@Mcat12 , I dont believe bcutter has configured Pi-Hole properly yet.
@bcutter , what do you mean by that ? Do you mean 10.0.0.10 is already taken by Fritzbox ? Choose another ?
If you still want to run nginx on 10.0.0.10 and Pi-Hole on 10.0.0.20:
pihole -r
please choose from the following options:
Select Upstream DNS Provider:
Select Protocol:
Do you want to use your current network settings as a static address?
Enter your desired Ipv4 address:
Once the IP bit is working, you can troubleshoot DNS.netstat -nltup' after this ?
And show us what DNS entry you have troubles with ?
nslookup <TROUBLED_NAME>
@Mcat12 , I might be wrong but the 'pihole -r' reconfigure option might not be sufficient for this case.
@bcutter , I believe you will experience no troubles if you switch other way around eg 10.0.0.10 for pi-hole and 10.0.0.20 for nginx.
Output directly run on the pi:
HTTP/1.1 302 Found
Location: https://www.google.com/doubleclick/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 13 Apr 2017 20:16:49 GMT
Server: sffe
Content-Length: 232
X-XSS-Protection: 1; mode=block
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.google.com/doubleclick/">here</A>.
</BODY></HTML>
On Firefox client I get a "Error: connection failed"
I believe you will experience no troubles if you switch other way around eg 10.0.0.10 for pi-hole and 10.0.0.20 for nginx.
That´s exactly how my setup currently looks like. As @Mcat12 said: "looks like the only thing not working is the blocking page"
Mcat12
April 13, 2017, 8:25pm
27
Please also run pihole -d for a debug token.
A lot. The relevant parts should be:
sudo netstat -nltup | grep 0.9
tcp 0 0 192.168.0.9:80 0.0.0.0:* LISTEN 19492/lighttpd
sudo netstat -nltup | grep 0.15
tcp 0 0 192.168.0.15:80 0.0.0.0:* LISTEN 7667/nginx -g daemo
tcp 0 0 192.168.0.15:443 0.0.0.0:* LISTEN 7667/nginx -g daemo
where 192.168.0.9 = pi.hole (eth0) and 192.168.0.15 = nginx (eth0:0).
What do you want me to do with the debug log? Upload? Paste (relevant parts - which one?) here?
E. g. "Resolver Functions Check":
Resolution of doubleclick.com from Pi-hole:
; <<>> DiG 9.9.5-9+deb8u10-Raspbian <<>> doubleclick.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27285
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 300 IN A 192.168.0.9
;; Query time: 6 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 13 22:28:06 CEST 2017
;; MSG SIZE rcvd: 60
Resolution of doubleclick.com from 8.8.8.8:
; <<>> DiG 9.9.5-9+deb8u10-Raspbian <<>> doubleclick.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5387
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 299 IN A 216.58.207.174
;; Query time: 40 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr 13 22:28:06 CEST 2017
;; MSG SIZE rcvd: 60
Pi-hole dnsmasq specific records lookups
Cache Size:
Upstream Servers:
Mcat12
April 13, 2017, 8:40pm
30
The debug program should prompt you to upload the log to our secure debug server, and then it will give you a token that it says to share with us so we can find your log.
Mcat12
April 13, 2017, 8:40pm
31
Did you run that curl command on the Pi-hole or a computer using Pi-hole?
On the Pi-Hole pi itself. Only Windows boxes avail... tell me how/where to else run it.
---=== Your debug token is : b7ycgdcqow Please make a note of it. ===---
Mcat12
April 13, 2017, 8:52pm
34
It should have shown that lighttpd answered the request, but it looks like it wasn't blocked. Try it again, and also run nslookup doubleclick.com.
bcutter:
A lot. The relevant parts should be:
sudo netstat -nltup | grep 0.9
where 192.168.0.9 = pi.hole (eth0) and 192.168.0.15 = nginx (eth0:0).
To reassure you abit, that looks correct.
sudo netstat -nltup | grep 'Proto\|lighttpd\|nginx'
Same output when running "curl -i http://doubleclick.com/test " on the pi.hole pi itself.doubleclick.com gives
Server: UnKnown
Address: 192.168.0.15
Name: doubleclick.com
Addresses: 2a00:1450:4001:817::200e
192.168.0.9
...on Windows and directly on the pi.hole pi:
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: doubleclick.com
Address: 172.217.16.206
Remember: .15 is nginx/other web service, .9 is lighttpd/dnsmasq/pi-hole
Right, no IPv6. Correctly disabled.
I'll let @Mcat12 answer this one
If I do a nslookup on my Pi, I get:
What does below display on your Pi ?
$ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1
And what does below one display on your Windows clients ?
Am only interested in the "DNS Servers" part.
ipconfig /all
Mcat12
April 13, 2017, 9:19pm
40
The second output means that that device isn't using Pi-hole correctly for some reason, since the domain was not blocked. What about the output of curl -i http://192.168.0.9/test?
cat /etc/resolv.conf
# Generated by dhcpcd from eth0
# /etc/resolv.conf.head can replace this line
nameserver 192.168.0.1
# /etc/resolv.conf.tail can replace this line
ipconfig /all on a Windows machine gives:DNS-Server . . . . . . . . . . . : 192.168.0.15
