I run pihole on olimex server with debian bullseye. Pihole is set via DHCP with 192.168.178.56 and the telekom router is on 192.168.178.1. I want to set pihole as the system wide DNS server. So I set it in the router settings (speedport pro plus).
After that, I get no connection from pihole to the internet. If I take the pihole as DNS server on the router away, the connection is back. So the pihole can not have itself as the own dns server. But the thing is, within pihole, I set the DNS to OepnDNS and DNS.WATCH.
Pi-hole can use itself as the system DNS but it's not recommended, because if it encounters a bug which is fixed in an update, or if a rule blocks something it needs for maintenance, it can end up stuck unable to reach what it needs.
The Pi-hole DNS setting is the one you're describing at the end there. The setting of interest is the the OS DNS setting, on which Pi-hole is running, which is set normally during OS install. For Debian 11 this is found in /etc/resolv.conf. I think for Debian 12 it's managed by Network Manager.
So have a look in /etc/resolv.conf, and see what that says. You should see something like the below, and you can manually edit it if needed, changes are instant. If this file is being managed by something you'll normally see a comment in there advising as well, and you should use whatever that is to make the changes instead, for example it might say that it's managed by Network Manager so you would use that instead.
nameserver 1.1.1.1
Ideally you want the Debian 11 setup to have a static IP and manually entered details which are fixed, and that's where the OS nameservers would have been originally populated from during setup.
Can you create a debug log please and post the token URL here? You can do this in Tools > Generate debug log >Upload debug log and provide Debug token > Generate debug log .
Thanks. When you wrote "I get no connection from pihole to the internet" can you expand on exactly what that means please? What are you trying and what happens? What are you expecting to see? What happens when you try and access a blocked site from a client computer on the network, when Pi-hole is the DNS server in the router?
Your debug log shows the router is giving itself out as the DNS server to use instead of the Pi-hole. Normally that would be a reason why Pi-hole is not being used by clients. In your case I think you're describing something different, which is why I ask the question above. And since you removed Pi-hole as DNS, that probably explains why this debug log shows the router is once again the DNS server.
If I set PiHole as the DNS server in my speedport router, I can not even ping something within PiHole. So I ping 1.1.1.1 and get no answer. If the speedport itself is DNS, I can ping, can update etc. So surely the DNS server is now just the speedport, because otherwise, I could not upload the log file. I'm not even so far to try smth with clients, because the PiHole itself get no connection to the internet, if I set it as DNS in speedport.
So the question is not, why it's not beeing used by clients, but, why PiHole get no connection if set as DNS in the speedport.
I hope, the problem is a little bit clearer now. Thanks!
This guide is from a few years ago. Perhaps someone with a speedport could chime in. I didn't do an exhaustive search but there are comments suggesting that you need to use pihole as the DHCP server for speedports. That might not apply to your model.
Pinging an IP address is not affected by the DNS server used in your router. There is something more going on in what you describe. Ideally you want the following:
Router is working and is the DHCP server and DNS server for the network initially. The router's own upstream DNS is something external, probably your ISP's DNS.
You install Pi-hole and arrange for it to have a static IP (either manually or reserved by the router)
Edit the router's DHCP setting so that it gives out the Pi-hole's IP instead of itself (the router) to clients to use as DNS
Toggle a device off and on your network so it picks up the settings. Test that it's using Pi-hole for DNS.
If the router does not support editing the DHCP settings and changing the DNS, as CallMeCurious suggested, then you can switch to using Pi-hole as the DHCP server. That requires a little bit of planning, but first step is to confirm that you can make the change.
puh.. stupid telekom crap! Sorry... have just problems with this provider, but can not change because of the LTE function which is needed.
@chrislph the points are all set, as you mention. I can set DNS in the speedport pro plus version. In the pihole, I set some tracker free DNS. So for my understanding, it should work this way.
Speedport as DHCP server with Pihole as DNS --> Pihole via LAN with extra DNS upstream ---> Clients use Speedport as DNS and get the PiHole as DNS.
But exactly that way, I just get no connection to the internet within Pihole/Debian, after I set Pihole as DNS server within speedport. I have no explanation for such behavior.
Set Pi-hole as the DNS in the Speedport router's DHCP section
Select a client machine, eg a laptop or a desktop (not Pi-hole) and take it off and back on to the network (to pick up the new Speedport DNS setting)
Then on that client machine run the three commands below. What do you get?
nslookup flurry.com
nslookup flurry.com 192.168.178.56
ping 1.1.1.1 (let it try a few times then use Ctrl-c to quit)
And then ssh in to the Pi-hole terminal and run these three commands. What do you get?
nslookup flurry.com
nslookup flurry.com 127.0.0.1
ping 1.1.1.1 (let it try a few times then use Ctrl-c to quit)
While the Speedport is set up with Pi-hole, can you please do another debug log and post the new token here.
If Pi-hole says it cannot upload the debug log because it cannot connect to the internet, put the Speedport back to the way it was so the internet works again, and then upload that same debug log with the command
On the client:
flurry. com works
flurry.com 192.168.178.56 (PiHole) shows time out
ping works
On the debian/pihole works nothing, so time out
By the way. Speedport uses ipv6 DNS before it uses ipv4. I set just 192.168.178.56 for pihole. Tried to set the ipv6, but it shows me an error while saving. This should be the ipv6 from pihole: 2003:f2:6720:c3fb:321f:9aff:fed1:4263/64
The debug log shows that the router is the DHCP server but it is still giving out itself (the router) to use as DNS and not Pi-hole. Did you follow these steps? What happened?
The debug log shows that Pi-hole is blocking domains, but it was unable to ping the router via IPv4 and was able to ping it via IPv6. And it was unable to reach Google's DNS via IPv4 but was able to reach it via IPv6.
My suspicion is that some aspect of your Olimex Debian setup is interfering with its operation, maybe a firewall or the way the network was confgured during installation. I'm afraid I'm out of ideas other than to try a clean install and follow the above steps, making sure things are working at each step along the way.
If you are not using IPv6 for anything you might consider disabling it, if that's possible, at least temporarily. This will eliminate that as a variable.
This guide is from a few years ago. Perhaps someone with a speedport could chime in. I didn't do an exhaustive search but there are comments suggesting that you need to use pihole as the DHCP server for speedports. That might not apply to your model.
I deactivated ipv6 on the debian/pihole and the connection to the net works if I activate the pihole as DNS within the speedport. But the problem stays, that the speedport prefer ipv6 DNS, so it uses own DNS and ignores my ipv4 entry. Speedport is just S...!
pihitch: