debug token provided... not sure if the pihole was able to upload it though, but i did chose the option to allow it to upload. it didnt' tell me if it succeeded to upload, at least from anywhere i was looking.
Your unbound instance was not responding. SERVFAIL is frequently associated with DNSSEC errors due to incorrect date/time on the Pi.
*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 89272 Jan 28 11:44 /var/log/pihole.log
-----head of pihole.log------
Jan 28 00:15:24 dnsmasq[624]: query[A] 0.debian.pool.ntp.org from 127.0.0.1
Jan 28 00:15:24 dnsmasq[624]: forwarded 0.debian.pool.ntp.org to 127.0.0.1
Jan 28 00:15:24 dnsmasq[624]: query[AAAA] 0.debian.pool.ntp.org from 127.0.0.1
Jan 28 00:15:24 dnsmasq[624]: forwarded 0.debian.pool.ntp.org to 127.0.0.1
Jan 28 00:15:24 dnsmasq[624]: forwarded 0.debian.pool.ntp.org to 127.0.0.1
Jan 28 00:15:24 dnsmasq[624]: reply error is SERVFAIL
Jan 28 00:15:24 dnsmasq[624]: reply error is SERVFAIL
During the function test in the debug process, the Pi-hole was not able to be reached on its LAN-facing interface. Ensure you don't have any firewall rules blocking port 53 traffic.
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] sun49.3322.net is 0.0.0.0 via localhost (127.0.0.1)
[✗] Failed to resolve sun49.3322.net via Pi-hole (192.168.0.68)
[✓] doubleclick.com is 172.217.10.110 via a remote, public DNS server (8.8.8.8)
In this snap of your router settings, you should not select the "advertise router's IP..."
If you look at your debug output, you will see that you have adlists assigned by category to various groups. But, there are no clients assigned to any of those groups, so all the clients are in group 0 (the default group). As a result, only the first three adlists are having any effect. The others are assigned to empty groups with no clients.
Thankyou JFB. I did not know the time was not accurate. Recently I accidentally unplugged the power for a brief moment to the PI. Wonder if that made it lose time, but I thought it synchs automatically from somewhere?
"In this snap of your router settings, you should not select the "advertise router's IP..."
It isnt selected to advertise.
I guess if my debug did get uploaded, then there's proper connectivity between the new modem and my personal router and my issue of not being to use my browser is due to sites not resolving due to pi-hole.
I updated the time via putty and command sudo raspi-config
maybe i will reboot the pi and re-run a debug again.
A Pi has no onboard clock, and it syncs time from ntp servers. This works fine as long as:
(1) there is a functioning DNS server to resolve the domain name for the ntp server to an IP. In your case, with the wrong time, if your Pi is using Pi-hole for DNS, you will be in an endless loop here. The time is wrong, and you can't connect to a time server to set the time.
(2) the time is correct within 1000 seconds (about 16 minutes). Any farther out than that will cause problems.
yes, i'm sure my Pi is using pihole for DNS... meaning I think it's evident when I do a command line on my pc, the nslookup. the output used to give me the name of the pi-hole whereas now it cannot. it currently only gives the IP address of the Pihole.
127.0.0.1:5335 unbound (IPv4)
[80] is in use by lighttpd
[80] is in use by lighttpd
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
regarding port 53 you mentioned earlier... this from the debug, 53 in use by pihole, I toggled off my firewalls before running this second debug, i was still geting the same server fails you noted to me.
I set my router's LAN DNS to something else this evening so I could be on with my business. Then a moment ago i decided to putty into my PI and update the pi-hole. pihole -up
while still in putty i did a nslookup and it gave me a promising output.
went back to my router LAN DNS and set it back to my PI's IP.
went to my PC and did a nslookup from cmd line, and i was back in business, my Pihole was back and resolving!.
i'm sure there are no further "reply error is SERVFAIL" lines.
Hopefully you can take a look at my adlists situation in the latest debug, that you pointed out to me earlier today and see it's looking better.
I think as I had amassing a bunch of adlists, I started getting fancy months ago, losing track of how to properly maintain them.
in the section: Client group management,
"Clients may be described either by their IP addresses (IPv4 and IPv6 are supported), IP subnets (CIDR notation, like 192.168.2.0/24), their MAC addresses (like 12:34:56:78:9A:BC), by their hostnames (like localhost), or by the interface they are connected to (prefaced with a colon, like :eth0)."
I was thinking great, I could leverage the CIDR notation to conveniently include my subnet, but how do I/can I take my PI out of being included in it (since it's on the same subnet).
and this time i cant fix it via command pihole -up.
what i had to do tonight was shuffle some wiring around to put things better in place with my broad band stuff and the Pi. I decided also to make a backup of my microsd card, since the last backup was august. anyway, afterward, the Pi, which I didn't disconnect the power for any of this, I did when I changed the LAN cable to something shorter, but after which I noticed there was no LINK light, so I decided to pull the power plug of the PI.
Link lights came on in the LAN port and I was in business. I was able to PING my Pi. I went to web browse, and the sites stalled? Huh?
I had already putty-ed into my Pi and did a nslookup cnn.com and it gave me a output.
I went to my pc, command line, nslookup cnn.com, and same timed out issue like earlier in the week when I cam upon here to open this thread...ugh.
perhaps not surprisingly, in the debug i see this failure:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a k nown ad-serving domain
[✓] click.mingrunad.com is 0.0.0.0 via localhost (127.0.0.1)
[✗] Failed to resolve click.mingrunad.com via Pi-hole (192.168.0.68)
[✓] doubleclick.com is 172.217.10.78 via a remote, public DNS server (8.8.8.8)
since pihole -up had nothing to update, i was out of luck. came upon the pihole -r command for a repair. tried my luck, let it complete, and nslookup works on the pc. problem fixed (again).. what is it about pihole that gets damaged or corrupt when unplugging power to a pi?
