I just finished getting pi-hole all set up and at this point, I'm not sure if it's working correctly or not. The admin console is populating with data, my DNS appears to be forwarding properly, and I can see the logs rolling with tons of requests; however, all the "test" sites and most other sites I visit still appear to be showing a bunch of ads. How do I concretely determine if pi-hole is indeed functioning correctly?
I've also tried running the installer repair just to make certain all is working correctly.
The second thing I noticed when tailing pihole.log is that there are a ton of requests to debug.opendns.com.
Your debug log shows that your Pi-Hole is working correctly. In particular, the debug log contains this section where name resolution is checked three different ways. From your debug log:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] www.acquisizionevideo.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] www.acquisizionevideo.com is 0.0.0.0 via Pi-hole (10.0.1.200)
[✓] doubleclick.com is 172.217.6.206 via a remote, public DNS server (8.8.8.8)
This section of your pihole-FTL log (in your debug log) shows that the Pi-Hole has been receiving and blocking requests:
[2018-09-30 01:13:15.840] Imported 3780 queries from the long-term database
[2018-09-30 01:13:15.840] -> Total DNS queries: 3780
[2018-09-30 01:13:15.840] -> Cached DNS queries: 553
[2018-09-30 01:13:15.840] -> Forwarded DNS queries: 3078
[2018-09-30 01:13:15.840] -> Exactly blocked DNS queries: 149
[2018-09-30 01:13:15.840] -> Unknown DNS queries: 0
[2018-09-30 01:13:15.841] -> Unique domains: 352
[2018-09-30 01:13:15.841] -> Unique clients: 19
[2018-09-30 01:13:15.841] -> Known forward destinations: 2
So, if the Pi-Hole is working but your clients are seeing ads, either the router or the client is not set up properly to send all DNS requests to Pi-Hole and nothing else. This FAQ may be of assistance in checking your network. Note that clients tend to hang onto DNS settings, so you will need to clear the DNS cache on the clients after you make changes in the router or client.
Look in your query log (or tail the pihole.log) and see which device(s) are making this request. Then chase down any software on that device that might be causing the request. If you have OpenDNS configured on a device or the router, this may be causing it.
Note that some routers have a Disney or family-friendly option, and I believe that routes queries to OpenDNS.
Thank you @jfb! I was confused because it did indeed seem to be working, but all the test sites seemed to "fail". I had also mistakenly cleared my browser cache thinking that would be enough (chalk it up to a late night). Will try flushing the DNS cache as well.
The one thing I did find out later was that a lot of the Roku channels (such as PBS, and CBS) won't function if you block pubads.g.doubleclick.net I did some digging around on this and found others had encountered the same. White listing that single url resolved the issue. Not sure if you've encountered that one in particular, but if you have, do you know of any alternate workarounds that would allow for blocking of the adverts?
Thanks again for the help, this is a really cool tool and I'm enjoying getting to play with it!
Thanks for the tip. I'll try to nail down which device is to blame. I was concerned that perhaps I had messed something up since I used Google DNS as my primary and as such couldn't figure out where the stream of OpenDNS requests were coming from. Thanks again.
Some devices (chromecast) have a build in setting for google dns.
These will bypass Pihole and do their own request to 8.8.8.8 or 8.8.4.4 directly.
You can block this on your router with a ip route. But if you do, make sure you choose another upstream dns (quad9) in pihole.and or router.
Thanks @Jeroen1 How would you set this up in the router? If I have an IP Route to intercept 8.8.8,8 for example, would I route that to my local PiHole DNS Server?
So one more interesting thing I'm seeing.. It seems that my total blocked stats are way off. It's reporting that I'm blocking more than the total number of queries made.
