[BUG] Pi-Hole seems to not work on clients without hostnames with conditional forwarding turned on

SirMuffington · March 14, 2020, 12:34pm

Expected Behaviour:

My Xiaomi phone without a hostname should have no ads displayed. The query log should contain DNS requests.

Actual Behaviour:

My Xiaomi phone without a hostname displays ads and ignores Pi-Hole completely, even though I disabled the IPv6 interface on my OpenWrt router. The query log is not getting filled by that device. If I go to network the device is green and shows that it has received queries in the past. I followed the following tutorial to setup my Pi-Hole with my router: https://www.reddit.com/r/pihole/comments/av1qd4/setting_up_pihole_on_openwrt/

Debug Token:

e4hb5zfy3n

Configuration

Pi-Hole is setup as a DNS Forwarder only, DHCP server is the router. The DNS IP is a local IP address, which is also a login portal behind the router (also coming from the WAN interface). As in the tutorial the port 53 is being redirected to the Pi-Hole. I double-checked the IPs and interface names in the firewall rules. Maybe DNS-Over-HTTPS is being used? Other devices with hostnames show up in the queries correctly and block ads successfully.

UPDATE
Turning off conditional forwarding does not seem to help solve the issue.
Changing IP settings to static with the DNS server set does not remove ads, but makes it send out DNS request queries to Pi-Hole which are seen right after making setting changes.
When turning on the phone the queries to MIUI and android time servers are shown.

deHakkelaar · March 14, 2020, 1:14pm

If install/start the “Terminal Emulator” app on the Xiaomi phone, what does below show ?

getprop net.dns1

getprop net.dns2

getprop net.dns3

SirMuffington · March 14, 2020, 1:23pm

Thanks for replying. getprop net.dns1 returns fd74:9123:c63e::1, getprop net.dns2 returns my Pi-Hole internal IPv4 address, net.dns3 is empty. I turned off private DNS in the settings.

deHakkelaar · March 14, 2020, 1:32pm

Is that fd74:9123:c63e::1 IPv6 address Pi-hole ?

SirMuffington · March 14, 2020, 1:38pm

appears to be an incorrect IPv6 according to ipcalc. Or maybe it's a IP range or the router itself. How to do I change the DNS server on my phone?

deHakkelaar · March 14, 2020, 1:39pm

And check if you have IPv6 support upstream from your ISP:

If dont have IPv6 support upstream, try disabling anything IPv6 related on the router.
And renew DHCP lease on your phone by disconnecting/reconnecting WiFi.
And oc check the getprop commands again.

SirMuffington · March 14, 2020, 1:44pm

Starting Nmap 7.70 ( https://nmap.org ) at 2020-03-14 14:41 CET
Nmap scan report for (192.168.1.1)
Host is up (0.00033s latency).

PORT STATE SERVICE
67/udp open dhcps

Is this a good result?
According to the link you provided IPv6 is not supported by my ISP.

deHakkelaar · March 14, 2020, 1:48pm

No.
If you look at my nmap example output, you'll notice below line:

| Domain Name Server: 10.0.0.2

If dont have IPv6 support upstream, its of no use to have IPv6 support on your own LAN.
It only complicates matters.

SirMuffington · March 14, 2020, 2:07pm

I had to run

uci set 'network.lan.ipv6=off'
uci set 'network.wan.ipv6=off'
uci set 'dhcp.lan.dhcpv6=disabled'
/etc/init.d/odhcpd disable
uci commit

on the OpenWrt router and then reboot and voilá it worked! Thanks a bunch!

system · April 4, 2020, 2:07pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.