The issue I am facing:
I am trying to configure pihole to block a domain. pihole will accept the domain as entered but when I open a firefox private browser and navigate to that domain the web page loads without issue. I have tried multiple domains and get the same result. I read that a private browser is best to test since the domain should not be cached by the browser and will immediately be updated. I tried flushing the dns record from a command line (ipconfig /flushdns) but it did not change anything so I believe this is a pihole settings issue.
I am testing pihole with a near stock installation. The only thing I changed was to add 2 more block lists and a single arbitrary domain. My ultimate goal is to run pihole on my Synology NAS through a docker container but I am testing a more standard setup until I understand how things need to be configured.
Details about my system:
New installation on RPi1B
Pi-hole version is v5.17.3 (Latest: v5.17.3)
web version is v5.21 (Latest: v5.21)
FTL version is v5.25 (Latest: v5.25)
Testing a single Win10 laptop configured to use pihole via manual IP settings
What I have changed since installing Pi-hole:
Added 2 add lists from firebog.net repository
Added 1 domain to test blocking
This maybe a firefox setting where it is using DNS over HTTPS. You can check for this in the privacy and security section of FF settings ( near bottom of the page). It should be turned off.
You can also test this but opening a terminal in the machine in question and running dig mediamonkey.com and note the result. If it comes back as 0.0.0.0 then the pi is working and your brower is the offender.
Firefox did have "Enable DNS over HTTPS using:" set to "Increased Protection". I disabled it and tried again but it still went through. I ran dig and it seems as though pihole is not blocking.
I see other things that are being blocked on the list so I'm assuming the laptop is pointing to the pihole server correctly. This is what showed up in the query log.
I did notice that in the dig output but didn't know what was typical. I did not want to touch the router until I had all working. So no, at this point the only thing I have changed is the laptop DNS server setting.
I am using a wireless connection but could switch to wired if it mattered. I can make the change on the router if that would be a more representative setup. I only didn't do that because other people are using the connection for their jobs and if I mess it up, even for a short time, I will hear about it for a long time.
There maybe something with the interface config? I noticed the those entries that showed block were all IPV6 queries ( AAAA records not A ). Thats a small list so maybe nothing.
If you do the dig command again but specify the pihole does it block it?
pi@raspberrypi:/etc/pihole $ dig @192.168.0.201 mediamonkey.com
; <<>> DiG 9.16.48-Raspbian <<>> @192.168.0.201 mediamonkey.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21492
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mediamonkey.com. IN A
;; ANSWER SECTION:
mediamonkey.com. 2 IN A 0.0.0.0
;; Query time: 39 msec
;; SERVER: 192.168.0.201#53(192.168.0.201)
;; WHEN: Thu Feb 15 14:59:07 PST 2024
;; MSG SIZE rcvd: 60
I just tried navigating to the web site and it is now blocked. Is there a really long time delay typically? I read in one of the documents here that I need to run the following after every change but when I tried that earlier it didn't make any difference so haven't been trying.
When you look at the server info for both ( below the answer section ), note that the IPV4 used the DNS on your router ( 192.168.0.1 ) while IPV6 used ::1 ( Local host ).
There is something not correct about the interface config for IPV4 on that machine. For whatever reason it is not using your manual settings. Is that a windows machine or something else?
The machine I have been testing on is a Win10 machine. I just tried changing the settings in pihole so this one machine would be on a group named "test" and made default unfiltered so I could set the router to use the pihole. I now have the router set such that the DNS should go to the pihole machine.
I set the laptop back to automatic DHCP. The DNS server in ipconfig is pointing to 192.168.0.1 (the router) which should presumably redirect to 192.168.0.201.
After these changes, the log shows the new traffic from R7800 (the router) but it's letting it through. I'm not trying to change too much at once but it seemed you were suggesting the laptop might be the issue so going to the router (the final goal) seemed appropriate.
Ideally when the client gets its lease from the router it will tell it the DNS Server to use as opposed to sending the request to the router and then back the Pihole. That is why you see the traffic from the router.
I'm not familiar with DD-WRT so I coiuld be off here but I believe that use DNSMasq for DNS should not be ticked? You may also want to populate local DNS as the PI's address? Again, not familiar with it.
I did some general searches in the forum and there are a few previous posts on setting up pihole with dd-wrt that may help as well.
I disabled dnsmasq and moved the pihole to local DNS. It didn't initially make any difference. However, after a few minutes more of tinkering (no changes though), domains were blocking. I added netflix.com to the list and it blocked immediately. I disabled and tried and it went through immediately. I don't understand why but it's now working as I expected (I think). I'll monitor this for a bit longer to confirm functionality.
I intend to run pihole through a Docker container on my Synology NAS in the end. Are there any users here that would be familiar with that setup? Now that PiHole is working on the RPI I may be able to migrate to the docker setup on the RPi and then hopefully to the Synology.
