Asus AC68


#62

I don’t understand…it was running properly and then all I did was download nmap and ran the command you suggested…and the result is above…Now, adblocking is not longer on!..despite a sudo reboot!!


#63

Above bit shows your router is misbehaving same as ours and pushing two DNS servers to its clients via the routers DHCP service.
The 10.1.1.240 DNS address is blocking ads but the router address 10.1.1.1 is not.
You can configure the Asus router to use the Pi-hole IP address for upstream resolution in the WAN part of the router, but then you miss out on the great stats being displayed on the web GUI (see the other threads).
Thats why the switch to Pi-hole’s own DHCP service if you like stats.

You dont assign anything on the client PC.
Leave the DNS settings on the client default to acquire IP details like IP address, subnet mask, DNS servers and gateway automatically via DHCP from either the router or Pi-hole’s own DHCP service.

Yes, if that 10.1.1.3 address is available, put that in place in the /etc/dhcpcd.conf file at the bottom part in the wlan0 section.
After changing IP and saving the file, you’ll need to reboot Pi to apply.
And afterwards you need to reconfigure Pi-hole (nameserver hack to be safe plus pihole -r) to use the newly assigned static IP address 10.1.1.3 instead of 10.1.1.240.
Next step is to disable the DHCP service on the router, and activate Pi-hole’s own DHCP service using the web GUI.
When activating Pi-hole’s DHCP service, you can assign the range of IP addresses to hand out to the clients to be 10.1.1.10 up to 10.1.1.254.
Afters witching DHCP, reboot your client PC and other client devices so they pick up the new Pi-hole DHCP server which in turn supplies the clients with the correct IP details including one DNS server … the Pi-hole IP address.

Testing on a client can be done with nslookup.
If you leave out the Pi-hole IP address at the end and only lookup the name pi.hole, nslookup will query the DNS server thats configured in the OS (supplied via DHCP) eg:

nslookup pi.hole

What do you mean ?
Did something break ?
nslookup's not working anymore ?
What errors do you see or post a screenshot (you can copy/paste images here) ?
Installing nmap and running it should not have changed anything related to networking or Pi-hole.
I’ve installed nmap and run it on countless occasions without any troubles.


#64

pi@PiHole:~ $ nslookup doubleclick.com 10.1.1.240
Server: 10.1.1.240
Address: 10.1.1.240#53

Name: doubleclick.com
Address: 0.0.0.0

pi@PiHole:~ $ nslookup pi.hole 10.1.1.240
Server: 10.1.1.240
Address: 10.1.1.240#53

Name: pi.hole
Address: 10.1.1.240

pi@PiHole:~ $

The above were my commands. Before my commands, the webpage (Bitcoin.jpg) after the commands the webpage (BitcoinAfter.jpg). Seems very weird?!!

…advert gone. Maybe it has to do with this dual DNS problem?


#65

What happens to the network if the Rpi - which sets the DHCP - fails for some reason. What should be/is the back up? Is it manual or will it happen automatically?


#66

Can you point out whats weird ?
Its getting late and am bit sleepy.

Am not sure what stage your in ?
Have you switched DHCP from router to Pi-hole by now and your still seeing ads on the client PC ?
Try reboot the client PC to force it to renew its DHCP lease @ Pi-hole.

If you configure your Asus router’s WAN DNS to default or point to any other external DNS server (not Pi-hole), you only have to flip on the DHCP service on the router in case the Pi dies.


#67

Sorry, I did not make myself very clear. The bright orange advert “Stream as much as you like…” was showing in the Bitcoin page before I ran the nslookup scripts. After I ran the scripts it was no longer showing. I have not yet changed the DHCP to the Pi. So, surmising, that the difference in the webpages (the orange advert) is part of the dual DHCP problem? No?


#68

Yes this is most likely the dual DNS problem.
Two DNS servers pushed from the Asus router to the clients via DHCP.

Pew. had to edit few times … sleep catching up.
Nighty night.


#69

Thank you, sleep well!


#70

Sorry, am confusing DHCP and DNS!! :frowning: my bad!


#71

Why does my Alexa Dot show up as a client …and then has some of its requests blocked? Seems strange as I seldom use it!


#72

IOT devices such as this try to communicate to Amazon servers regularly, whether you are actively using them or not. An example from a Pi-Hole which serves Amazon devices (121 is an Echo):

sudo grep 192.168.0.121 /var/log/pihole.log | grep query | tail -n25
Mar 12 18:09:17 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:10:19 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:11:19 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:12:38 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:13:53 dnsmasq[500]: query[A] d3p8zr0ffa9t17.cloudfront.net from 192.168.0.121
Mar 12 18:13:54 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:16:05 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:17:30 dnsmasq[500]: query[A] device-metrics-us.amazon.com from 192.168.0.121
Mar 12 18:18:53 dnsmasq[500]: query[A] d3p8zr0ffa9t17.cloudfront.net from 192.168.0.121

#73

Thank you!


#74

If you configure your Asus router’s WAN DNS to default or point to any other external DNS server (not Pi-hole), you only have to flip on the DHCP service on the router in case the Pi dies.

Blockquote

I am not sure I fully understand this. So set the WAN DNS (as opposed to the LAN DNS) to 10.1.1.1 say and then turn on DHCP on the router?!


#75

There is no wlan0 section (wlan0 is not mentioned at all in the document) only eth0??


#76

Did you edit this WAN DNS setting on the router ?
What was in it before you started tinkering with Pi-hole ?
Below my settings with 192.168.1.1 being my upstream ISP modem and 62.58.48.30 is one of the DNS servers from my ISP:

Sounds like some network settings still not configured properly.
Can you post outcome for below ones ?

ip a

grep -v '^#\|^$' /etc/dhcpcd.conf

grep -v '^#\|^$' /etc/network/interfaces


#77

pi@PiHole:~ $ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether b8:27:eb:dd:0c:bf brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:88:59:ea brd ff:ff:ff:ff:ff:ff
inet 10.1.1.240/24 brd 10.1.1.255 scope global wlan0
valid_lft forever preferred_lft forever
inet6 fe80::c275:c91:b0e:89c9/64 scope link
valid_lft forever preferred_lft forever
pi@PiHole:~ $


#78

pi@PiHole:~ $ grep -v ‘^#|^$’ /etc/dhcpcd.conf
hostname
clientid
persistent
option rapid_commit
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
option ntp_servers
option interface_mtu
require dhcp_server_identifier
slaac private
interface eth0
static ip_address=10.1.1.240/24
static routers=10.1.1.1
static domain_name_servers=127.0.0.1


#79

pi@PiHole:~ $ grep -v ‘^#|^$’ /etc/network/interfaces
source-directory /etc/network/interfaces.d


#80

No I did not change anything on it manually (yet!).


#81

Thats the wrong tab on the screenshot, you should look under the “Internet Connection” tab.