Can't resolve dns lookups on my Pi from LAN devices

You used nslookup the wrong way.
You were suppose to either do the TXT CHAOS version lookup or any other query like for example below:

nslookup pi-hole.net 208.67.222.222

Above one will try to query the DNS server 208.67.222.222 to resolve the name pi-hole.net to an IP address.

Although you used nslookup the wrong way, it indicates pihole-FTL is working properly.
pihole-FTL recevied the query to do a reverse lookup for 208.67.222.222,
pihole-FTL forwarded the query to its upstream configured DNS server (208.67.222.222 or 208.67.220.220),
it got a reply and answer was returned via 127.0.0.1 port 53 on the loopback network interface.

I suspect iptables not configured properly and blocking.
Have you already tried to do below and run some tests ?

My Pi's iptables didn't have many rules in the first place, but I tried flushing them and rerunning nslookup -type=txt -class=chaos version.bind $(hostname -I) with the same result.

Just to be sure, do you get reply with below one on Pi-hole ?

nslookup pi.hole 192.168.1.31

And what about below one ?

nslookup pi.hole 127.0.0.1

EDIT: and could you post output for below one to check for rouge config files that hold settings that might mess things up ?

sudo grep -v '^#\|^$' -R /etc/dnsmasq.* | sort

pi@raspberrypi:~ $ nslookup pi.hole 192.168.1.31
;; connection timed out; no servers could be reached

pi@raspberrypi:~ $ nslookup pi.hole 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   pi.hole
Address: 192.168.1.31

pi@raspberrypi:~ $ sudo grep -v '^#\|^$' -R /etc/dnsmasq.* | sort
/etc/dnsmasq.conf:conf-dir=/etc/dnsmasq.d
/etc/dnsmasq.conf.old:conf-dir=/etc/dnsmasq.d
/etc/dnsmasq.d/00-openvpn.conf:interface=tun0
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/black.list
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/gravity.list
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/local.list
/etc/dnsmasq.d/01-pihole.conf:cache-size=10000
/etc/dnsmasq.d/01-pihole.conf:dhcp-ignore-names=tag:wpad-ignore
/etc/dnsmasq.d/01-pihole.conf:dhcp-name-match=set:wpad-ignore,wpad
/etc/dnsmasq.d/01-pihole.conf:localise-queries
/etc/dnsmasq.d/01-pihole.conf:local-service
/etc/dnsmasq.d/01-pihole.conf:local-ttl=2
/etc/dnsmasq.d/01-pihole.conf:log-async
/etc/dnsmasq.d/01-pihole.conf:log-facility=/var/log/pihole.log
/etc/dnsmasq.d/01-pihole.conf:log-queries
/etc/dnsmasq.d/01-pihole.conf:no-resolv
/etc/dnsmasq.d/01-pihole.conf:server=208.67.220.220
/etc/dnsmasq.d/01-pihole.conf:server=208.67.222.222

Thats the culprit.
Move it out of there to your home folder:

sudo mv /etc/dnsmasq.d/00-openvpn.conf ~

Restart:

sudo service pihole-FTL restart

And test again:

nslookup pi.hole 192.168.1.31

nslookup pi.hole 127.0.0.1

And from Windows client if above looks good:

nslookup pi.hole 192.168.1.31

Thanks! I'll have to figure out how to get VPN and LAN working in conjunction.

Make sure you change "Interface listening behavior" into "Listen on all interfaces, permit all origins":

http://pi.hole/admin/settings.php?tab=dns

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.