Everything seems to be fine but dns queries don't go through pi-hole

enapupe · February 25, 2018, 3:10pm

Expected Behaviour:

Perform DNS queries on pi-hole

Actual Behaviour:

Performing queries on my ISP delegated DNSs

Debug Token:

dcwv6mxkvi

As you can see, my raspberry (pihole) is the first delegated DNS ip:

But somehow when I run nslookup it uses another dns provider:

➜  ~ nslookup google.com
Server:		2804:7f4:2002:1005::98
Address:	2804:7f4:2002:1005::98#53

Non-authoritative answer:
Name:	google.com
Address: 172.217.30.78

ANd here you can see it works, but calls don't go through it

➜  ~ nslookup google.com 192.168.0.200
Server:		192.168.0.200
Address:	192.168.0.200#53

DanSchaper · February 25, 2018, 3:25pm

enapupe · February 25, 2018, 3:35pm

I understand, and that's exactly what I'm trying to accomplish: have pi-hole as the only delegated dns.
I'm not delegating any others:

enapupe · February 25, 2018, 3:36pm

Maybe I'll have to use pi-hole own DHCP service.. Because i can't force it to be the only available dns provider

jacob.salmela · February 26, 2018, 12:25am

Use

scutil --dns

and that will show the true order of your resolvers. The GUI is often misleading despite it being set properly. In addition, you probably want to have only the Pi-hole set as your DNS, per the link @DanSchaper provided.

enapupe · February 26, 2018, 12:27am

You are correct:

➜  ~ scutil --dns
DNS configuration

resolver #1
  search domain[0] : dlinkrouter
  nameserver[0] : fe80::3657:60ff:fe4b:12e0%en0
  nameserver[1] : 2804:7f4:2002:1005::98
  nameserver[2] : 2804:7f4:2002:1005::99
  nameserver[3] : 192.168.0.200
  if_index : 4 (en0)
  flags    : Request A records, Request AAAA records
  reach    : Reachable, Directly Reachable Address

But I don't know how to force pi-hole to be the first/only in that list.

jacob.salmela · February 26, 2018, 12:30am

Yep, so your Pi-hole (192.168.0.200) is actually the last resolver to be queried. Setting it as the only available resolver should fix the issue and force all queries to go through the Pi-hole.

enapupe · February 26, 2018, 12:33am

Thanks!
Yes, I got that.. I just have no idea how to do it.. maybe it's out of reach?

jacob.salmela · February 26, 2018, 12:33am

From the GUI in your screenshot, you need to highlight the other DNS servers and click the minus sign to remove them.

enapupe · February 26, 2018, 12:38am

Actually they are auto-assigned, I haven't added them.
I can only do that if I manually configure the dns providers, which misses the point of having pi-hole..

enapupe · February 26, 2018, 12:55am

Right after connecting to the WIFI, I get the following output:

DNS configuration (for scoped queries)

resolver #1
  search domain[0] : dlinkrouter
  nameserver[0] : 192.168.0.200
  if_index : 4 (en0)
  flags    : Scoped, Request A records
  reach    : Reachable, Directly Reachable Address

But after a while the other resolvers are automatically added..

enapupe · February 26, 2018, 1:40am

After some more tweaking with both routers in the network I was able to set pi-hole as the only resolver. Everything seems to be perfect now.

system · March 19, 2018, 1:40am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.