from the PC is bitdefender. but as far as web browsing. Nothing.
here is that commanded you asked for. Not sure what those numbers are i can't link them with anything in my router devices.
Post screenshots of all your DHCP and DNS related settings on your router plus make/model ?
If that IPv6 address from ipconfig /all isn't Pi-hole, DNS queries get bypassed somehow.
EDIT: ow and check if your ISP supports IPv6 upstream:
You've got IPv6 support upstream and the router is configured to auto assign a bunch on the clients via IPv6 auto discovery (IPv6 address, IPv6 gateway, IPv6 DNS server(s) etc).
Am not proficient enough with IPv6 to give you a good configure advice ... wait for someone who does.
And have a read here as well:
I personally have IPV6 support disabled. One less thing to care about and set-up.
I do believe that the issue is the router's firmware that even if it allows you to put internal (private) IP as the DNS, it will not route and allow that.
Unfortunately this seem that (and only due to) the firmware is the culprit here.
As I see it, there are 2 options here.
Either go the cascading route where you add another router AFTER the Netgear (and use that as your network node) or replace it for a standalone Modem and a Router ...
I don't know if there is a DDWRT or OpenWRT out there for your model, but that might be worth looking into as THAT firmware would give you the much needed freedom to make it work.
I don't even know where to turn off the IPv6. The only place i see that word in the router has a couple options for it and they are all already unchecked. In my windows settings the IPv6 has always been turned off.
You mentioned cascading route...... is that difficult? I actually have the old modem/router from Century link i bought flat out instead of leasing from them where i used to live. It's just sitting on a shelf. It is an ActionTec C1000A. Would that be something i can use?
That would be both from the device and the router.
On you Windows Computer see if you have an IPV6 IP either by running ipconfig /all via cmd or by looking at your network properties under Settings.
Not at all.
The only problem is that it's adding an additional possible point of failure within the whole network.topology as in "another thing that can fail".
Nope.
Not this one as this is an ADSL modem (old school, phone line dependent).
You would need another router that has a WAN port (where you would connect a LAN port from the Modem/Router combo).
It does take a bit of configuration though as you would have to disable the wireless in your Netgear too (or leave it on with different name and password - but if you can disable it, disable it as it will be less noise on the 2.4 and 5 ghz ).
You next cascaded device would become the primary device to serve all the network.
BUT !
With a $300 device using it as a bridge ... you'd be better off selling it or returning it and using the combo i was talking about here ...
I might look into getting the SB8200. It is on the Cox certified to work list. My only concern, and it is because it is my friends concern ( i know nothing about this stuff), is that it isn't my current netgear that is the problem but that it is my ISP (CoX) causing the problem. When deHakkelaar said above
"You’ve got IPv6 support upstream and the router is configured to auto assign a bunch on the clients via IPv6 auto discovery (IPv6 address, IPv6 gateway, IPv6 DNS server(s) etc)."
He said the router is configured to auto assign stuff. I'm assuming that is the firmware doing this. And if i got a different router whatever firmware CoX puts on it will do the same thing. Inside ipconfig /all there is a line that says
My friend from what i can tell thinks i can't change any of that and that i might be able to configure the Pi around it. He said he is pretty sure there is a way to get Pi to work with IPv6 its just that everyone i run into has no knowledge of configuring IPv6. He works for an IP in Sweden and said they don't even use IPv6.
I don't think IPV6 is relevant here at all once disabled. As I said, I don't use IPV6 and I don't worry about it.
While, in a Windows environment IPV6 is preferred over IPV4, if the IPV6 DNS is set automatically by the router (as self IPV6 DNS - the router IPV6 that is) then yes, everything that is queried via the IPV6 NON Pi-hole DNS, will let ads through.
It works out of the box, you just need to make sure it retains the same IPV6 IP and it's properly set-up in the Pi-hole settings.
Also if you chose to use IPV6, you need to set that IPV6 IP of Pi-hole as your IPV6 IP on the Router.
But how do i disable it? Everywhere i see in my router or in that windows network window in settings it is disabled already or the only option is to set as auto or manual
If you're missing the Advanced/Advanced Setup/IPV6 option (where you can literally disable it) then I don't know wher eit could be as I don't have that negear device.
In windows, is a lot simpler to disable it, Just go to the properties of the network adapter and remove/uncheck IPV6.
If there is no IPv6 solution for this type of modem, try enable below option:
But dont enable below one:
And let Pi-hole take over DHCP for your network:
Copy IP range and gateway from the router DHCP settings over to Pi-hole.
Release DHCP lease on the Win PC:
ipconfig /release
And renew:
ipconfig /renew
And check DNS servers assigned:
ipconfig /all
EDIT: ow is better to enable Pi-hole DHCP first before disabling the router DHCP!
EDIT2: ow and disable as many IPv6 settings on the LAN side as possible (dont touch the WAN/Internet settings) !
Wow man..... i think this worked. I went to speedtest.not and no adds popped up and my Pihole is going crazy! Before i unchecked that box the % blocked was at 3% and its already at 23.4%. So by doing this does that mean sites that are using IPv6 are not accessible? This is cool seeing the Pi blocking! Just have to confirm later it is working on my mobile as well!
Yes. That is correct, however I wouldn't concern over that issue right now as we're still rocking them IPV4s more than we do IPV6s, and the domains that are on IPV6 are definitely on IPV4 too.
To make my point: https://ipv6.google.com/ will not load any more (unless IPV6 support is active and working).
That might be a bit more tricky as I don't think you can disable IPV6 on the phone
Not sure what the ethernet 2 is. I have vpn nord but it is disabled. Has been a few days because i thought it was causing me a problem too so i just left it off
