Your debug log shows Pi-hole's Conditional Forwarding to be disabled, which would rule out a potential partial DNS loop.
It also shows that your Pi-hole container is not configured for your host's private range IP yet.
You should set the respective FTLCONF_REPLY_ADDR4
recommended variable.
Also, your Pi-hole seems unable to request DNS resolution through a public resolver:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] bitequals.com is 0.0.0.0 on lo (127.0.0.1)
[✓] bitequals.com is 0.0.0.0 on vmbr0 (192.168.0.100)
[✓] bitequals.com is 0.0.0.0 on wg0 (10.7.0.1)
[✓] bitequals.com is 0.0.0.0 on br-48c56dd73189 (172.18.0.1)
[✓] bitequals.com is 0.0.0.0 on br-62541a4a3877 (172.22.0.1)
[✓] bitequals.com is 0.0.0.0 on br-64c32c9d14eb (172.19.0.1)
[✓] bitequals.com is 0.0.0.0 on docker0 (172.17.0.1)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] www.pay65-olx.info is :: on lo (::1)
[✓] www.pay65-olx.info is :: on vmbr0 (fe80::<redacted>03e)
[✓] No IPv6 address available on wg0
[✓] No IPv6 address available on br-48c56dd73189
[✓] www.pay65-olx.info is :: on br-62541a4a3877 (fe80::<redacted>1fc)
[✓] No IPv6 address available on br-64c32c9d14eb
[✓] www.pay65-olx.info is :: on docker0 (fe80::<redacted>b5e)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
This would suggest that your Pi-hole would not be able to provide DNS resolution at all.
Let's check your Pi-hole's database for reply types as of June:
pihole-FTL sqlite3 "/etc/pihole/pihole-FTL.db" "SELECT reply_type, count(reply_type) FROM queries WHERE timestamp > strftime('%s','2022-06-01') GROUP BY reply_type ORDER BY reply_type;"
Also, run from a client, what's the output of:
nslookup flurry.com
nslookup google.com
And your DHCP server is not distributing Pi-hole as DNS server, but rather a pair of public ones (Vodafone's?):
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 300 bytes from vmbr0:192.168.0.1
Offered IP address: 192.168.0.12
DHCP options:
Message type: DHCPOFFER (2)
router: 192.168.0.1
dns-server: 212.166.210.80
dns-server: 212.166.132.104
--- end of options ---
This would mean that DHCP clients would by-pass Pi-hole completely, unless manually configured to use Pi-hole.
However, your Docker supplied hosts file points to two private range IPs for DNS:
*** [ DIAGNOSING ]: contents of /etc
-rw-rw-r-- 1 root 1000 68 Jun 21 15:16 /etc/resolv.conf
nameserver 192.168.0.100
nameserver 192.168.0.101
The first one seems to be the Docker host itself, so probably Pi-hole.
How does your hosts file acquire those DNS servers?
What's the second one?