I too am seeing brief periods of no ads on yahoo.com and like the Borg the ads seem to adapt and reappear. It's a fresh as in today, updated install, nothing fancy.
Debug:
https://tricorder.pi-hole.net/53ujwgfd17
Please advise. Thanks.
It doesn't appear that any clients are using Pi-hole for DNS. Your most recent 24 hour history:
[2020-12-16 16:16:30.461 605M] Imported 5 queries from the long-term database
[2020-12-16 16:16:30.462 605M] -> Total DNS queries: 5
[2020-12-16 16:16:30.462 605M] -> Cached DNS queries: 0
[2020-12-16 16:16:30.462 605M] -> Forwarded DNS queries: 5
[2020-12-16 16:16:30.462 605M] -> Blocked DNS queries: 0
[2020-12-16 16:16:30.462 605M] -> Unknown DNS queries: 0
[2020-12-16 16:16:30.462 605M] -> Unique domains: 5
[2020-12-16 16:16:30.462 605M] -> Unique clients: 1
Thank you for your reply! OK, I'd just rebuilt the Pi-Hole right around 16:00, so that alone doesn't surprise me. Let me leave it in service for a few hours and I'll regenerate the token and we can see if that changes. Can you help me find that information in the log? Thanks!
It may or may not show in your debug log, depending on the contents of the logs we report. This command from the Pi terminal will retrieve the data:
echo ">stats >quit" | nc 127.0.0.1 4711
Thanks, am I doing it right? My results appear to be formatted differently than your original. Thanks!
pi@Pi-Hole:~ $ echo ">stats >quit" | nc 127.0.0.1 4711
domains_being_blocked 85749
dns_queries_today 4095
ads_blocked_today 1712
ads_percentage_today 41.807083
unique_domains 957
queries_forwarded 2219
queries_cached 164
clients_ever_seen 6
unique_clients 6
dns_queries_all_types 4095
reply_NODATA 118
reply_NXDOMAIN 11
reply_CNAME 970
reply_IP 2472
privacy_level 0
status enabled
This shows that queries are being received from network clients and domains are being blocked. There are several possibilities for why you see ads:
(1) There is another DNS server available to clients and some of the DNS traffic is bypassing Pi-hole.
(2) You are using a browser with secure or private DNS that bypasses Pi-hole.
(3) The ads are not able to be blocked by Pi-hole (i.e. from the same domains as the content)
Format as preformatted text - the </> icon on the toolbar in the reply window.
Thank you. I’ve suspected my router isn’t respecting the setting to use the Pi-Hole for DNS. I’ve tried a new router and that shows the same behavior. I’ve tried setting the DNS settings on the client to use the Pi-Hole directly with the same results. v4 worked so well, I’m very disappointed in v5. I noticed only two list ship with v5. Might it be it’s simply woefully short on blacklists to work with? So sad, I miss what my Pi-Hole used to be. Is it possible to get v4 still? Thanks.
BTW regarding #2 I don’t know what that is, so I don’t think it’s present.
From a client that you believe should be connected to the Pi-Hole for DNS, from the command prompt or terminal on that client (and not via ssh or Putty to the Pi), what is the output of
nslookup pi.hole
Can you provide an example of a website where you are seeing ads? Activity from /var/log/pihole.log and a screenshot would be helpful as well. In this forum, you can paste a clip directly into a reply.
We ship with two default block lists because the other blocklists we shipped were no longer maintained by the list owners.
I strongly suspect your problem is not due to lack of domains on blocklist.
Perhaps you are correct. With multiple browsers on multiple devices delivering similar results including a literal new in the box Belkin router as a way to verify my also new Netduma R2 isn’t the issue, I’m currently out of ideas.
What else can I try? Thanks!
What was this output?
pi@Pi-Hole:~ $ nslookup pi.hole
Server: 1.1.1.1
Address: 1.1.1.1#53
** server can't find pi.hole: NXDOMAIN
1st, sorry, if I missed this request earlier. 2nd, I have renamed the host "Pi-Hole", might that be the issue? Should the hostname be "pi.hole"? Thanks!
Sorry I missed this one. Yahoo.com and Ipvoid.com are good examples. Here’s a screenshot.
The text from the log
Dec 16 23:40:21 dnsmasq[607]: query[type=65] inbox.google.com from 192.168.77.1
Dec 16 23:40:21 dnsmasq[607]: forwarded inbox.google.com to 1.0.0.1
Dec 16 23:40:43 dnsmasq[607]: query[A] aka.ms from 192.168.77.1
Dec 16 23:40:43 dnsmasq[607]: forwarded aka.ms to 1.0.0.1
Dec 16 23:40:43 dnsmasq[607]: forwarded aka.ms to 1.1.1.1
Dec 16 23:40:43 dnsmasq[607]: reply aka.ms is 184.31.201.118
Dec 16 23:41:10 dnsmasq[607]: query[A] adserver.adtechus.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked adserver.adtechus.com is 0.0.0.0
Dec 16 23:41:10 dnsmasq[607]: query[type=65] youtubei.googleapis.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: forwarded youtubei.googleapis.com to 1.1.1.1
Dec 16 23:41:10 dnsmasq[607]: query[AAAA] youtubei.googleapis.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: forwarded youtubei.googleapis.com to 1.1.1.1
Dec 16 23:41:10 dnsmasq[607]: query[A] youtubei.googleapis.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: forwarded youtubei.googleapis.com to 1.1.1.1
Dec 16 23:41:10 dnsmasq[607]: query[type=65] s.youtube.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked s.youtube.com is 0.0.0.0
Dec 16 23:41:10 dnsmasq[607]: query[A] s.youtube.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked s.youtube.com is 0.0.0.0
Dec 16 23:41:10 dnsmasq[607]: query[AAAA] s.youtube.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked s.youtube.com is ::
Dec 16 23:41:10 dnsmasq[607]: reply youtubei.googleapis.com is 2607:f8b0:4009:813::200a
Dec 16 23:41:10 dnsmasq[607]: reply youtubei.googleapis.com is 172.217.4.106
Dec 16 23:41:10 dnsmasq[607]: query[type=65] app-measurement.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked app-measurement.com is 0.0.0.0
Dec 16 23:41:10 dnsmasq[607]: query[AAAA] app-measurement.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked app-measurement.com is ::
Dec 16 23:41:10 dnsmasq[607]: query[A] app-measurement.com from 192.168.77.1
Dec 16 23:41:10 dnsmasq[607]: gravity blocked app-measurement.com is 0.0.0.0
Dec 16 23:41:35 dnsmasq[607]: query[type=65] gateway.icloud.com from 192.168.77.1
Dec 16 23:41:35 dnsmasq[607]: cached gateway.icloud.com is <CNAME>
Dec 16 23:41:35 dnsmasq[607]: forwarded gateway.icloud.com to 1.1.1.1
Dec 16 23:41:35 dnsmasq[607]: query[AAAA] gateway.icloud.com from 192.168.77.1
Dec 16 23:41:35 dnsmasq[607]: forwarded gateway.icloud.com to 1.1.1.1
Dec 16 23:41:35 dnsmasq[607]: query[A] gateway.icloud.com from 192.168.77.1
Dec 16 23:41:35 dnsmasq[607]: forwarded gateway.icloud.com to 1.1.1.1
Dec 16 23:41:36 dnsmasq[607]: reply gateway.icloud.com is <CNAME>
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.142.7
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.132.55
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.132.19
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.142.53
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.132.135
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.142.52
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.132.26
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 17.248.132.164
Dec 16 23:41:36 dnsmasq[607]: reply gateway.icloud.com is <CNAME>
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:801::7
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:802::9
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:102::9
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:101::1c
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:102::8
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:802::b
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:802::6
Dec 16 23:41:36 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:100::13
Dec 16 23:41:57 dnsmasq[607]: query[A] beacons.gcp.gvt2.com from 192.168.77.1
Dec 16 23:41:57 dnsmasq[607]: forwarded beacons.gcp.gvt2.com to 1.1.1.1
Dec 16 23:41:57 dnsmasq[607]: reply beacons.gcp.gvt2.com is <CNAME>
Dec 16 23:41:57 dnsmasq[607]: reply beacons-handoff.gcp.gvt2.com is 172.217.8.163
Dec 16 23:42:20 dnsmasq[607]: query[A] www.yahoo.com from 192.168.77.1
Dec 16 23:42:20 dnsmasq[607]: forwarded www.yahoo.com to 1.1.1.1
Dec 16 23:42:20 dnsmasq[607]: reply www.yahoo.com is <CNAME>
Dec 16 23:42:20 dnsmasq[607]: reply new-fp-shed.wg1.b.yahoo.com is 74.6.143.26
Dec 16 23:42:20 dnsmasq[607]: reply new-fp-shed.wg1.b.yahoo.com is 74.6.143.25
Dec 16 23:42:20 dnsmasq[607]: reply new-fp-shed.wg1.b.yahoo.com is 74.6.231.20
Dec 16 23:42:20 dnsmasq[607]: reply new-fp-shed.wg1.b.yahoo.com is 74.6.231.21
Dec 16 23:42:49 dnsmasq[607]: query[AAAA] gateway.icloud.com from 192.168.77.1
Dec 16 23:42:49 dnsmasq[607]: cached gateway.icloud.com is <CNAME>
Dec 16 23:42:49 dnsmasq[607]: forwarded gateway.icloud.com to 1.1.1.1
Dec 16 23:42:49 dnsmasq[607]: reply gateway.icloud.com is <CNAME>
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:101::1c
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:800::9
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:800::8
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:803::b
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:101::17
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:102::d
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:102::6
Dec 16 23:42:49 dnsmasq[607]: reply gateway.fe.apple-dns.net is 2620:149:a42:103::b
Dec 16 23:43:11 dnsmasq[607]: query[type=65] discourse-cdn.pi-hole.net from 192.168.77.1
Dec 16 23:43:11 dnsmasq[607]: forwarded discourse-cdn.pi-hole.net to 1.1.1.1
Dec 16 23:43:33 dnsmasq[607]: query[A] configsvc.cs.roku.com from 192.168.77.1
Dec 16 23:43:33 dnsmasq[607]: forwarded configsvc.cs.roku.com to 1.1.1.1
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 34.237.166.170
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 3.210.97.232
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 54.167.112.57
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 54.164.144.177
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 52.72.172.134
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 52.23.33.193
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 34.202.185.167
Dec 16 23:43:33 dnsmasq[607]: reply configsvc.cs.roku.com is 52.22.30.210
Dec 16 23:44:28 dnsmasq[607]: query[AAAA] forum.netduma.com from 192.168.77.1
Dec 16 23:44:28 dnsmasq[607]: forwarded forum.netduma.com to 1.1.1.1
Dec 16 23:44:28 dnsmasq[607]: reply forum.netduma.com is 2606:4700:3035::ac43:b519
Dec 16 23:44:28 dnsmasq[607]: reply forum.netduma.com is 2606:4700:3033::681b:82ae
Dec 16 23:44:28 dnsmasq[607]: reply forum.netduma.com is 2606:4700:3037::681b:83ae
Dec 16 23:44:49 dnsmasq[607]: query[type=65] gsas.apple.com from 192.168.77.1
Dec 16 23:44:49 dnsmasq[607]: forwarded gsas.apple.com to 1.1.1.1
I am at a loss to explain this, however, after resetting the Netduma R2 router the Pi-Hole appears to be performing much much better. I don't understand this unless when I tried the Belkin router which was new in the box. I've checked this on PC and iPad. I'm at a loss honestly. Let me have a few days with this and see how things go please. Thank you very much for your effort and kindness bearing with my ignorance.
Per my earlier reply, this command should have been run from a client, not from the Pi.
The first screen shot with the nslookup is interesting in that there is only an IPv6 element. No IPv4. And, the server is not the Pi-hole, it is the gaming router.
Manually assign this client to use Pi-hole (and only Pi-hole) as DNS server. Disable the IPv6 interface for that client (Control panel, network connection, properties, TCP/IPv6). Example below is Windows 7, so you will likely see something a bit different.
The NetDuma R2 is the router, yes. The Pi-Hole is set as the DNS server as it was in the older configuration. I've done as you ask. What am I doing wrong? Thanks.
No surprise I'm guessing.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.