ERR_NAME_NOT_RESOLVED + CSS Issues after Update to Pihole 5.0

StarGeneral · June 10, 2020, 3:30pm

Hello,

Since i updated to PiHole 5.0, i am facing some strange name resolution issues, which only occur on a few website, mostly paypal.de.

The logs display nothing suspicious. Allowing all advertising-domains on the sites do not change anything. The problem didn't exist before 5.0.

Expected Behaviour:

Sites like paypal.de should be reachable on first try.

OS: Ubuntu 20.04 x64
i3-8100 / 8GB RAM
DNS-Servers: Tried Cloudflare and Quad9
Pihole-Version v5.0, Web Interface Version v5.0, FTL Version v5.0

Actual Behaviour:

When i try to access e.g. Paypal.de, i get a ERR_NAME_NOT_RESOLVED in my browser, after refreshing the page some times it will load a version which looks like its CSS is broken (issues in displaying graphics and text). When i try to reload a few times again, at some point, the site will load like expected.

I already clean installed Pihole on a also clean installed Ubuntu OS without any change.

Moreover, i already tried:

Updated gravity
flushed DNS and browser-caches on clients
tried different browsers

Debug Token:

Unfortunately, i get a 403 Invalid Account when trying to upload the log-file, even though i authorized pihole to access my github? Is there any other way?

I would appreciate any suggestions where to dig deeper on this problem.
Thank you very much in advance for your help and your time!

DanSchaper · June 10, 2020, 4:07pm

pihole -d will upload the log for you. The actual tricorder website is locked down to developers and support staff only.

StarGeneral · June 10, 2020, 4:11pm

Thank you for your answer. Unfortunately, i get a message that there was an error while uploading the log-file. What can i do about that?

DanSchaper · June 10, 2020, 4:16pm

You can send me the file in a DM, or copy the contents there. I'll post it as a hidden message so the support team can see it as well.

StarGeneral · June 10, 2020, 4:29pm

I just sent you a DM with the content of the debug log. Thank you very much for your help!

DanSchaper · June 10, 2020, 4:31pm

Thanks,

Everything looks fine in the debug log. What Operating System is the client, and what browser? Does this happen with different browsers or different operating systems if you are able to check?

StarGeneral · June 10, 2020, 4:38pm

The client is using Windows 10 and the recent Chrome version. It is also happening on Edge and on Android devices as well, so it does not seem to be browser-specific.

As it is perfectly reproduceable, i made some Screenshots of what is happening (click to enlarge):

ERR_NAME_NOT_RESOLVED

< hit F5 some times >

Broken CSS:

< hit F5 some times >

All fine:

DanSchaper · June 10, 2020, 5:05pm

On the Windows box, run ipconfig /all and check for what is listed as the DNS Servers. There should only be the Pi-hole IP address.

StarGeneral · June 10, 2020, 8:33pm

Thank you for your further assistance.

I checked that and i could verify that the IP address listed is the IP of the pihole-machine.
What i am wondering about is why this is happening on such a few sites only? At the moment, i am just aware of two sites (paypal.de + Bild.de), all other sites are running well...

jfb · June 10, 2020, 8:35pm

from the client computer, what is the output of the following:

nslookup paypal.de
nslookup bild.de

Then compare this to the lookup from a different DNS server than you are using (assuming you aren't using Quad 9 as an upstream resolver):

nslookup paypal.de 9.9.9.9
nslookup bild.de 9.9.9.9

StarGeneral · June 10, 2020, 8:44pm

Thank you for your time and your help.

The results are identical, the only difference is that the two resulting addresses are delivered in another order (.39 first instead of .38).

C:\Users\User>nslookup paypal.de
Server: pihole
Address: xxx.xxx.xxx.xxx

Nicht autorisierende Antwort:
Name: paypal.de
Addresses: 64.4.250.38
64.4.250.39

C:\Users\User>nslookup paypal.de 8.8.8.8
Server: dns.google
Address: 8.8.8.8

Nicht autorisierende Antwort:
Name: paypal.de
Addresses: 64.4.250.39
64.4.250.38

jfb · June 10, 2020, 8:57pm

This indicates that Pi-hole is not blocking these domains. If there is additional content being requested that is not loading, these tools can help you determine why your requested content will not load:

StarGeneral · June 10, 2020, 8:59pm

Thank you very much, i will have a look into this and check if i can find the cause for this problem.

StarGeneral · June 11, 2020, 7:45pm

As is did more investigation today, i think the cause for the trouble is DNSSEC. As another device acts as a DNS-Forwarder in my network and both devices (firewall + pihole) had DNSSEC activated, some sites ran into trouble.

I changed that today (eliminated the firewall-device out of the DHCP-DNS and changed it to directly point at the pihole-machine) and there were no more errors until now. It is too early to draw conclusions, but i think this was the cause.

What remains strange is that the issue occured after the pihole-update to 5.0, before that issue never occured. Probably the way pihole handles DNSSEC changed with this update?

DanSchaper · June 11, 2020, 7:51pm

Pi-hole v5.0 includes a number of fixes related to DNSSEC in dnsmasq v.2.81.

system · July 2, 2020, 7:51pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.