Just upgraded to v5 and having some issues.
I'm using unbound as per the guide.
Able to run sudo apt update
Error message. Can't resolve raspbian.raspberrypi.org
Having ran pihole -d I get an error at the point of using curl to upload the log:
There was an error uploading your debug log
Output of the following from the Pi terminal?
nslookup raspbian.raspberrypi.org
pi@pi-hole:~ $ nslookup raspbian.raspberrypi.org
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
raspbian.raspberrypi.org canonical name = mirrordirector.raspbian.org.
Name: mirrordirector.raspbian.org
Address: 93.93.128.193
Name: mirrordirector.raspbian.org
Address: 2a00:1098:0:80:1000:75:0:3
I added the URL to my whitelist and rebooted and it seems like it works now.
But this shouldn't be necessary right?
Run
pihole -q raspbian.raspberrypi.org
to see if the domain is on any of your adlists.
Sorry. Should have mentioned, I have done this and it doesn't appear in any list
Result following addition to whitelist:
pi@pi-hole:~ $ pihole -q raspbian.raspberrypi.org
Match found in exact whitelist
raspbian.raspberrypi.org
Then there should be no need to whitelist it, maybe it was a network connectivity issue?
Have you tried to remove it from whitelist again and see if still workes?
Not yet, but I will do later when I get some time
All other network connectivity seemed ok at the time. The only issue I had was running apt update
Could have been a coincidence I guess (hope)
Will report back later
So I've removed the URL from.my whitelist, and sudo apt update runs ok.
However, something doesn't seem right with my install...
For a start, the number of blocked domains has dropped for 500k is to 216k
I can't access the dashboard via pi.hole/admin but can reach it using the pi IP.
When I run pihole -g I see some errors about lists being unreachable.
And previously blocked sites are now accessible.
There is also a noticeable slow down of my network, in terms of webpage loading times
Here's a sample from the gravity update output
[i] Target: https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Risk/hosts
[✗] Status: Connection Refused
[✗] List download failed: no cached list available
[i] Target: https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
[✗] Status: Connection Refused
[✗] List download failed: using previously cached list
[i] Received 166125 domains
[i] Target: https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
[✓] Status: Retrieval successful
[i] Received 0 domains
And I still get an error at the point of using curl at the end of pihole -d so can't share the debug log.
Any help would be appreciated
EDIT
One more point, all my Google home devices have stopped working since updated pihole
And my logs have a lot of SERVFAIL results
Do you have IPv6 connections to the Internet? Does https://ipv6-test.com work okay? Your nslookup shows an IPv6 AAAA address and curl will try to use IPv6 first.
Also check the time on the Pi-hole, SERVFAIL often means DNSSEC is broken and a bad clock will do that.
Time on the pi is OK
IPV6 is disabled at my isp provided router, as here
pi@pi-hole:~ $ sudo service unbound status
● unbound.service - Unbound DNS server
Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-07-14 21:31:25 BST; 18h ago
Docs: man:unbound(8)
Process: 1177 ExecStartPre=/usr/lib/unbound/package-helper chroot_setup (code=exited, status=0/SUCCESS)
Process: 1180 ExecStartPre=/usr/lib/unbound/package-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
Main PID: 1184 (unbound)
Memory: 8.5M
CGroup: /system.slice/unbound.service
└─1184 /usr/sbin/unbound -d
Jul 14 21:31:23 pi-hole systemd[1]: Starting Unbound DNS server...
Jul 14 21:31:24 pi-hole package-helper[1180]: /var/lib/unbound/root.key has content
Jul 14 21:31:24 pi-hole package-helper[1180]: fail: the anchor is NOT ok and could not be fixed
Jul 14 21:31:25 pi-hole systemd[1]: Started Unbound DNS server.
Note the fail with the anchor?
i tried running sudo unbound-anchor -v -a /var/lib/unbound/root.key but i get the same error saying the anchor is not ok and could not be fixed
nslookup is returning IP addresses so I don't think the unbound error is directly related but it does need to be fixed. It may be caused by the same issue which is curl.
What does ip address list show on the Pi-hole device terminal? We're looking for both IPv4 and IPv6 addresses. If the interfaces have IPv6 addresses assigned to them and no actual IPv6 connectivity then curl will fail. This is a long known issue. ubuntu - Curl with ipv6 not working by default - Unix & Linux Stack Exchange
Is this a new know issue? As everything was ok before the update of pihole. I've made no other changes at all.
I've s oures for a fix on the unbound error bit can't seem to find anything that works
pi@pi-hole:~ $ ip address list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:25:f7:dd brd ff:ff:ff:ff:ff:ff
inet 192.168.0.45/24 brd 192.168.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::ed00:d4e6:2795:78cc/64 scope link
valid_lft forever preferred_lft forever
Try disabling DNSSEC, start unboud and update the achor.
It's a known issue with curl. I'd need to see the debug log to look further in to it. /var/log/ should contain the local copy of the debug log if you can get that to us.
I'm happy to send it, how would be best?
PM it to me.
Tried this and still get the anchor error
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.