Ads not blocked from Ubuntu VM after install. Perhaps router configuration?

Help
#1

First I'm adding context. See below for the template.

  • ISP: Xfinity (they do not provide static IP to residential customers)
  • Router: Netgear 6400
  • Host: Windows 10 64-bit (build 16299)
  • VMWare: Ubuntu 64-bit Desktop version 16.04.3

When I saw that no ads were being blocked, my theory was that I didn't configure it correctly. Perhaps the IP read during the install process was not the correct one? I did some searches and came across this. "Preferred: Set Your DNS Server In Your Router's Settings"

If only my router had a similar screen as shown in the Netgear LAN Settings of my own interface, with the specific numbers redacted so that I don't inadvertently give out the wrong info.

Or... maybe my router is set up correctly and something else is happening. Can anyone help?

Expected Behaviour:

After installing Pi-Hole, I would hope that even some ads would be blocked. Testing "msn.com" in a Chrome browser. Both in the VM Linux host and on an android tablet attached via wi-fi.

Actual Behaviour:

No ads appeared to be blocked, even from within the VM.

Debug Token: I did my browsing test from my host computer (not the Linux VM).

Nov 23 20:26:00 dnsmasq[64905]: forwarded clients1.google.com to 8.8.8.8
Nov 23 20:26:00 dnsmasq[64905]: query[AAAA] clients1.google.com from 127.0.0.1
Nov 23 20:26:00 dnsmasq[64905]: forwarded clients1.google.com to 8.8.8.8
Nov 23 20:26:00 dnsmasq[64905]: reply clients1.google.com is
Nov 23 20:26:00 dnsmasq[64905]: reply clients.l.google.com is 172.217.11.78
Nov 23 20:26:00 dnsmasq[64905]: reply clients1.google.com is
Nov 23 20:26:00 dnsmasq[64905]: reply clients.l.google.com is 2607:f8b0:4007:800::200e
Nov 23 20:26:11 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:26:11 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:26:11 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:26:11 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:26:11 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53
Nov 23 20:26:11 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:26:37 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:26:37 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:26:37 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:26:37 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:26:37 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:26:37 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53
Nov 23 20:27:01 dnsmasq[64905]: query[A] marketspace.com from 127.0.0.1
Nov 23 20:27:01 dnsmasq[64905]: /etc/pihole/gravity.list marketspace.com is 192.168.192.128
Nov 23 20:27:01 dnsmasq[64905]: query[A] marketspace.com from 192.168.192.128
Nov 23 20:27:01 dnsmasq[64905]: /etc/pihole/gravity.list marketspace.com is 192.168.192.128
Nov 23 20:27:01 dnsmasq[64905]: query[TXT] cachesize.bind from 127.0.0.1
Nov 23 20:27:01 dnsmasq[64905]: config cachesize.bind is
Nov 23 20:27:01 dnsmasq[64905]: query[TXT] servers.bind from 127.0.0.1
Nov 23 20:27:01 dnsmasq[64905]: config servers.bind is
Nov 23 20:27:02 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:02 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:27:02 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:27:02 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:02 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53
Nov 23 20:27:02 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:27:27 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:27 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:27:27 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:27:27 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:27 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:27:27 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53
Nov 23 20:27:52 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:52 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:27:52 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:27:52 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:27:52 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53
Nov 23 20:27:52 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:28:18 dnsmasq[64905]: query[A] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:28:18 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.108.83
Nov 23 20:28:18 dnsmasq[64905]: cached discourse.pi-hole.net is 104.24.109.83
Nov 23 20:28:18 dnsmasq[64905]: query[AAAA] discourse.pi-hole.net from 127.0.0.1
Nov 23 20:28:18 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6d53
Nov 23 20:28:18 dnsmasq[64905]: cached discourse.pi-hole.net is 2400:cb00:2048:1::6818:6c53

#2

From below log entries:

Nov 23 20:27:01 dnsmasq[64905]: query[A] marketspace.com from 127.0.0.1
Nov 23 20:27:01 dnsmasq[64905]: /etc/pihole/gravity.list marketspace.com is 192.168.192.128

I can make up that Pi-hole is working fine as "marketspace.com" is in one of the lists and resolving to Pi-hole (if 192.168.192.128 is your VM):

pi@noads:~ $ pihole -q marketspace.com
::: /etc/pihole/list.6.hosts-file.net.domains (1 results)
127.0.0.1       marketspace.com
::: /etc/pihole/list.preEventHorizon (1 results)
marketspace.com

On client, try browse to below link to see if the Pi-hole block page comes up:

http://marketspace.com/

#3

Thank you @deHakkelaar. I did as you suggested.

  • From within the VM (using Firefox), i get a message: "Access to the following site has been blocked: marketspace.com"
  • From my host PC (using Chrome & Firefox), I get "marketspace.com’s server DNS address could not be found."
  • From my android tablet, connected via wi-fi, I get the same message as from my PC: "marketspace.com’s server DNS address could not be found."

Is this the expected behavior? I would think that I would get the same response, whether i was in the VM or not, so long as I was on the same network.

As for me seeing ads on msn.com and www.cracked.com, I suppose it's because the source of those ads aren't in the lists used by pi-hole by default?

#4

You should see same results, the block page, as on the VM for all your clients.

In some cases yes.
Some sites publish ads from their own site (dont use 3rd party ad distributor).
Those ads are impossible to block for Pi-hole using just DNS.

From the Netgear screenshot, it seems its lacking particular DHCP server options to get Pi-hole running properly.
It does not allow you to set DNS servers for the clients via its DHCP service.
Best option is to disable the DHCP server on the Netgear box entirely and as replacement, use Pi-hole's DHCP service instead:

#5

I tried what you suggested, and my phone and tablet are no longer able to connect by wifi. Clearly more configuration is needed.
My phone and tablet are both stuck on "obtaining IP addresses", even after rebooting both devices.

For the moment, shutting off pi-hole and returning router to default settings until I can get pi-hole to work on my hardware without losing wifi connections.

#6

Phones and pads are a bit harder to diagnose.
First focus on getting Pi-hole to work with a regular client PC that has the necessary tools to diagnose.
On the "host PC", configured to use Pi-hole, what is displayed when you run below two in a CMD prompt:

nslookup pi.hole 192.168.192.128

ipconfig /all

For the latter one, I am only interested in the "DHCP Server" & "DNS Servers" bits.

#7

It looks like Pi-hole might not be listening on the correct interfaces. Check to make sure that you configured Pi-hole to use the IP of the interface which the other devices can reach it on (run pihole -r to reconfigure this). So long as your network IPs are not accessible by the internet directly, it shouldn't matter much whether you hide them or not. It could help debugging. Or, you could disclose them privately: How do I debug my Pi-hole installation?

#8

@deHakkelaar -- This is what i see when running each command in the command prompt.

nslookup pi.hole 192.168.192.128

Server: ubuntu
Address: 192.168.192.128
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

ipconfig /all

Ethernet adapter Ethernet:

DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1

Ethernet adapter VirtualBox Host-Only Network:

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1

Ethernet adapter VMware Network Adapter VMnet1:

DHCP Server . . . . . . . . . . . : 192.168.227.254
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1

Ethernet adapter VMware Network Adapter VMnet8:

DHCP Server . . . . . . . . . . . : 192.168.192.254
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1

Hopefully this is useful.

#10

@Mcat12 --

When I reconfigred pi-hole and allowed it to detect the IP, it came up with 192.168.192.128. This is all I have available on my LAN Setup page. As my router does not allow me to explicitly declare a static IP, I do not know which IP I'm supposed to give to pi-hole during configuration.

https://drive.google.com/file/d/1FA3pYuMhnkWqpNDZpzQlyg1H7T6kO2FY/view?usp=sharing

#11

You should change the IP of the Pi-hole to be within the 192.168.1.x subnet, as that is what the router is set to use. In your previous screenshot the router was selected as being the DHCP server, is it still doing that? If so, then make sure to configure it to hand out the Pi-hole's IP as the DNS server, not the router's IP. Some routers will still give out their IP address and internally forward, which you can overcome either by changing an option in the router if it exists or by using Pi-hole for your DHCP server.

The IP you should give to Pi-hole is the IP which clients will get when they ask for a blocked domain. This should be the Pi-hole device's IP address.

#12

Aha, now I understand what you mean by "host PC".
Its the host running the VMware hypervisor and probably previously, or still do, run Oracle's Virtualbox alongside.

But you probably setup an /24 (255.255.255.0) subnet mask for the physical network adapter "Ethernet adapter Ethernet" with an 192.168.1.X IP address.
While the VM itself got an 192.168.192.128 IP address with probalby also a /24 subnet mask.
This probably means there is no route between those two different subnet's.
Can you ping the VM (192.168.192.128) or connect to it via SSH from the host PC ?
And what is displayed on the host PC when run below one ?

route print

If there is no route from the one subnet to the other, you could setup the host PC to do the routing.
But this will put extra load on your Windows host PC thats not desired.
Better assign the VM an IP address in the same subnet mask as that the host PC is in (192.168.1.X) so you dont need additional routing.

@Mcat12 beat me to it :wink:

#13

@Mcat12

What I still don't know and am trying to figure out is how to get my router to hand out a specific IP as the DNS server. I've had a few rounds with Netgear support, but I really don't think they really understood my request, even after taking 10 minutes to explain my scenario and what I was attempting to do.

See these screenshots in case this helps you to identify any obvious numbers. As of this snapshot, I've turned off the Linux VPN and set my router back to factory default state (DHCP is enabled).

I've even tried to find a residential router that allows one to set static IPs in DHCP, but I could not find (yet) any such routers. I just get taken back to the same unhelpful Netgear support page. It didn't help me.

At this point, I think I've been going in circles for over a day and I'm tempted to throw in the towel. If only I had a router with an DHCP interface that simply allows one to create a static IP, like in the oft-cited pi-hole configuration document.

#14

Alternatives for the Netgear DHCP server:

  • Get Pi-hole running properly in the VM so you get what you want as Pi-hole will automaticly push the right DNS server to its clients if using its DHCP service.
  • Setup DHCP server software on the Windows host PC.
#15

@deHakkelaar

It appears that I get a response when I ping the VM.

Pinging 192.168.192.128 with 32 bytes of data:
Reply from 192.168.192.128: bytes=32 time<1ms TTL=64
Reply from 192.168.192.128: bytes=32 time<1ms TTL=64
Reply from 192.168.192.128: bytes=32 time<1ms TTL=64
Reply from 192.168.192.128: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.192.128:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

And this is what route print looks like. I don't know how to interpret this, so I don't know if this answers your question of whether there is a route from one subnet to another.

===========================================================================
Interface List
4...00 ff 2c 0b b4 68 ......TunnelBear Adapter V9
17...d0 50 99 a7 30 fc ......Killer e2400 Gigabit Ethernet Controller
2...0a 00 27 00 00 02 ......VirtualBox Host-Only Ethernet Adapter
9...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
12...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
6...00 ff 4c 06 ee fe ......Anchorfree HSS VPN Adapter
1...........................Software Loopback Interface 1
5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

IPv4 Route Table

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 281
192.168.56.1 255.255.255.255 On-link 192.168.56.1 281
192.168.56.255 255.255.255.255 On-link 192.168.56.1 281
192.168.192.0 255.255.255.0 On-link 192.168.192.1 291
192.168.192.1 255.255.255.255 On-link 192.168.192.1 291
192.168.192.255 255.255.255.255 On-link 192.168.192.1 291
192.168.227.0 255.255.255.0 On-link 192.168.227.1 291
192.168.227.1 255.255.255.255 On-link 192.168.227.1 291
192.168.227.255 255.255.255.255 On-link 192.168.227.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.56.1 281
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 192.168.227.1 291
224.0.0.0 240.0.0.0 On-link 192.168.192.1 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.56.1 281
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 192.168.227.1 291
255.255.255.255 255.255.255.255 On-link 192.168.192.1 291

Persistent Routes:
None

IPv6 Route Table

Active Routes:
If Metric Network Destination Gateway
5 331 ::/0 On-link
1 331 ::1/128 On-link
5 331 2001::/32 On-link
5 331 2001:0:9d38:90d7:2886:34e6:b6e7:6e0f/128
On-link
2 281 fe80::/64 On-link
17 281 fe80::/64 On-link
9 291 fe80::/64 On-link
12 291 fe80::/64 On-link
5 331 fe80::/64 On-link
12 291 fe80::8bf:b942:ec8f:9bf7/128
On-link
17 281 fe80::2091:37dd:1825:57b9/128
On-link
5 331 fe80::2886:34e6:b6e7:6e0f/128
On-link
2 281 fe80::356a:c718:ec8:8f64/128
On-link
9 291 fe80::b1f1:e541:9fb5:92a2/128
On-link
1 331 ff00::/8 On-link
2 281 ff00::/8 On-link
5 331 ff00::/8 On-link
17 281 ff00::/8 On-link
9 291 ff00::/8 On-link
12 291 ff00::/8 On-link

Persistent Routes:
None

#16

And can you SSH from the host PC to the VM ?
I'll have looksee at route now.

EDIT: Owh and post routes for the VM as well with below command:

route

#17

Routes look OK on the host PC.
But they are setup by VMware or else the VM wouldn't be able to talk to the internet:

Nov 23 20:26:00 dnsmasq[64905]: query[AAAA] clients1.google.com from 127.0.0.1
Nov 23 20:26:00 dnsmasq[64905]: forwarded clients1.google.com to 8.8.8.8
Nov 23 20:26:00 dnsmasq[64905]: reply clients1.google.com is
Nov 23 20:26:00 dnsmasq[64905]: reply clients.l.google.com is 172.217.11.78

EDIT: Still , my opinion is you want the VM to have an IP in the same range as your host PC and Netgear router is in.
Anything that needs additional routing is extra load for thehost PC.

#18

I was not able to SSH. I got a "A connection attempt failed because the connected party did not properly respond."

#19

How hard is it to assign the VM a different IP in the same subnet as PC and router ?

#20

I don't know. Looking into the VMWare options to see whether I could do that.

#21

Probably when you created the VM with VMware, you were able to set the IP before the software deployed.
But now with a running VM, you'll need to change IP in Ubuntu and cant change with VMware.
But you do need to check if VMware creates a bridge, vlan or virtual network for this VM and adjust settings accordingly.

I believe when you run "pihole -r" , it allows you to set a different IP address etc.
Else you need to google how your Ubuntu distro handles IP settings.