I did try to setup Pi-hole + Openvpn, but when I select "Listen on all interfaces, permit all origins" in the admin interface and reboot my pi all or DNS is gone on pc! My VPN working fine. And it works fine if I'm not using the pi-hole as DNS server
I can fine ping google.dk from my pi-hole (SSH console)
ping google.dk
PING google.dk (172.217.20.99) 56(84) bytes of data.
64 bytes from fra02s28-in-f3.1e100.net (172.217.20.99): icmp_seq=1 ttl=52 time=20.8 ms
64 bytes from fra02s28-in-f3.1e100.net (172.217.20.99): icmp_seq=2 ttl=52 time=21.6 ms
64 bytes from fra02s28-in-f3.1e100.net (172.217.20.99): icmp_seq=3 ttl=52 time=21.1 ms
64 bytes from fra02s28-in-f3.1e100.net (172.217.20.99): icmp_seq=4 ttl=52 time=22.0 ms
But on my pc, when i using pi-hole as dns server i get this when i try to ping google.dk
Ping request could not find host google.dk. Please check the name and try again.
But if i ping google ip its working fine
C:\Users\msn>ping 172.217.20.99
Pinging 172.217.20.99 with 32 bytes of data:
Reply from 172.217.20.99: bytes=32 time=24ms TTL=52
Reply from 172.217.20.99: bytes=32 time=22ms TTL=52
Reply from 172.217.20.99: bytes=32 time=22ms TTL=52
Reply from 172.217.20.99: bytes=32 time=22ms TTL=52
Looks like there are some misconfigurations in the network setup:
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the tun0 interface:
10.8.0.1/24 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
[✓] IPv6 address(es) bound to the tun0 interface:
fe80::4c14:3e85:22f5:62bf does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.
The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.
[i] Default IPv4 gateway: 192.168.1.254
* Pinging 192.168.1.254...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)
[i] Default IPv6 gateway: fe80::1
* Pinging fe80::1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)
Have a look at the linked URLs and let us know if they aren't able to fix the issue.
[quote="DanSchaper, post topic:7028, full:true"]
Looks like there are some misconfigurations in the network setup:
Hi,
if I run
it finds the correct network gateway.
ip -4 route | grep default | cut -d ' ' -f 3
I get
192.168.1.254
Can I fine ping the gateway from the pi
pi@Pi-Hole-Server1:~ $ ping 192.168.1.254
PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data.
64 bytes from 192.168.1.254: icmp_seq=1 ttl=64 time=0.951 ms
64 bytes from 192.168.1.254: icmp_seq=2 ttl=64 time=0.766 ms
64 bytes from 192.168.1.254: icmp_seq=3 ttl=64 time=0.746 ms
64 bytes from 192.168.1.254: icmp_seq=4 ttl=64 time=0.790 ms
I have disabled ipv6 by going to "/boot/cmdline.txt" and entered "ipv6.disable=1"
Here are my network config:
A sample configuration for dhcpcd.
See dhcpcd.conf(5) for details.
Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel
Inform the DHCP server of our hostname for DDNS.
hostname
Use the hardware address of the interface for the Client ID.
clientid
or
Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
Some non-RFC compliant DHCP servers do not reply with this set.
In this case, comment out duid and enable clientid above.
#duid
Persist interface configuration when dhcpcd exits.
persistent
Rapid commit support.
Safe to enable by default because it requires the equivalent option set
on the server to actually work.
option rapid_commit
A list of options to request from the DHCP server.
pi@Pi-Hole-Server1:~ $ sudo systemctl restart dnsmasq
pi@Pi-Hole-Server1:~ $ sudo systemctl status dnsmasq
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2018-02-07 10:12:56 CET; 3s ago
Process: 2886 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS)
Process: 2944 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
Process: 2935 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
Process: 2932 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 2943 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─2943 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service
Feb 07 10:12:55 Pi-Hole-Server1 systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Feb 07 10:12:55 Pi-Hole-Server1 dnsmasq[2932]: dnsmasq: syntax check OK.
Feb 07 10:12:56 Pi-Hole-Server1 systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Here are the config 1-> /etc/dnsmasq.d/01-pihole.conf
Seems DNSMASQ only has tun0 as interface
You can only use the Interface statement once in all conf.files
While your pc tries to find dns server on 192.168.1.121
Try to add eth0 in your 02 conf and test.
Another test is to remove the exept-interface from the 01 conf
Welcome.
If you do not need the VPN or tunnel, its probably best to take a fresh rasp image and use the default pihole setup.
Setup your raspberry first with a fixed ip4 address. Or program your dhcp server (your router..?) to assign the same ip always (192.168.1.121) to your raspberry.
Update the pi's os.:
sudo apt-get update
sudo apt-get upgrade
Then do a fresh pihole install with the bash found command on the frontpage of pihole.
If you have a normal house setup, you probably do not need the tunnel.
If your isp supports native ipv6 and your router sends out a ip6 network config, please be aware IPv6 is used first for DNS lookups. (And so bypassing ipv4 dns pihole filter)
In that case you need to configure your router to send out the ipv6 address of your pihole as ipv6 dns server or not send any DNS ipv6 information.
Not all routers can do that. Might need to look for a button called advanced view or something on your router.
Pihole will tell ipv6 info (DNS lookup) to your clients as well. So you do not need a separate ipv6 DNS server.