Expected Behaviour:
Pi-Hole installed on Raspberry PI, available on IP address 192.168.1.54 should work as my local network primary DNS to block blacklisted domains.
Actual Behaviour:
My router is on 192.168.1.1
My Raspberry Pi with Pi-Hole installed is on 192.168.1.54
I set 192.168.1.54 as the primary DNS on the router.
Now, on my computer (192.168.1.69) I test a domain that should be blocked.
- Using raspberry pi as NS:
dig @192.168.1.54 pewnyzabieg.pl
...
;; ANSWER SECTION:
pewnyzabieg.pl. 2 IN A 0.0.0.0
it's ok, resolved as 0.0.0.0 so I assume blocking works
- Using my router as NS:
dig @192.168.1.1 pewnyzabieg.pl
...
pewnyzabieg.pl. 20327 IN A 185.253.212.22
it's incorrect because it resolved the domain name to its real IP address, not blocked.
Let's check the router logs:
- No reply from 192.168.1.54(+10) for pewnyzabieg.pl, now asking 87.204.204.204
- Resolved UDP query for pewnyzabieg.pl via 87.204.204.204
So, domain was not resolved my Pi-Hole and the secondary DNS has been used.
What did I do wrong, that the Pi-Hole works fine from my computer, but does not resolve domains when asked from my router?
Debug Token:
[✓] Your debug token is: https://tricorder.pi-hole.net/nrb41eGa/
Edit:
Additional information.
I observe Pi-Hole logs with pihole -t
and there is no log when I try to resolve the host via my router and it works fine when I send the request directly to the raspberry pi machine.