Ads still show and requests to debug.opendns.com


#1

I just finished getting pi-hole all set up and at this point, I’m not sure if it’s working correctly or not. The admin console is populating with data, my DNS appears to be forwarding properly, and I can see the logs rolling with tons of requests; however, all the “test” sites and most other sites I visit still appear to be showing a bunch of ads. How do I concretely determine if pi-hole is indeed functioning correctly?

I’ve also tried running the installer repair just to make certain all is working correctly.

The second thing I noticed when tailing pihole.log is that there are a ton of requests to debug.opendns.com.

Example:
Sep 30 01:53:35 dnsmasq[2048]: 4188 10.0.1.56/62926 forwarded debug.opendns.com to 8.8.8.8

Sep 30 01:53:37 dnsmasq[2048]: 4189 10.0.1.12/52417 query[TXT] debug.opendns.com from 10.0.1.56

Thanks in advance for any help!

Expected Behaviour:

Ads blocked on test sites and other sites.

Actual Behaviour:

All test sites listed on the pi-hole site still show all their ads.

Debug Token:

ji0q5ljz8u


#3

Your debug log shows that your Pi-Hole is working correctly. In particular, the debug log contains this section where name resolution is checked three different ways. From your debug log:

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] www.acquisizionevideo.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] www.acquisizionevideo.com is 0.0.0.0 via Pi-hole (10.0.1.200)
[✓] doubleclick.com is 172.217.6.206 via a remote, public DNS server (8.8.8.8)

This section of your pihole-FTL log (in your debug log) shows that the Pi-Hole has been receiving and blocking requests:

   [2018-09-30 01:13:15.840] Imported 3780 queries from the long-term database
   [2018-09-30 01:13:15.840]  -> Total DNS queries: 3780
   [2018-09-30 01:13:15.840]  -> Cached DNS queries: 553
   [2018-09-30 01:13:15.840]  -> Forwarded DNS queries: 3078
   [2018-09-30 01:13:15.840]  -> Exactly blocked DNS queries: 149
   [2018-09-30 01:13:15.840]  -> Unknown DNS queries: 0
   [2018-09-30 01:13:15.841]  -> Unique domains: 352
   [2018-09-30 01:13:15.841]  -> Unique clients: 19
   [2018-09-30 01:13:15.841]  -> Known forward destinations: 2

So, if the Pi-Hole is working but your clients are seeing ads, either the router or the client is not set up properly to send all DNS requests to Pi-Hole and nothing else. This FAQ may be of assistance in checking your network. Note that clients tend to hang onto DNS settings, so you will need to clear the DNS cache on the clients after you make changes in the router or client.


#4

Look in your query log (or tail the pihole.log) and see which device(s) are making this request. Then chase down any software on that device that might be causing the request. If you have OpenDNS configured on a device or the router, this may be causing it.

Note that some routers have a Disney or family-friendly option, and I believe that routes queries to OpenDNS.


#5

Thank you @jfb! I was confused because it did indeed seem to be working, but all the test sites seemed to “fail”. I had also mistakenly cleared my browser cache thinking that would be enough (chalk it up to a late night). Will try flushing the DNS cache as well.

The one thing I did find out later was that a lot of the Roku channels (such as PBS, and CBS) won’t function if you block pubads.g.doubleclick.net I did some digging around on this and found others had encountered the same. White listing that single url resolved the issue. Not sure if you’ve encountered that one in particular, but if you have, do you know of any alternate workarounds that would allow for blocking of the adverts?

Thanks again for the help, this is a really cool tool and I’m enjoying getting to play with it!


#6

Thanks for the tip. I’ll try to nail down which device is to blame. I was concerned that perhaps I had messed something up since I used Google DNS as my primary and as such couldn’t figure out where the stream of OpenDNS requests were coming from. Thanks again.


#7

I don’t personally use Roku, but here is a related thread on the Pi-Hole sub-Reddit forum. There have been other Roku posts there as well.


#8

Some devices (chromecast) have a build in setting for google dns.
These will bypass Pihole and do their own request to 8.8.8.8 or 8.8.4.4 directly.
You can block this on your router with a ip route. But if you do, make sure you choose another upstream dns (quad9) in pihole.and or router.


#9

Thanks @Jeroen1 How would you set this up in the router? If I have an IP Route to intercept 8.8.8,8 for example, would I route that to my local PiHole DNS Server?


#10

#11

Hi,

Yes and perhaps

I have bot really figurened that out yet.

On my fritzbox I created the ip4 route to my pihole, bur it does not work as expected.

Traffic to Google DNS is blickef, but my aim was to direct Google DNS to pihole.

This can be done on a real firewall : catch traffic on port 53 and redirect to pihole.


#12

So one more interesting thing I’m seeing… It seems that my total blocked stats are way off. It’s reporting that I’m blocking more than the total number of queries made.

Any idea how this happens?


#13

That is a bug that will be fixed in the next release.


#14

Ok great, thank you. You could just call it a feature though… Pi-Hole is SO good we block 180% of your traffic! :wink: