DNS lookups point to 10.0.0.1 (ASUS router)

Please follow the below template, it will help us to help you!

Expected Behaviour:

DNS server resolves domains correctly

Actual Behaviour:

DNS server incorrectly resolves domains to 10.0.0.1 intermittently. Happens often for periods of up to 5-10 minutes.

Debug Token:

Failure case
8.8.8.8 resolving doubleclick.com to 10.0.0.1 [l43d2wdhe4]

Success case
8.8.8.8 resolving doubleclick.com to 172.217.20.110 [h19j4v04bq]

My set up

I have two Asus routers, one is pppoe WAN and the other is in bridge mode. Both have DHCP disabled and the former has WAN > automatic DNS settings disabled and I have pointed it instead to the pi. DHCP and DNS server is enabled on the pi.

Edit 11/12/17

I have made 2 logs (tokens pasted above) that show the behaviour. Occasionally the upstream DNS (in my case google) will resolve requests to 10.0.0.1 for some reason which is obviously incorrect. Why is this happening? I doubt google's DNS is actually replying with that?

Any clues as to what might be causing this?

I came across this post: https://github.com/RMerl/asuswrt-merlin/issues/1403 which sounds exactly like I am experiencing. I have disabled the setting mentioned in the link and will see if it acts up again over the next day or so.

You should use Pi-hole on the LAN DNS configuration, not the WAN configuration, of your router.

I was not able to get to your issue in time, so the debug logs expired (limit is 48 hours). Can you make new ones?

The link that I posted in my reply actually helped to fix the problem, I no longer experience the original problem. It seems to affect Asus routers only as its a specific setting in their firmware. For the record I am using an DSL-AC55U and DSL-N17U in my topology.

That said, I am still experiencing issues with pi-hole. I have no debug logs at the moment as it occurs less frequently, but I was streaming the logs from the admin interface just before as it was happening:

Dec 14 21:18:11 dnsmasq[22835]: query[A] soundcloud.com from 192.168.1.89
Dec 14 21:18:11 dnsmasq[22835]: forwarded soundcloud.com to 208.67.220.220
Dec 14 21:18:11 dnsmasq[22835]: forwarded soundcloud.com to 208.67.222.222
Dec 14 21:18:11 dnsmasq[22835]: query[A] soundcloud.com from 192.168.1.89
Dec 14 21:18:11 dnsmasq[22835]: forwarded soundcloud.com to 208.67.220.220
Dec 14 21:18:11 dnsmasq[22835]: forwarded soundcloud.com to 208.67.222.222
Dec 14 21:18:12 dnsmasq[22835]: query[A] soundcloud.com from 192.168.1.89
Dec 14 21:18:12 dnsmasq[22835]: forwarded soundcloud.com to 208.67.220.220
Dec 14 21:18:12 dnsmasq[22835]: forwarded soundcloud.com to 208.67.222.222

As you can see it receives the requests from the LAN clients, forwards to openDNS, but never gets a response or at least doesn't reply to the LAN clients.

What do you reckon is happening here?

Also, reading your recommendation to set the DNS config in the LAN section instead of WAN - I don't think this is an issue since pi-hole is working for all clients, just intermittently the above issue occurs. Also bare in mind I have the pi-hole running the network's DHCP server and so have disabled DHCP on the router (and associated LAN DNS settings).

Additionally, I am running an OpenVPN server on the router for which I would like DNS requests to go via pi-hole which means I need to set DNS in WAN anyway.

Hello again,

Just had the issue again and ran the pihole -d.
Unfortunately it failed to upload the log (presumably due to DNS issue).

Where can I upload it?

You can upload it to any pastebin service. The debug log is located at /var/log/pihole_debug.log

Based on the log you PM'd me:

[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)

What is the output of dig doubleclick.com @8.8.8.8 ?

The rest of the log looks good, and I saw at least one query in the dns log correctly forwarded.

I've faced the same problem with my Asus router. When there is no internet, then the router will redirect to 10.0.0.1 which is actually the feature of this router, but it seems that there is a bug in this feature. In order to solve this problem, "Enable WAN down browser redirect notice" should be disabled.

I’ve faced the same problem with my TP router. When there is no internet, then the router will redirect to 10.0.0.1 which is actually the feature of this router, but it seems that there is a bug in this feature.

1 Like

Its asus bug, check at administration, uncheck Enable WAN down browser redirect notice. Then problem gone.

1 Like