Conditional Forwarding to Fritzbox doesn't work in v6

SlothSquared · February 19, 2025, 5:51pm

I am also experiencing this issue since updating to v6.

The pihole.log file shows a response from my router as an 'NXDOMAIN' when, for example, trying to access my Home Assistant server. This was working in the seconds before updating to v6 with no other changes made to my router or network setup.

Feb 19 17:50:24 dnsmasq[2141273]: query[A] hass.domain.home from 10.0.0.39
Feb 19 17:50:24 dnsmasq[2141273]: forwarded hass.domain.home to 10.0.0.1
Feb 19 17:50:24 dnsmasq[2141273]: reply hass.domain.home is NXDOMAIN

(my domain replaced with 'domain.home' for privacy)

rdwebdesign · February 19, 2025, 7:15pm

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

SlothSquared · February 19, 2025, 9:41pm

Sure thing - here's the debug log URL https://tricorder.pi-hole.net/dTQWDw08/

Bucking_Horn · February 20, 2025, 6:25am

SlothSquared, I've split your post into a separate topic, as your observation is different from OP, as your Conditional Forwarding line has a domain:

     revServers = [
       "true,10.0.0.0/24,10.0.0.1,domain.home"
     ] ### CHANGED, default = []

What's the output of:

dig hass.domain.home @10.0.0.1

bungh0l10 · February 20, 2025, 4:13pm

Sorry for jumping in here as well but unfortunately I also can't see client names but I guess I filled the line correctly.

revServers = [
  "true,192.168.224.0/27,192.168.224.1,fritz.box"
]

Debug token https://tricorder.pi-hole.net/n1WqN75N

SlothSquared · February 21, 2025, 4:48pm

Hi,

Sorry for the delay getting back. Here's the response running the dig command from the pihole.

sloth@pihole:~ $ dig hass.domain.home @10.0.0.1

; <<>> DiG 9.18.24-1-Debian <<>> hass.domain.home @10.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50135
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;hass.domain.home.                        IN      A

;; AUTHORITY SECTION:
.                       86400   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2025022100 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 10.0.0.1#53(10.0.0.1) (UDP)
;; WHEN: Fri Feb 21 16:47:02 GMT 2025
;; MSG SIZE  rcvd: 118

Bucking_Horn · February 21, 2025, 6:54pm

That demonstrates that your router at 10.0.0.1 indeed does not know hass.domain.home, returning NXDOMAIN when queried directly.

So Conditional Forwarding is working, but NXDOMAIN is what Pi-hole receives when querying your router, at least for hass.domain.home.

Your debug log shows two Local DNs records:

     hosts = [
       "10.0.0.24 homeassistant.local",
       "10.0.0.1 unifi.local"
     ]

Note that these are using .local TLD, which is reserved for mDNS protocol usage and should not be mixed with plain DNS.

You should remove/rename those entries.

Since you state that resolving hass.domain.home has been working previously by virtue of Conditional Forwarding retrieving names from your router:
Would you router perhaps know other names, and does it support reverse lookups to get a name for an IP, e.g. dig -x 10.0.0.1 @10.0.0.1 for your router's own name?

I also notice that your Pi-hole has processed a request from 10.0.50.97

*** [ DIAGNOSING ]: Pi-hole log
-rw-r----- 1 pihole pihole 8.4M Feb 19 21:39 /var/log/pihole/pihole.log
   -----head of pihole.log------
   Feb 19 00:00:12 dnsmasq[1734551]: query[A] time.nist.gov from 10.0.50.97

As your router's subnet is 10.0.0.0/24 , that's an IP outside of your router's subnet.

Do you perhaps have another router in your network, managing 10.0.50.0/24 and associated names?

system · March 14, 2025, 6:55pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.