Devices not using pi as DNS

NetworkMalfeasor · October 18, 2024, 7:17am

Expected behavior: Most ads are blocked, queries are logged. Devices are routed through pi.

Actual behavior: Still get ads and seeing 1-3 queries/minute from my router and none blocked. Devices do not appear to be routed through pi (hard to say, I'm bad at networks).

Just got pi-hole installed and still trying to get everything configured. I set the pi with a static IP address via the router, and set my router to use that IP as its sole DNS. I cannot connect to the pi-hole through pi.hole/admin, and can still access blocked content.

The pi-hole is running on Raspbian, and I had an issue a couple days ago while messing around with this that prevented the device from using the ethernet. I made some changes to the wlan and eth network configurations to try and fix that, but ended up just disabling the wifi. I don't think any of that should be causing an issue because I can still SSH into the pi-hole and access the dashboard. Otherwise it's just the stock OS.

I ran dig pi-hole.net from my desktop and got this

; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> pi-hole.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26918
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		111	IN	A	3.18.136.52

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Fri Oct 18 02:46:52 EDT 2024
;; MSG SIZE  rcvd: 56

Routed through the pihole got this:

; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ub
untu <<>> pi-hole.net @192.168.1.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53902
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		300	IN	A	3.18.136.52

;; Query time: 23 msec
;; SERVER: 192.168.1.22#53(192.168.1.22) (UDP)
;; WHEN: Fri Oct 18 02:47:03 EDT 2024
;; MSG SIZE  rcvd: 56

I'd like to get this configured without accidentally bricking my router again, but I'm not familiar with networking in the slightest. Any help on getting the last bit working would be greatly appreciated.

Debug log: https://tricorder.pi-hole.net/4HpK8vdG/

stonerl · October 19, 2024, 10:04am

What brand of router are you using. There are some example configs in the documentation.

NetworkMalfeasor · October 19, 2024, 3:54pm

Using a Netgear R7960P.

I suspect what might be happening is that every device except the pihole is connected to the wireless (pihole connected via ethernet), but I don't know how to check that or whether it makes a difference.

I tried setting the pihole as the DHCP server, but that just resulted in not being able to connect to the network at all. From what I can tell, I shouldn't need to change the DHCP server unless I can't set the pi as the DNS.

nprampage · October 21, 2024, 2:40pm

Just trying to keep this allve for you; what you're describing probably isn't the conventional "bricking" of a router, but rather it had incorrect DNS settings and couldn't look up anything (brick usually means completely non-functional, inaccessible router interface from normal means, etc.).

So with that in mind, Wifi or not really shouldn't make a difference if both are using the same network addresses (192.168.1.x, for example). That 127.0.0.53 address from your DIG - are you running this under Docker or anything similar?

Where are you entering these DNS settings? The WAN or LAN settings? If WAN, that may be contributing to your issue. Given the choice, I've had better experience leaving WAN settings along and just changing DNS for the LAN devices (YMMV).

Also, you may want to consider not using IPv6 for clients unless you have a specific need, at least until you get things working under IPv4 only as this tends to simplify troubleshooting a bit.

You may want to run another debug report and upload, as I think the uploaded ones expire after a couple of days.

NetworkMalfeasor · October 21, 2024, 7:08pm

Sorry for the confusion, yes it was just an issue with the DHCP settings.
None of the clients use IPv6, so that shouldn't be an issue.
The networks pool IP addresses, so I think you're correct and that's not an issue.
No docker or anything. I am using a VPN, so that might explain the dig address.

Okay, so the only place I found to enter the DNS on my router's firmware is under what it labels "Internet setup". It doesn't specify whether it's referring to the WAN or LAN. I did some more digging to see whether this option had the intended effect and found a forum post where someone wanted to "set DHCP to assign a specific DNS server". They were told to do what I did, and this was their final response after trying that.

Thanks, I saw that but I'm not sure if it truly changes what the client is given via DHCP. Unfortunately, nslookup returns the router address as DNS when done that way. When I manually change my computers adapter to 1.1.1.1, nslookup shows it as being used for lookups. I'll accept the answer, but when I get some free time, I'll see if I can verify with wireshark. The reason I'm asking is because I'm getting constant
"DNS_PROBE_FINISHED_NXDOMAIN" errors and the only thing that seems to resolve it is manually entering DNS on my clients. Thanks!

I'm not sure, but it seems like I was setting the WAN DNS address and not the LAN DNS address. If that's the case and there's not an option to set the LAN DNS on the firmware would I need to set the pi as the DHCP or could I set the pi as the LAN DNS from terminal?

New debug log: https://tricorder.pi-hole.net/Rt4TEasr/

nprampage · October 21, 2024, 7:46pm

From perusing the user manual, it looks like there's a LAN Setup section under Advanced/LAN Setup. If nothing else, you can find where to disable your router's DHCP server there so you can use Pihole's DHCP function, but maybe there's some functionality to customize DNS a bit? But the documentation seems to support what you said, I agree:

The router delivers the following parameters to any LAN device that requests DHCP:
• An IP address from the range that you define
• Subnet mask
• Gateway IP address (the router’s LAN IP address)
• DNS server IP address (the router’s LAN IP address)

NetworkMalfeasor · October 21, 2024, 8:54pm

Thanks for your input. I'll try and set the pi as the DHCP tonight.

As mentioned, when I tried this before I wound up not being able to set an IP address for any device, whether I used wifi or the ethernet. I followed the steps here in the link below, but when I rebooted my devices to reset the connexion nothing got through, even after rebooting the pihole. Not sure if anyone has any idea why that may have happened or how to avoid it, but I'll see if it's repeatable and report back.

DHCP link: How do I use Pi-hole's built in DHCP server (and why would I want to)?

NetworkMalfeasor · November 4, 2024, 2:08pm

Got interrupted by life for a bit, but I got the pi working as the DHCP last night. Turns out, I just needed a system with a static IP so I could stay connected to the pi long enough to configure it as the DHCP.

However, it still won't block anything. I blacklisted a test website, restarted the pihole, even restarted my computer, but I could still access said blacklisted site.

Additionally, this morning it started failing to assign IP addresses. I checked the dashboard and found this message:

no address range available for DHCP request via eth0

New debug log generated this morning after the DHCP issues started.
https://tricorder.pi-hole.net/Cf4M9qRU/