I installed pi hole on an rpi 0 wh, which works well. I can access the pi hole GUI from any device in my home. I also see all the devices connected to it. At first I wanted only specific devices to use the pi hole, but some of them weren't able to use it, so I went for a full network coverage instead. However, this didn't change anything for the devices that were having problems.
Raspbian OS on a raspberry pi 0 wh.
Actual Behaviour:
My Xiaomi Redmi note 8 pro cell phone doesn't seem to use pi hole correctly. While it appears in the Pi hole GUI as connected, the last requests were made several hours ago (and they are extremely few, as if it worked for 1 s and then stopped to make requests to the Pi hole). Therefore, obviously, the Pi hole doesn't work as intended, i.e. when I visit blocked sites, I am not stopped. I do not have this problem with a 2012 Android tablet and my laptop. For these devices, there are many requests and blocked websites are indeed blocked. For my desktop pc (ethernet connection to the router), Pi hole worked for a few minutes, as expected, but then no more requests are sent to the Pi hole (seems very similar to the problem of my phone). As such, websites that were blocked during the first few minutes are not blocked anymore.
Note that all these devices are still showing up as connected to the Pi hole network.
For my cell phone, I made sure I am not using ipv6 and that I do not use a private DNS (because apparently the phone could have used Google DNS if I had done so).
In your router's DHCP settings, double check that you have entered the Pi-hole's IP address 192.168.0.29 as the only DNS server to give out to clients.
Then disconnect your desktop pc from the network and reconnect it and see if you can now see requests showing up in Pi-hole.
And indeed, when I go the the pi hole GUI, it says it blocked flurry.com. I tried with another website, and Pi hole seems to work like this, when I "visit" websites from the command line. However when I visit the website(s) with my web browser, they aren't blocked. Hmm... is there cache involved?
Thanks for those tests, it shows your Pi-hole is working and serving clients.
Your web browser may be using its own DNS protocols, bypassing your Pi-hole. Not sure which browser you have but here are instructions how to check and turn it off on the mains ones.
If you're using Safari on Mac and you pay for iCloud+ you have access to Apple's iCloud Private Relay which is a similar service. You can manage the settings for that.
With the feature off, try a blocked site again and confirm it no longer loads and you can see the block in your Pi-hole Query Log.
I'm using Firefox. I went to Menu, Settings, Network Settings and I see that DNS over https is disabled by default. However Pi hole gets no request when I visit, for example, prebid.adnxs.com.
I am not sure what to answer. In my router's settings, I have specified a single DNS address, it's the one of the Pi hole's device.
I also see my devices connected to Pi hole (in dashboard).
I am still facing the problem. From the command line, Pi hole seems to work fine. However any browser (I just tried Brave, Chromium, Duckduckgo (mobile) and Firefox) bypasses the pi, most of the time. Yes, there was a time, maybe for a few minutes, where it worked on my desktop pc, i.e. websites were correctly blocked and I could see it in the Pi hole interface. But that's very rare.
If you are using DNS over HTTPS then you will see the DNS server configured in Firefox (probably Cloudflare).
If you are using Pi-hole you will see a number of Google servers, since you are using Google's DNS for Pi-hole's upstream, and you will see the queries in the Query Log if you refresh it.
If you are using neither then this should help reveal a bit more about what's going on.
IP Hostname ISP Country
213.36.12.13 None Free SAS Paris, France
213.36.12.4 None Free SAS Paris, France
213.36.12.5 None Free SAS Paris, France
213.36.12.6 None Free SAS Paris, France
213.36.12.7 None Free SAS Paris, France
The tech contact on there is at proxad.net which, if visited in a browser, bounces to https://www.free.fr/freebox/ which is some sort of IPTV streaming dongle.
Do you have that or anything like it on that machine (the Firefox one), or have you installed any software from them on there?
Do you have any Firefox add-ons installed. maybe to do with streaming, which might be doing this?
On the machine running Firefox display the DNS servers that have been assigned by your router (not sure which OS it is, maybe macOS from the prompt so here are a selection of commands that should work):
Your debug log shows your network to have full IPv6 connectivity:
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] www.paypal-pay-error.neocities.org is :: on lo (::1)
[✓] www.paypal-pay-error.neocities.org is :: on wlan0 (2a01:<redacted>64)
[✓] www.paypal-pay-error.neocities.org is :: on wlan0 (fe80::<redacted>19)
[✓] doubleclick.com is 2a00:1450:4007:818::200e via a remote, public DNS server (2001:4860:4860::8888)
Furthermore, your router is advertising its own IPv6 ULA as DNS server:
*** [ DIAGNOSING ]: contents of /etc
-rw-r--r-- 1 root root 51 Jun 4 09:15 /etc/resolv.conf
nameserver fd0f:ee:b0::1
This would allow your clients to by-pass Pi-hole.
You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server or to stop advertising its own.
You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.
If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.
If your router doesn't support that either, your clients will always be able to bypass Pi-hole via IPv6.
resolvectl
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: uplink
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
Link 2 (enp0s31f6)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: fd0f:ee:b0::1
DNS Servers: 192.168.0.29 fd0f:ee:b0::1
Link 3 (docker0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
and
cat /etc/resolv.conf
# This is /run/systemd/resolve/resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 192.168.0.29
nameserver fd0f:ee:b0::1
search .