DNS trouble

Justahusky · January 20, 2024, 1:05am

Please follow the below template, it will help us to help you!

Expected Behaviour:

Running pihole -up on my raspberry pi SHOULD update pi Hole and FTL and clicking the link within pi hole to update gravity SHOULD update my ad lists

Actual Behaviour:

Even though all PCs on my network can browse and use the internet without issue, and even though the raspberry pi has internet access and can browse without issue, pi hole cannot update itself it fails and says unable to complete update and as I look at the steps its taking it says "DNS resolution is currently unavailable"

Debug Token:

https://tricorder.pi-hole.net/bGpSCcEk/

DanSchaper · January 20, 2024, 6:51pm

You are pointing the Pi-hole server to itself for DNS, remove the last nameserver line and try again.

-rw-r--r-- 1 root root 82 Jan 19 10:27 /etc/resolv.conf
   search lan
   nameserver 4.4.4.4
   nameserver 10.0.0.144

Second, you seem to have both eth0 and wlan0 up and active, this is rarely needed and rarely a good networking configuration.

Third, your IPv6 connectivity doesn't exist:

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] unior.beeois.com is :: on lo (::1)
[✗] Failed to resolve unior.beeois.com on eth0 (fe80::ecc7:6203:7e20:e80f)
[✗] Failed to resolve unior.beeois.com on wlan0 (fe80::91d3:87b7:d09f:33e7)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

You also seem to have DHCPv6 requests happening, and the admin page is warning you of this situation.

*** [ DIAGNOSING ]: Pi-hole diagnosis messages
   count   last timestamp       type                  message                                                       blob1                 blob2                 blob3                 blob4                 blob5               
   ------  -------------------  --------------------  ------------------------------------------------------------  --------------------  --------------------  --------------------  --------------------  --------------------
   1       2024-01-19 17:01:48  DNSMASQ_WARN          no address range available for DHCPv6 request via eth0                                                                                                                    
   
   1       2024-01-19 17:01:48  DNSMASQ_WARN          no address range available for DHCPv6 request via wlan0                                                                                                                   
   
   1       2024-01-19 17:00:44  DNSMASQ_WARN          not giving name raspberrypi to the DHCP lease of 10.0.0.219                                                                                                               
                                                      because the name exists in /etc/hosts with address 127.0.1.1                                                                                                              
   
   1       2024-01-19 17:00:44  DNSMASQ_WARN          not giving name raspberrypi.lan to the DHCP lease of 10.0.0.                                                                                                              
                                                      219 because the name exists in /etc/hosts with address 127.0                                                                                                              
                                                      .1.1

I don't see any errors with the adlists not updating, and the timestamps for a few of them are up to date.

Justahusky · January 20, 2024, 9:29pm

Oddly enough, this setup has worked since inception/initial setup. Its only been in the last 24 hours that I seem to be getting these DNS issues. It was working perfect for several weeks now

Justahusky · January 20, 2024, 11:05pm

I'm not sure where that DNS address is listed/located, I have it set to use Google and Cloud flare for upstream, but I dont have anything else specified for a nameserver, I dont see where to go to edit that one out

DanSchaper · January 21, 2024, 8:52pm

The name of the file is listed at the top of the code snippet. /etc/resolv.conf.

It appears to be added from a DHCP server lease, your DHCP server is advertising the IP address of the Pi-hole DNS server on each interface. How have you configured the IP address on the Pi-hole server's individual interfaces?

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   
   * Received 300 bytes from wlan0:10.0.0.144
     Offered IP address: 10.0.0.220
     Server IP address: 10.0.0.144
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 10.0.0.144
      lease-time: 86400 ( 1d )
      renewal-time: 43200 ( 12h )
      rebinding-time: 75600 ( 21h )
      netmask: 255.255.255.0
      broadcast: 10.0.0.255
      dns-server: 10.0.0.144
      domain-name: "lan"
      router: 10.0.0.1
      --- end of options ---
   
   
   * Received 300 bytes from eth0:10.0.0.219
     Offered IP address: 10.0.0.220
     Server IP address: 10.0.0.219
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 10.0.0.219
      lease-time: 86400 ( 1d )
      renewal-time: 43200 ( 12h )
      rebinding-time: 75600 ( 21h )
      netmask: 255.255.255.0
      broadcast: 10.0.0.255
      dns-server: 10.0.0.219
      domain-name: "lan"
      router: 10.0.0.1
      --- end of options ---
   
   DHCP packets received on interface eth0: 1
   DHCP packets received on interface wlan0:

Edit: It seems that you have set up the routing metrics to prefer the wired eth0 over the wifi interface but the IP address on the wifi interface is the one being added to /etc/resolv.conf.

*** [ DIAGNOSING ]: Network routing table
   default via 10.0.0.1 dev eth0 proto dhcp src 10.0.0.219 metric 100 
   default via 10.0.0.1 dev wlan0 proto static metric 600 
   10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.219 metric 100 
   10.0.0.0/24 dev wlan0 proto kernel scope link src 10.0.0.144 metric 600

Justahusky · January 21, 2024, 10:29pm

My background is very heavily that of Windows and not Linux, this is my first foray into the Linux world, so I never touched the command line to set any of this up. All I did to set up DHCP is the settings you see in the screenshot here, so if something is set wrong Im having a hard time figuring out why/how it got set that way (and yes, I know, thats a craptastic domain name "lan" that was an oversight on my part and I never got around to changing it) *****edit I did find and open that file in the /etc directory, the resolv.conf, and the only address in there is 4.4.4.4 so I dont know where that other address came from or why its gone but there still seems to some sort of DNS issue, gravity still cant perform the update for the block lists and I still cant update FTL or Pihole due to the DNS resolution error

DanSchaper · January 21, 2024, 11:17pm

Okay, let's take a step back.

Why do you have both the WiFi and wired ethernet interface connected and running?

Justahusky · January 22, 2024, 6:24am

Its bit of redundancy gone wrong but hardly a connection ending setup ( keep in mind, best practices aside, this setup has been working quite well for weeks now and its just the past couple of days out of the blue that I have this DNS trouble), I just wasnt sure which one I was going to go with and once I got pihole up and running I just forgot about it. I actually have it just running on the wireless now as I needed that spot on my flex mini for something else. That is the raspberry pi itself though, and throughout all of this, its always had connectivity. I can reach any website that anything else on m network can, by name, just fine. I only get these DNS issues when I try to update pi hole, either from the link from within pihole or if i use the command line on the raspberry pi.

DanSchaper · January 22, 2024, 5:11pm

The issues you run in to with dynamic routing are very similar to what you are seeing. It works, until it doesn't.

Having two interfaces on the same subnet is like having two driveways leading up to a two door garage, but you can't really be sure what door is open at any time. Eventually you end up sitting looking at a closed door.

The fact that you had an entry in /etc/resolv.conf that showed up in the debug log but then didn't exist when you tried to edit the file means that the server is somehow getting DHCP lease information and adding/removing DNS entries for your server. Combine that with weighted routing means you can have DNS entries that will try to go out an interface that wont respond. You'll try to route the packets out wlan0 that will not get a response.

Looking back at your routing table I see that you have a static IP assigned to wlan0 but you have eth0 being assigned through DHCP.

This is a long winded way of saying, unless you know networking and can manipulate the routing tables and IP stack to make sure you never have a dead route then pick an interface and only one interface.

Justahusky · January 22, 2024, 6:00pm

I currently have my Pi setup on wireless only, I can access the internet from the Raspberry Pi and I can access the admin interface of Pi Hole, no issue there. Knowing the role that DNS serves, it's not making much sense as to why I can access the internet in general, but sites related to pi hole such as updating my lists or updating pi hole and ftl fail to connect and return the DNS error.

Thanks,

Lee Yokum

DanSchaper · January 22, 2024, 6:32pm

Can you do another debug log please? The one you provided did not show any logs that we expect to see if there is a problem sourcing lists. If there is a problem downloading lists then a warning is logged and the admin interface will display a yellow warning icon that links to the logged warning stating the remote lists were not accessible.

Your previous debug log also showed at least one of the lists was updated with a timestamp very close to when the debug log was provided. The debug log also showed that it was able to pass a DNS resolution test over IPv4. I provided the snippet showing that IPv6 connectivity did not exist at the time of the log. It doesn't appear that you have an IPv6 address in the /etc/resolv.conf file but that can't be determined for sure since at least one entry in /etc/resolv.conf is dynamically added depending on the DHCP configuration and when eth0 decides to request a new lease.

Again, this all looks like intermittent connectivity issues that happen when you have a network stack configuration like I see here.

Justahusky · January 22, 2024, 8:40pm

Id love to but at this point it looks like the Rpasberry Pi has lot internet connectivity. Its currently up on that wifi connection with the ethernet disabled, but for some reason it seems it cannot get anywhere. I dont have a way to get that file uploaded

Justahusky · January 22, 2024, 8:43pm

I was able to still access the admin interface and run the debug process that way, still unable to upload it , but copy and past work fine:

DanSchaper · January 23, 2024, 6:01pm

There's a number of issues with your networking:

I can see that you have the wired eth0 disconnected and wlan0 up.

IPv6 is still failing, this might not affect you, I don't know if you are trying to utilize IPv6


*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] worldnowboston.112.2o7.net is 0.0.0.0 on lo (127.0.0.1)
[✓] No IPv4 address available on eth0
[✓] worldnowboston.112.2o7.net is 0.0.0.0 on wlan0 (10.0.0.144)
[✓] doubleclick.com is 142.250.217.78 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] code.orange-jelly.net is :: on lo (::1)
[✓] No IPv6 address available on eth0
[✗] Failed to resolve code.orange-jelly.net on wlan0 (fe80::91d3:87b7:d09f:33e7)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

The routing is static but that metric seems a little high:

*** [ DIAGNOSING ]: Network routing table
   default via 10.0.0.1 dev wlan0 proto static metric 600 
   10.0.0.0/24 dev wlan0 proto kernel scope link src 10.0.0.144 metric 600

Somehow there is a DHCP server leaking from the WAN side:

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   
   * Received 300 bytes from wlan0:10.0.0.144
     Offered IP address: 10.0.0.220
     Server IP address: 10.0.0.144
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 10.0.0.144
      lease-time: 86400 ( 1d )
      renewal-time: 43200 ( 12h )
      rebinding-time: 75600 ( 21h )
      netmask: 255.255.255.0
      broadcast: 10.0.0.255
      dns-server: 10.0.0.144
      domain-name: "lan"
      router: 10.0.0.1
      --- end of options ---
   
   
   * Received 300 bytes from wlan0:96.x.x.y
     DHCPOFFER XID (1243359820) does not match our DHCPDISCOVER XID (1293330440) - ignoring packet (not for us)
   DHCP packets received on interface wlan0: 1

The adlists have last modified dates ranging from 2024-01-06 11:23:57 to 2024-01-19 16:38:37

I still don't see any errors logged showing lists being inaccessible, I do see a client trying to register a real domain, probably a work laptop? I've redacted the domain but you can see the full entry in the logs.

*** [ DIAGNOSING ]: Pi-hole diagnosis messages
   count   last timestamp       type                  message                                                       blob1                 blob2                 blob3                 blob4                 blob5               
   ------  -------------------  --------------------  ------------------------------------------------------------  --------------------  --------------------  --------------------  --------------------  --------------------
   1       2024-01-22 11:46:40  DNSMASQ_WARN          Ignoring domain taxxx-yy.catxxxx.yyy for DHCP host n                                                                                                              
                                                      ame WAFSCLEUS004                                                                                                                                                          
   
   1       2024-01-22 10:27:05  DNSMASQ_WARN          not giving name raspberrypi to the DHCP lease of 10.0.0.219                                                                                                               
                                                      because the name exists in /etc/hosts with address 127.0.1.1                                                                                                              
   
   1       2024-01-22 10:27:05  DNSMASQ_WARN          not giving name raspberrypi.lan to the DHCP lease of 10.0.0.                                                                                                              
                                                      219 because the name exists in /etc/hosts with address 127.0                                                                                                              
                                                      .1.1

The traffic logs show queries coming in and being resolved from the upstreams.


*** [ DIAGNOSING ]: Pi-hole log
-rw-r----- 1 pihole pihole 12M Jan 22 12:26 /var/log/pihole/pihole.log
   -----head of pihole.log------
   Jan 22 00:00:06 dnsmasq[3210]: query[A] cdn.steamstatic.com from 10.0.0.242
   Jan 22 00:00:06 dnsmasq[3210]: forwarded cdn.steamstatic.com to 8.8.8.8
   Jan 22 00:00:06 dnsmasq[3210]: query[A] cdn.steamstatic.com from 10.0.0.242
   Jan 22 00:00:06 dnsmasq[3210]: forwarded cdn.steamstatic.com to 8.8.8.8
   Jan 22 00:00:06 dnsmasq[3210]: forwarded cdn.steamstatic.com to 8.8.4.4
   Jan 22 00:00:06 dnsmasq[3210]: validation result is INSECURE
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.75
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.64
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.67
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.65
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.51
   Jan 22 00:00:06 dnsmasq[3210]: reply cdn.steamstatic.com is 23.32.46.66
   Jan 22 00:00:06 dnsmasq[3210]: query[A] steamstore-a.akamaihd.net from 10.0.0.242
   Jan 22 00:00:06 dnsmasq[3210]: forwarded steamstore-a.akamaihd.net to 8.8.8.8
   Jan 22 00:00:06 dnsmasq[3210]: query[A] wpad.lan from 10.0.0.242
   Jan 22 00:00:06 dnsmasq[3210]: config wpad.lan is NXDOMAIN

system · February 13, 2024, 6:02pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.