Changing dns manually on pc kills internet

It should be connected. I see my raspberry on router's ARP list with correct mac and ip adress.

Thank you for pin pointing https over regex. I will fix that.

Hello @DanSchaper , do you need more info?

Are you still running into the same troubles as initially stated?
What has changed since your last message?
Did you fix your regex and multiple local DNS server issues?

1 Like

Hello @Bucking_Horn , thank you for your reply. Right now I'm not at home but as soon as I arrive I will post updated state. I didn't change anything but my regex list.

Hello again, I just checked ipconfig /all and I still see those dns servers:
192.168.0.10
192.168.0.10
8.8.8.8
192.168.0.1

On both my routers I have only 2 dns servers - primary and secondary both 192.168.0.10 but why I still see 8.8.8.8 and 192.168.0.1 ? :confused:

Thats your router misbehaving.
You can check what DNS servers your router is dishing out with below one:

pi@ph5b:~ $ pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
[..]
   dns-server: 10.0.0.2
   dns-server: 10.0.0.4

Some routers can be flashed with custom firmware so via additional settings, it doesnt advertise itself or other DNS servers to the clients.
But this is not without risks as you could brick your router if goes wrong!!!
Safer to do below:

1 Like

Hello @deHakkelaar , I did pihole-FTL dhcp-disover and I see those dns servers:

  • Received 286 bytes from wlan0:192.168.0.1
    Offered IP address: 192.168.0.10
    Server IP address: N/A
    Relay-agent IP address: N/A
    BOOTP server: (empty)
    BOOTP file: (empty)
    DHCP options:
    Message type: DHCPOFFER (2)
    server-identifier: 192.168.0.1
    lease-time: Infinite
    netmask: 255.255.255.0
    router: 192.168.0.1
    dns-server: 192.168.0.10
    dns-server: 192.168.0.10
    dns-server: 8.8.8.8
    dns-server: 192.168.0.1
    --- end of options ---

Then I followed your advice to turn on DHCP server in pi-hole and disabling DHCP server on router. I was successful. After running ipconfig /all I finally saw correct dns servers both 192.168.0.10 which belongs to raspberry pi ! Nice but I completely lost internet connection :frowning:

Any suggestions?

That solves one of the two problems:

The other issue is that your Pi-hole instance cant communicate whith DNS servers residing on the Internet (or at least the 8.8.8.8 one):

Below is the one you need to get working/fix (need to get an ANSWER SECTION with an IP):

pi@ph5b:~ $ dig @8.8.8.8 doubleclick.com

; <<>> DiG 9.11.5-P4-5.1+deb10u5-Raspbian <<>> @8.8.8.8 doubleclick.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41584
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;doubleclick.com.               IN      A

;; ANSWER SECTION:
doubleclick.com.        299     IN      A       142.250.179.206

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri May 14 03:51:06 CEST 2021
;; MSG SIZE  rcvd: 60

Check if a local firewall is blocking (below is permissive allowing all):

pi@ph5b:~ $ sudo iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Check if you have a route to Google's public DNS service at 8.8.8.8:

pi@ph5b:~ $ traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  10.0.0.1  1.177 ms  0.896 ms  0.644 ms
 2  192.168.1.1  1.160 ms  0.808 ms  0.955 ms
 3  62.58.240.1  8.833 ms  8.242 ms  7.787 ms
 4  212.53.25.201  10.155 ms  10.173 ms  10.685 ms
 5  * * *
 6  * * *
 7  8.8.8.8  7.928 ms  7.719 ms  7.291 ms

Check your router for any kind of security settings that might hinder/block DNS queries (53 TCP+UDP) against Google's 8.8.8.8 (and possibly other public DNS servers).
You could try for example to resolve via Cloudflare's public DNS service at 1.1.1.1 to diagnose:

pi@ph5b:~ $ dig @1.1.1.1 doubleclick.com

; <<>> DiG 9.11.5-P4-5.1+deb10u5-Raspbian <<>> @1.1.1.1 doubleclick.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43562
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;doubleclick.com.               IN      A

;; ANSWER SECTION:
doubleclick.com.        300     IN      A       172.217.169.46

;; Query time: 23 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri May 14 03:57:32 CEST 2021
;; MSG SIZE  rcvd: 60
1 Like

Below is the one you need to get working/fix (need to get an ANSWER SECTION with an IP):

I've tried dig @8.8.8.8 doubleclick.com and here's the result:

; <<>> DiG 9.11.5-P4-5.1+deb10u3-Raspbian <<>> @8.8.8.8 doubleclick.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Check if a local firewall is blocking (below is permissive allowing all):
I did sudo iptables -nL and here's the result:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Check if you have a route to Google's public DNS service at 8.8.8.8 :

I did traceroute -n 8.8.8.8 and here's the result:

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

Check your router for any kind of security settings that might hinder/block DNS queries (53 TCP+UDP) against Google's 8.8.8.8 (and possibly other public DNS servers).
You could try for example to resolve via Cloudflare's public DNS service at 1.1.1.1 to diagnose:

I did dig @1.1.1.1 doubleclick.com and here's the result:

; <<>> DiG 9.11.5-P4-5.1+deb10u3-Raspbian <<>> @1.1.1.1 doubleclick.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

It looks like it doesn't have internet connection but after running iwgetid I see correct wlan0 ESSID.

Your results indicate something is preventing your client from talking to public DNS servers.
As your local on-device firewall seems to be clear, it's highly likely that your router is responsible.

If you haven't already done so in the meantime, you should follow deHakkelaar's advice:

Also, below shows your Pi-hole host doesnt have a route to 8.8.8.8 and most likely also no route to other public IP addresses:

This might indicate a wrong IP configuration on the Pi-hole host.
Below file (should) contain the static IP configuration for the network interface(s):

pi@ph5b:~ $ tail /etc/dhcpcd.conf
[..]
interface eth0
  static ip_address=10.0.0.4/24
  static routers=10.0.0.1
  static domain_name_servers=10.0.0.1

Make sure the static routers field reflects the IP of your router and resides in the same subnet as the static ip_address field.
You can change these settings by editing that file with below:

sudo nano /etc/dhcpcd.conf

And run below after save/exit to apply:

sudo service dhcpcd restart

Validate by running below two (the default via IP should be the router IP):

pi@ph5b:~ $ ip route show default
default via 10.0.0.1 dev eth0 src 10.0.0.4 metric 202
pi@ph5b:~ $ ip route get 8.8.8.8
8.8.8.8 via 10.0.0.1 dev eth0 src 10.0.0.4 uid 1000

And if you changed anything, test again with the traceroute -n 8.8.8.8 command.
And check if the dig commands are successful after changing anything.

1 Like

I' changed /etc/dhcpd.conf and after running tail command I see this configuration which seems correct:

interface wlan0
static ip_address=192.168.0.10/24
static routers=192.168.0.1
static domain_name_servers=192.168.0.1

I didn't set eth0 as you mentioned because I have pi WH connected wirelessly so I'm playing around with wlan0.

It seems ok in my eyes. 192.168.0.10 is my pi ip address and it's reserved in my router. 192.168.0.1 is my router's ip and 192.168.0.1 is also my default gateway.

I tried command route -ne and cat /etc/resolv.conf and I see this configuration and I don't think it's correct.
route-ne

Even though I changed dhcpcd.conf the results are same. I still see 4 DNS servers and traceroute with dig commands are still the same :confused:

What did you change?

Thats correct.
You dont have any other network interfaces besides wlan0 connected right?

These are correct.
It shows the default route to the Internet 0.0.0.0 is via your router IP 192.168.0.1.
But I prefer you use below to check:

ip route show default

ip route get 8.8.8.8

And also, please copy/paste the text output to here instead of those screenshots?
I also like to copy/paste instead of typing over your screenshot data :wink:

What client operating systems do you have connected to this same WiFi AP segment?
And can these clients browse the Internet?
What IP details does one of these clients show (IP address, subnet mask, gateway)?

Currently, you have to focus on getting the traceroute working properly as that one will show if your route to 8.8.8.8 is working or not!

EDIT: Ow ps. can you ping the router from the Pi-hole host?

ping 192.168.0.1

traceroute does something similar both using the ICMP protocol.

EDIT2: Could you post output for one more:

ip -4 neighbor show | awk '{print $1}'

1 Like

What did you change?

I wrote this configuration into /etc/dhcp.conf

interface wlan0
static ip_address=192.168.0.10/24
static routers=192.168.0.1
static domain_name_servers=192.168.0.1

Thats correct.
You dont have any other network interfaces besides wlan0 connected right?

My home network is quite simple. I have 1 main router connected to internet 192.168.0.1 and second router 192.168.0.2 as wifi signal extender (bridge) with dhcp turned off. Raspberry PI Zero is connected thru wifi and I have only one wired connection from main router to TV only. So I guess it's correct.

But I prefer you use below to check:

ip route show default

ip route get 8.8.8.8

After ip route show default I see this:

default via 192.168.0.1 dev wlan0 src 192.168.0.10 metric 302

After ip route get 8.8.8.8 I see this:

8.8.8.8 via 192.168.0.1 dev wlan0 src 192.168.0.10 uid 1000
    cache

And also, please copy/paste the text output to here instead of those screenshots?
I also like to copy/paste instead of typing over your screenshot data :wink:

No more screenshots, sorry for that!

What client operating systems do you have connected to this same WiFi AP segment?
And can these clients browse the Internet?
What IP details does one of these clients show (IP address, subnet mask, gateway)?

I'm connected with 2 android phones, 2 iphones, 2 iPads, 3 windows laptops and 1 I hope 1 raspberry pi zero wh with this no gui os Raspberry Pi OS – Raspberry Pi

EDIT: Ow ps. can you ping the router from the Pi-hole host?

ping 192.168.0.1

Ping doesn't seem to be ok :confused:

PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
^C
--- 192.168.0.1 ping statistics ---
102 packets transmitted, 0 received, 100% packet loss, time 184ms

EDIT2: Could you post output for one more:

ip -4 neighbor show | awk '{print $1}'

Yes, here's the result

192.168.0.20
192.168.0.18
192.168.0.11
192.168.0.13
192.168.0.1
192.168.0.5
192.168.0.3
192.168.0.7
192.168.0.4

Hmm I don't see 192.168.0.10 which should belong to raspberry pi.

1 Like

The ip neighbor command lists your neighbors only.

What does below show in a CMD prompt on one of those Windows laptops connected via WiFi?

C:\>ipconfig /all
[.]
Ethernet adapter Local Area Connection:


   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : zondag 16 mei 2021 19:31:04
   Lease Expires . . . . . . . . . . : maandag 17 mei 2021 19:31:04
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.2
   DNS Servers . . . . . . . . . . . : 10.0.0.2
                                       10.0.0.4
[..]

I am only interested in above lines and in particular, the Default Gateway its using! (redact the rest for privacy)
And the network interface name Local Area Connection could be different for your laptop.

1 Like

The ip neighbor command lists your neighbors only.

Ok, thank you for clarifiyng this.

What does below show in a CMD prompt on one of those Windows laptops connected via WiFi?

Wireless LAN adapter Wi-Fi:

DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : neděle 16. května 2021 20:39:16
Lease Expires . . . . . . . . . . : pondělí 17. května 2021 0:55:33
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.10
192.168.0.10
8.8.8.8
192.168.0.1

Ok that should rule out using a wrong default gateway for that WiFi segment I guess.
But still odd that you'r not able to ping the router.
Can that Windows laptop ping the router IP 192.168.0.1 or the Pi-hole IP 192.168.0.10 ?
Can you ping your laptop 192.168.0.7 from the Pi-hole host?

And just to be sure, whats output for below on Pi-hole?

ip -4 -br link show | awk '{print $1 " " $2 " " $4}' | column -t

ip -4 -br address show

ip -4 route show

Redact the MAC address from the first command output for privacy!

1 Like

Sorry if I've overlooked it, but I cannot seem to find a reaction to or your details for:

Did you ever check that?

2 Likes

@deHakkelaar @Bucking_Horn I will reply as soon as I will be at home. Thank you very much guys. I really appreciate you're helping me out!

1 Like

Can that Windows laptop ping the router IP 192.168.0.1 or the Pi-hole IP 192.168.0.10 ?
Can you ping your laptop 192.168.0.7 from the Pi-hole host?

Yes, ping from laptop 192.168.0.13 to router 192.168.0.1 is ok (100% packets received 0% lost).
Ping from pi 192.168.0.10 to laptop 192.168.0.13 is ok (100% packets received 0% lost).
Ping from laptop 192.168.0.13 to router 192.168.0.1 is ok (100% packets received 0% lost).
Ping from pi 192.168.0.10 to router 192.168.0.1 is not working (100% packets lost).

And just to be sure, whats output for below on Pi-hole?
ip -4 -br link show | awk '{print $1 " " $2 " " $4}' | column -t

lo     UNKNOWN  <LOOPBACK,UP,LOWER_UP>
wlan0  UP       <BROADCAST,MULTICAST,UP,LOWER_UP>

ip -4 -br address show

lo UNKNOWN 127.0.0.1/8
wlan0 UP 192.168.0.10/24

ip -4 route show

default via 192.168.0.1 dev wlan0 src 192.168.0.10 metric 302
192.168.0.0/24 dev wlan0 proto dhcp scope link src 192.168.0.10 metric 302