Looking at your dig output the server is listed as 192.168.0.1, that is your router. Did you set the pihole to be the dns sever in the router?
I did notice that in the dig output but didn't know what was typical. I did not want to touch the router until I had all working. So no, at this point the only thing I have changed is the laptop DNS server setting.
I am using a wireless connection but could switch to wired if it mattered. I can make the change on the router if that would be a more representative setup. I only didn't do that because other people are using the connection for their jobs and if I mess it up, even for a short time, I will hear about it for a long time.
There maybe something with the interface config? I noticed the those entries that showed block were all IPV6 queries ( AAAA records not A ). Thats a small list so maybe nothing.
If you do the dig command again but specify the pihole does it block it?
dig @192.168.0.201 mediamonkey.com
pi@raspberrypi:/etc/pihole $ dig @192.168.0.201 mediamonkey.com
; <<>> DiG 9.16.48-Raspbian <<>> @192.168.0.201 mediamonkey.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21492
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mediamonkey.com. IN A
;; ANSWER SECTION:
mediamonkey.com. 2 IN A 0.0.0.0
;; Query time: 39 msec
;; SERVER: 192.168.0.201#53(192.168.0.201)
;; WHEN: Thu Feb 15 14:59:07 PST 2024
;; MSG SIZE rcvd: 60
I just tried navigating to the web site and it is now blocked. Is there a really long time delay typically? I read in one of the documents here that I need to run the following after every change but when I tried that earlier it didn't make any difference so haven't been trying.
pihole restartdns reload-lists
Something with the static config maybe.
you can test the ipv4 and ipv6 by doing a dig -4 mediamonkey.com or dig -6 mediamonkey.com and see if they are different.
Also, when you made the static changes did you disconnect and reconnect?
It shouldn't be along delay. If your using just standard pihole setting it should be pretty quick.
; <<>> DiG 9.16.48-Raspbian <<>> -4 mediamonkey.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7673
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: dd69b48b251a268eceab2bd565ce9c5a727a544f5267d70d (good)
;; QUESTION SECTION:
;mediamonkey.com. IN A
;; ANSWER SECTION:
mediamonkey.com. 600 IN A 54.39.221.200
;; Query time: 39 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Thu Feb 15 15:20:58 PST 2024
;; MSG SIZE rcvd: 88
; <<>> DiG 9.16.48-Raspbian <<>> -6 mediamonkey.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63916
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mediamonkey.com. IN A
;; ANSWER SECTION:
mediamonkey.com. 2 IN A 0.0.0.0
;; Query time: 39 msec
;; SERVER: ::1#53(::1)
;; WHEN: Thu Feb 15 15:21:31 PST 2024
;; MSG SIZE rcvd: 60
Looks like IPv4 returns 54.39.221.200 and IPv6 returns 0.0.0.0. I don't see any other differences other than the cookie line whatever that means.
I disconnected and then reconnected and it didn't make any changes to the IP settings.
When you look at the server info for both ( below the answer section ), note that the IPV4 used the DNS on your router ( 192.168.0.1 ) while IPV6 used ::1 ( Local host ).
There is something not correct about the interface config for IPV4 on that machine. For whatever reason it is not using your manual settings. Is that a windows machine or something else?
The machine I have been testing on is a Win10 machine. I just tried changing the settings in pihole so this one machine would be on a group named "test" and made default unfiltered so I could set the router to use the pihole. I now have the router set such that the DNS should go to the pihole machine.
I set the laptop back to automatic DHCP. The DNS server in ipconfig is pointing to 192.168.0.1 (the router) which should presumably redirect to 192.168.0.201.
After these changes, the log shows the new traffic from R7800 (the router) but it's letting it through. I'm not trying to change too much at once but it seemed you were suggesting the laptop might be the issue so going to the router (the final goal) seemed appropriate.
Ideally when the client gets its lease from the router it will tell it the DNS Server to use as opposed to sending the request to the router and then back the Pihole. That is why you see the traffic from the router.
I'm not familiar with DD-WRT so I coiuld be off here but I believe that use DNSMasq for DNS should not be ticked? You may also want to populate local DNS as the PI's address? Again, not familiar with it.
I did some general searches in the forum and there are a few previous posts on setting up pihole with dd-wrt that may help as well.
I'll give that a try. I was wondering if the pihole IP should be in static section below or in local DNS above.
Its in the DHCP Sections so I would think its ok.
Not sure if this link will help but it might. It runs through DD-WRT but its also a little dated.
I disabled dnsmasq and moved the pihole to local DNS. It didn't initially make any difference. However, after a few minutes more of tinkering (no changes though), domains were blocking. I added netflix.com to the list and it blocked immediately. I disabled and tried and it went through immediately. I don't understand why but it's now working as I expected (I think). I'll monitor this for a bit longer to confirm functionality.
I intend to run pihole through a Docker container on my Synology NAS in the end. Are there any users here that would be familiar with that setup? Now that PiHole is working on the RPI I may be able to migrate to the docker setup on the RPi and then hopefully to the Synology.
I'm sure there are. Alot of people use Docker etc. My home network is dirt simple. One Day I may give Docker a shot just to get familiar with it.
That link suggests DNSmasq is a good thing here. So perhaps turning it off wasn't the issue so much as restarting the router to force a renew of the DHCP lease.
Ok, so now it's looking more like the issue is that the laptop is caching the DNS entry and not even requesting it. If I run ipconfig /release and then ipconfig /renew it will perform the expected action (filter or not) based on what is in pihole at the time.
It's either Windows caching or Firefox. I found the dns cache in Firefox and when netflix goes through it has a bunch of IP addresses. After those are gone (probably through a TTL setting I can't see) the page doesn't load and I see a blacklist entry in the query log. It certainly appears the setting is working as expected it's just being masked by DNS caching somewhere.
It appears I know enough about this topic to move forward. Thanks!
1 Like
Awesome. Good Luck.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.