At a loss; domains not being blocked (Apple only?)

Please follow the below template, it will help us to help you!

Expected Behaviour:

Domains such as doubleclick, taboola, etc should be blocked from loading

Actual Behaviour:

Ads from those domains continue to load

Debug Token:

https://tricorder.pi-hole.net/oiwwae5gf7

I've tried manually setting my DNS to pi-hole, restarting my macbook, manually adding the domains to the blacklist via CLI and web gui, and nothing. URL I am using to test: https://gamesradar.com/steam-summer-sale-2019-deals/
I have Google WiFi as my router, and unfortunately does not allow me to disable DHCP, so I configured it to use pi-hole as the DNS server. Seems to work on arstechnica.com? Question mark because I am not 100% sure. Ads seem less but not sure if it's blocking everything. Thanks.

CORRECTION: not all ads are being blocked on ars. Google Syndication still going through.

You are most likely seeing ads that are being resolved via IPV6.

Is your router using the IPV6 IP of the Pi-hole as it's IPV6 DNS server?

Thank you, @RamSet. No, I set it to use the ipv4 address. Interesting about IPv6... how would I go about troubleshooting that?

Or blocking ipv6 ads?

Some more info: (see flashtalk)

46%20PM3360×1670 1.3 MB

pihole -q flashtalking
 Match found in list.0.raw.githubusercontent.com.domains:
   servedby.flashtalking.com
   secure.flashtalking.com
   cdn.flashtalking.com
   stat.flashtalking.com
   flashtalking.com
 Match found in list.2.sysctl.org.domains:
   cdn.flashtalking.com
   servedby.flashtalking.com
   stat.flashtalking.com
 Match found in list.5.s3.amazonaws.com.domains:
   flashtalking.com
 Match found in list.6.hosts-file.net.domains:
   a.flashtalking.com
   cdn.flashtalking.com
   secure.flashtalking.com
   servedby.flashtalking.com
   servedby.flashtalking.com.16508.9069.302br.net
   servedby.flashtalking.com.16510.9069.302br.net
   servedby.flashtalking.com.16514.9069.302br.net
   servedby.flashtalking.com.16516.9069.302br.net
   servedby.flashtalking.com.16518.9069.302br.net
   servedby.flashtalking.com.16520.9069.302br.net
   servedby.flashtalking.com.16521.9069.302br.net
   servedby.flashtalking.com.16522.9069.302br.net
   servedby.flashtalking.com.16524.9069.302br.net
   servedby.flashtalking.com.16525.9069.302br.net
   servedby.flashtalking.com.16526.9069.302br.net
   servedby.flashtalking.com.16529.9069.302br.net
   servedby.flashtalking.com.16530.9069.302br.net
   servedby.flashtalking.com.23979.9167.302br.net
   servedby.flashtalking.com.23981.9167.302br.net
   servedby.flashtalking.com.23983.9167.302br.net
   servedby.flashtalking.com.23989.9167.302br.net
   servedby.flashtalking.com.23992.9167.302br.net
   servedby.flashtalking.com.23993.9167.302br.net
   servedby.flashtalking.com.23994.9167.302br.net
   servedby.flashtalking.com.23995.9167.302br.net
   servedby.flashtalking.com.24000.9167.302br.net
   servedby.flashtalking.com.24001.9167.302br.net
   servedby.flashtalking.com.24327.9172.302br.net
   servedby.flashtalking.com.63355.9124.302br.net
   servedby.flashtalking.com.63356.9124.302br.net
   servedby.flashtalking.com.63357.9124.302br.net
   servedby.flashtalking.com.63358.9124.302br.net
   servedby.flashtalking.com.63359.9124.302br.net
   servedby.flashtalking.com.63360.9124.302br.net
   servedby.flashtalking.com.63362.9124.302br.net
   servedby.flashtalking.com.63364.9124.302br.net
   servedby.flashtalking.com.63375.9311.302br.net
   servedby.flashtalking.com.63376.9311.302br.net
   servedby.flashtalking.com.63377.9311.302br.net
   servedby.flashtalking.com.63378.9311.302br.net
   servedby.flashtalking.com.63379.9311.302br.net
   servedby.flashtalking.com.63380.9311.302br.net
   servedby.flashtalking.com.63381.9311.302br.net
   servedby.flashtalking.com.63382.9311.302br.net
   servedby.flashtalking.com.63384.9311.302br.net
   servedby.flashtalking.com.70369.9591.302br.net
   servedby.flashtalking.com.70370.9591.302br.net
   servedby.flashtalking.com.70371.9591.302br.net
   servedby.flashtalking.com.70372.9591.302br.net
   Over 50 results found, skipping rest of file

In a network environment where both IPV6 and IPV4 are present, IPV6 is preferred (by default).

Your Pi-hole installation has IPV6 support enabled and the IPV6 assigned to it (Pi-hole) matches the one in the setup.

You can see that IPV6 IP in the /admin/ interface.

What you need to do is specify within the router (if possible) the IPV6 DNS server under the IPV6 related settings.

You can either manually specify that IP on the clients OR, disable IPV6(?).

I personally disabled IPV6 support within my network...

Try it in a different browser.

Chrome is known to inject acts like that ...

Just checked and IPv6 is disabled on the router. I added a manual entry to my system preferences for the IPv6 address of my pi-hole. Still loaded ads after restarting DNS cache on my laptop and restarting chrome. Let me try another browser.
Command I used to restart cache resolver:

sudo killall -HUP mDNSResponder; sleep 2; echo macOS DNS Cache Reset | say

Ads still load on Firefox

Runt the tail feature on the /admin/ and see where the query is directed to. It might be a different domain serving those ads...

This one? -> admin/queries.php

This one:

image281×272 9.78 KB

I think I've found the issue.. whenever I'm connected to my company VPN ads are not blocked. Disconnect and all of a sudden ads are blocked.

That would do it.

VPN connection settings override local connections.

That includes DNS settings/servers too.

Sorry for the run-around, and thank you so much for your help!

No problem. Glad you sorted it out

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.