Hi,
I configured a raspberry pie to:
Still, I have websites that do not load. Strangely enough, this happens on iOS devices (Safari and Edge browser)in the network. The same pages appear to load on Windows PCs (with all browsers).
Sites that fail to load on iOS:
Hey Markus,
A couple things to try:
Set your firewall rules to 'reject', not 'drop'. The difference is, 'reject' tells your browser "nothing to see here, move along", versus 'drop' which silently ignores the request, leaving your browser to wait for time-out.
Log into your pi-hole server, under the 'tools' menu, click 'query adlists' and check to see if those URLs are in your database. If your phone is trying to connect to the https site (opposed to plain http), you will get only a blank page instead of "website blocked" warning.
Hi Rick,
thanks for the tips. I'm walking on thin ice in regards to my Linux firewall knowledge but I did everything it says here:Why Some Pages Load Slow When Using Pi-hole And How To Fix It (for versions < v4.0) - Pi-hole
So, reject, not drop.
When I try to open the page on my iPhone the browser just sits there. When I check under "query log" I don't the domain (https www.fark.com) at all. I see a bunch of windows this, skype that, but nothing that I would associate with the site.
Under "query adlists" I see two entries:
ads.fark.com
php.fark.com
5 minutes later and the site is finally up. query log shows a bunch of queries for fark.com via ip4 and ip6 that have gone through okay.
I don't know what else to do?
I just tried www.fark.com on my iPhone, and it came up instantly.
I have a bunch of extra block-lists in my pi.hole. However, I am rejecting all IPv6 traffic, not sure if that's making a difference in this case or not.
Maybe this is just a case of the iPhone's browser cache needing to be cleared???
-- Go to Settings > Safari > scroll down and tap "clear history and website data".
No luck on my side. Site still takes forever on Safari and Edge browser on iOS. The site does work on my PC immediately.
I should add: on iOS the site resolves to
Anyone else wants to take a stab at helping me analyze the source of this issue?
The slow load (up to 5mins) doesnt happen on all https sites. It also happens on some regular http sites.
www.spiegel.de
I'd be happy to pull some more config data together for analysis. But I dont even know what to look at.
Doublecheck that the iOS devices are using only Pi-hole DNS servers in their settings.
Thanks. The devices have the right DHCP (my router) and the right DNS address (raspberry).
I ended up turning IPV6 off on the router and now everything works fine on all devices. Not sure what that means. Where did I misconfigure and why are only some devices acting up?
Run pihole -d for a debug token. Some routers don't actually stop broadcasting their own IP in the IPv6 DNS information encoded in DHCPv6.
Debug token is sx8yy6uxf8
The issue appears to be the IPV6 address. It changed from what I had it set.
Just checking in here. I haven't been able to reproduce this.
Since you mentioned
You'll probably want to look into this:
Too bad a real solution hasn't been found yet. I am having the exact same issue.
iPhone (iOS 11.2.6). @markus i tried spiegel.de but it takes ages to load on my iPhone. I am not German, but found that heise.de is about the same story. I often use nu.nl (Dutch news website) and it works, but also keeps on loading something for ages.
I have the iptables rules in place. On my laptop (also configured to use Pi-hole) the website spiegel.de is working fine. I really think it is something in iOS that is messing things up.... but what?
I also posted my question on Reddit: https://www.reddit.com/r/pihole/comments/87liyo/some_sites_hangkeep_loading_on_iphone_https_issue/
This loads just fine for me. I do have the iptables and ip6tables rules in place, though, which may make a difference.
I also grabbed an Android phone to test with, and it also had issues on loading those example sites.
So now i'm not 100% sure if it is totally iOS related.
I will spin up a new VM and do a clean install of Pi-hole, without any custom blocklists and will also not do the iptables stuff. I will let you know the result of this on iPhone and Android.
So, I got a new Raspberry B+ and set up the device from scratch, only IP4. Everything is working fine incl iOS and Android devices.
This weekend I will take the time to turn on IPv6 and see if I can get it to work.
No iptables rules or custom blocklists added?
And do you have a IPv6-capable provider (http://ipv6-test.com/)? I don't have IPv6.
I found the issue. I only had allowed port 53 from my LAN to the Pi-hole VM in my firewall. Not 443 and 80.
So Pi-hole received the DNS-request, but was never able to reply on 80/443! It worked on my laptop because it was matched in a different rule (which allowed more ports).
After correcting this it now works very fast, even with a completely default Pi-hole (no iptables or whatsoever, default lists).
Are the iptables rules still needed?
My provider supports IPv6. Different than described my ULA prefix starts with fd00.
What is unclear to me:
How do I tell the router to hand out a fix IPV6 address to the pihole?
There seems to be no way to configure my router to do DHCP but not DNS with IPv6.