[fixed] Pi-Hole newbie with DNS issues

Bucking_Horn · February 6, 2020, 1:08am

Single G/W yes, single default route - not necessarily.
I think what we see is the result of a standard RPi config.

AFIAA, you can have two default routes, as long as they are attached to different interfaces and have different metrics attached.
The system would then default to the route with the higher metrics:

So in C64's setup, it would prefer wifi over lan routing, still with the same g/w.
EDIT: That way, route to g/w would stay operative even if WiFi would fail for some reason.

@C64: Feel free to ignore these tech mumblings, it's just some blokes getting carried away, brushing up their respective body of knowledge

deHakkelaar · February 6, 2020, 1:10am

Yeah metrics decides I realize.
But dont think the debugger can cope with two default routes @devs ???

EDIT: Looks like this bit goes south:

github.com

pi-hole/pi-hole/blob/1d43c0a2fa36ddc993db51b1751e26cbc8123fbf/advanced/Scripts/piholeDebug.sh#L613


gateway="$(ip -"${protocol}" route | grep default | cut -d ' ' -f 3)"
# If the gateway variable has a value (meaning a gateway was found),
if [[ -n "${gateway}" ]]; then
    log_write "${INFO} Default IPv${protocol} gateway: ${gateway}"
    # Let the user know we will ping the gateway for a response
    log_write "   * Pinging ${gateway}..."
    # Try to quietly ping the gateway 3 times, with a timeout of 3 seconds, using numeric output only,
    # on the pihole interface, and tail the last three lines of the output
    # If pinging the gateway is not successful,
    if ! ${cmd} -c 1 -W 2 -n "${gateway}" -I "${PIHOLE_INTERFACE}" >/dev/null; then
        # let the user know
        log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\\n"
        # and return an error code
        return 1
    # Otherwise,
    else
        # show a success
        log_write "${TICK} ${COL_GREEN}Gateway responded.${COL_NC}"
        # and return a success code
        return 0

C64 · February 6, 2020, 1:11am

After disabling WiFi, not anymore:

default via 192.168.1.1 dev eth0 src 192.168.1.200 metric 202
192.168.1.0/24 dev eth0 proto dhcp scope link src 192.168.1.200 metric 202

Bucking_Horn · February 6, 2020, 1:16am

Ah, so @deHakkelaar may be right and the failed g/w ping is a result of two default routes!

If you enable IPv6 support, yes.

Otherwise, it wouldn't affect functionality - but Pi-hole populates it's UI partially based on setupVars.conf, and I think it would display a potentially wrong IPv6 address if you'd leave it.

C64 · February 6, 2020, 1:30am

Thank you, @Bucking_Horn, after adding the IPv6, it shows up in green.
Is this

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] www.new19year.000webhostapp.com is :: via localhost (::1)
[✓] www.new19year.000webhostapp.com is :: via Pi-hole (fe80::9edd:b635:2879:d87e)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

… expected behaviour? From what I understand, failing to resolve doubleclick proves blocking to work fine.

deHakkelaar · February 6, 2020, 1:37am

If your ISP doesnt provide you with IPv6 support, its of little use to have your LAN support IPv6 as well.
It only complicates matters.
The debugger failing to resolve via public DNS is expected if no IPv6 support upstream.

https://ipv6-test.com/

I would disable everything IPv6 related on router and Pi-hole.

C64 · February 6, 2020, 1:45am

I see IPv6 isn't supported by my ISP, thanks for clarifying @deHakkelaar. IPv6 now is disabled.

I guess I made it now, only thanks to all of your patience and wisdom, helping me walk through this dense forest of options. @deHakkelaar @Bucking_Horn

Good night!

C64 · February 6, 2020, 11:13am

Sadly, the fun lasted only a few hours, I can't access WAN anymore. Clients receive their IPs and correct local DNS server address, http://pi-hole/admin is accessible, but ultimately all clients fail to connect to the internet.

My setup:

Cable Modem, IP address 192.168.0.1, serving DHCPv4 and DHCPv6 to the Asus RT-AC68U. The Cable Modem currently assigned 192.168.0.31/24 to the router.
Asus RT-AC68U router, sees WAN connection active. Router’s DHCP server is deactivated.
Pi-Hole, static IP 192.168.1.200. Clients can connect and properly see Pi-Hole as DNS server.

I‘ve rebooted Cable Mode, Router and Pi-Hole, alas, no client can connect to a website. Something has changed over night, like an IP address or so, a new may have been given, and things got broken.

What do I miss here?

Bucking_Horn · February 6, 2020, 1:10pm

Instant research hit here on the forums:

Your router may cause this if it tries to verify internet connectivity via DNS Probe, as described in Seems to block everything after a few hours - #18 by xelemorf (currently the very last post by xelemorf in there).

I will be off soon for a long weekend, so I won't be able to assist you much longer.

In the meantime, try searching the forums for your router model, or alert a mod or some of the guys from yesterday by @ing them

deHakkelaar · February 6, 2020, 3:50pm

IP failing or DNS failing ?
For IP try run a traceroute from clients and Pi-hole eg:

pi@noads:~ $ traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  10.0.0.1  0.708 ms  0.534 ms  0.562 ms
 2  192.168.1.1  0.880 ms  0.749 ms  0.858 ms
 3  62.58.240.1  8.086 ms  8.428 ms  8.238 ms
 4  212.53.25.201  8.476 ms  8.175 ms  8.302 ms
 5  212.53.25.193  8.525 ms  8.404 ms  8.356 ms
 6  212.151.190.0  8.781 ms  9.217 ms  9.648 ms
 7  72.14.223.246  9.334 ms  9.037 ms  8.738 ms
 8  * * *
 9  8.8.8.8  8.393 ms  8.417 ms  8.577 ms

For Windows, you have the tracert tool eg.:

tracert -d 8.8.8.8

For troubleshooting DNS, use the nslookup tool on clients as well as on Pi-hole eg:

nslookup pi-hole.net

nslookup pi-hole.net 192.168.1.200

nslookup pi-hole.net 192.168.1.1

nslookup pi-hole.net 8.8.8.8

C64 · February 6, 2020, 5:36pm

Internet Detection options PPP Echo or DNS probe are only available when selecting a WAN connection type enforcing Authentication. As per my ISP, there is no authentication (WAN connection type is Automatic IP, I'm on cable internet). Unless I'm wrong, I cannot choose a method of Internet Detection as per your suggestion.

From my understanding, DNS, but heck do I know …

on Pi-hole:

traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 192.168.1.1 0.314 ms 0.348 ms 0.322 ms
2 192.168.0.1 1.873 ms 2.760 ms 4.109 ms
3 * * *
4 84.116.190.37 39.798 ms 40.150 ms 40.438 ms
5 84.116.197.245 56.217 ms 55.762 ms 56.337 ms
6 84.116.133.118 48.099 ms 47.996 ms 56.091 ms
7 72.14.195.116 56.283 ms 55.948 ms 55.229 ms
8 * * *
9 8.8.8.8 31.630 ms 25.633 ms 25.672 ms

nslookup pi-hole.net
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21
Name: pi-hole.net
Address: 2604:a880:400:d0::1071:1

nslookup pi-hole.net 192.168.1.200
Server: 192.168.1.200
Address: 192.168.1.200#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21
Name: pi-hole.net
Address: 2604:a880:400:d0::1071:1

nslookup pi-hole.net 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21
Name: pi-hole.net
Address: 2604:a880:400:d0::1071:1

nslookup pi-hole.net 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21
Name: pi-hole.net
Address: 2604:a880:400:d0::1071:1

on an OS X client:

traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 *^C

nslookup pi-hole.net
Server: 192.168.1.200
Address: 192.168.1.200#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21

nslookup pi-hole.net 192.168.1.200
Server: 192.168.1.200
Address: 192.168.1.200#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21

nslookup pi-hole.net 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: pi-hole.net
Address: 206.189.252.21

nslookup pi-hole.net 8.8.8.8
;; connection timed out; no servers could be reached

In the meantime, I've installed Asuswrt-Merlin on the RT-AC68U, and reverted the router to serve DHCP again, and Pi-hole to a static IP client. I could access the Internet again, but it wouldn't adblock as much as it should (had). Asuswrt-Merlin luckily has an option to set "Advertise router's IP in addition to user-specified DNS", which is now off.

I have no preference over Pi-hole or the router being the DHCP server, I only need a reliable setup

deHakkelaar · February 6, 2020, 5:56pm

If that traceroute on the OS X client is from after the switch to Asuswrt-Merlin, you must have configured something wrong or different compared to the old setup.
From the traceroute, it looks like that OS X client doesnt have a default route/GW.
What does below show you now on Pi-hole:

sudo nmap -sU -p67 --script dhcp-discover 192.168.1.1

C64 · February 6, 2020, 6:13pm

sudo nmap -sU -p67 --script dhcp-discover 192.168.1.1
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-06 18:11 GMT
Nmap scan report for 192.168.1.1
Host is up (0.00026s latency).

PORT STATE SERVICE
67/udp open dhcps
| dhcp-discover:
| DHCP Message Type: DHCPACK
| Server Identifier: 192.168.1.1
| Subnet Mask: 255.255.255.0
| Broadcast Address: 192.168.1.255
| Hostname: pi-lan
| WPAD:
|
| NetBIOS Name Server: 192.168.1.1
| Domain Name: horst
| Domain Name Server: 192.168.1.200
|_ Router: 192.168.1.1
MAC Address: 54:A0:50:D8:23:E8 (Asustek Computer)

Nmap done: 1 IP address (1 host up) scanned in 1.57 seconds

deHakkelaar · February 6, 2020, 6:19pm

nmap looks good and only one DNS server this time 192.168.1.200.
Do you have issues with all your clients or just this one OS X client ?
Have you renewed the DHCP lease on that OS X client after the Merlin switch ?
Gateway set manually on that OS X client by mistake maybe ?
Does below work on that OS X client displaying routes ?

ip r

EDIT: one more for that OS X client:

sudo dhclient -v

C64 · February 6, 2020, 6:53pm

@deHakkelaar

For disambiguation I need your advice on which setup to choose from:
A Pi-hole as DHCP server
B Router as DHCP server

[fixed] Pi-Hole newbie with DNS issues - #43 by C64 reflects B, as A was dysfunctional today.

All clients (A+B).

Whenever I change anything in this setup, I initiate a new DHCP lease afterwards.

Negative.

Neither ip nor dhclient exist on OS X or Macports. Are there OS X alternatives I can try?

deHakkelaar · February 6, 2020, 7:09pm

Doesnt matter really but a little bit more work if set router to do DHCP.
Only the router gets to know the client hostnames through the DHCP process/renewal:

Surely must be but am not familiar with OS X.
Only thing I can say is the nmap output looks rock solid so something else is messing up routes on the clients:

No other DHCP servers active ?

sudo nmap --script broadcast-dhcp-discover

ikifar2012 · February 6, 2020, 8:36pm

Wait so your cable modem gave your router a WAN address of

this would mean you are running a double NAT setup which is never good but shouldn't impact just pihole your whole network would have issues such as high ping and slow speeds. I strongly recommenced putting your modem in bridge mode if its not already

C64 · February 6, 2020, 9:32pm

Your comment made me remember that the Cable Modem has had its DHCPv4 and DHCPv6 server option active. Suspecting this to be a problem, the Cable Modem DHCPv4 server is now turned off. I can't turn off the Cable Modem DHCPv6 server tho.

Trying to isolate the problem, I've set the Asus router from Router mode to AccessPoint mode. That didn't help, so both Pi and my OS X client are now directly connected to the Cable Modem, assuming that I need to get that working first, before I can connect the Asus router (AccessPoint mode) to the Cable Modem.

Options on the Cable Modem are very limited The next best thing I could think of was to disable the Cable Modem DHCPv4 server, as this is what the Pi should do. Not sure tho what to do with the Cable Modem DHCPv6 server, only its autoconfiguration type can be switched between stateful and stateless. Which would be better?

Because IPv6 is now served by the Cable Modem, and recognized by Pi and OS X client, I've enabled IPv6 support (SLAAC + RA) on the Pi.

IPs:
Cable Modem 192.168.0.1
Pi-hole 192.168.0.2/24

Still not getting a connection to the Internet .

Please find a current debug log here:

This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2020-02-06:21:03:13 debug log has been initialized.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v4.3.2 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v4.3.2-0-ge41c4b5

*** [ DIAGNOSING ]: Web version
[i] Web: v4.3.2 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v4.3.2-0-g38d8e77

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v4.3.1 (How do I update Pi-hole?)

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.53

*** [ DIAGNOSING ]: php version
[i] 7.3.11

*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 10 (buster)

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
[✓] armv7l

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.0.2/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
2a02:908:1a7:5a0:cdd3:45ae:247e:2698 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
2a02:908:1a7:5a0:1ae6:9158:b8dd:d6fe matches the IP found in /etc/pihole/setupVars.conf
fe80::9edd:b635:2879:d87e does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.1.1

Pinging 192.168.1.1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)

[i] Default IPv6 gateway: fe80::ae22:5ff:fe49:b40e

Pinging fe80::ae22:5ff:fe49:b40e...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)

*** [ DIAGNOSING ]: Ports in use
[:80] is in use by lighttpd
[:80] is in use by lighttpd
:22 sshd (IPv4)
:22 sshd (IPv6)
[:53] is in use by pihole-FTL
[:53] is in use by pihole-FTL
[127.0.0.1:4711] is in use by pihole-FTL
[[::1]:4711] is in use by pihole-FTL

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] ing-be.helpbe.profielweb.pw is 0.0.0.0 via localhost (127.0.0.1)
[✓] ing-be.helpbe.profielweb.pw is 0.0.0.0 via Pi-hole (192.168.0.2)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] adultgaypersonals.com is :: via localhost (::1)
[✓] adultgaypersonals.com is :: via Pi-hole (2a02:908:1a7:5a0:1ae6:9158:b8dd:d6fe)
[✓] doubleclick.com is 2a00:1450:4001:81e::200e via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
BLOCKING_ENABLED=true
DNSMASQ_LISTENING=single
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
CONDITIONAL_FORWARDING=false
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.0.2/24
IPV6_ADDRESS=2a02:908:1a7:5a0:1ae6:9158:b8dd:d6fe
PIHOLE_DNS_1=9.9.9.10
PIHOLE_DNS_2=149.112.112.10
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
DHCP_ACTIVE=true
DHCP_START=192.168.0.100
DHCP_END=192.168.0.251
DHCP_ROUTER=192.168.0.2
DHCP_LEASETIME=168
PIHOLE_DOMAIN=pi-lan
DHCP_IPv6=true
DHCP_rapid_commit=false

*** [ DIAGNOSING ]: Dashboard and block page
[✗] Block page X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 200 OK
Content-type: text/html; charset=UTF-8
Date: Thu, 06 Feb 2020 21:04:53 GMT
Server: lighttpd/1.4.53

[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 20007005 Feb 6 00:08 /etc/pihole/gravity.list
-----head of gravity.list------
-rotation.de
-sso.anbtr.com
-traffic.com
0-07.ru

-----tail of gravity.list------
zzzzz.survivcord.hop.clickbank.net
zzzzz.vertigodiz.hop.clickbank.net
zzzzz.writing777.hop.clickbank.net
zzzzzqp.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 root root 48 Feb 6 00:08 /etc/pihole/local.list
192.168.1.200 raspberrypi
192.168.1.200 pi.hole

-rw-r--r-- 1 root root 234 Feb 6 19:46 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1545 Feb 6 20:49 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=9.9.9.10
server=149.112.112.10
domain-needed
bogus-priv
interface=eth0
dhcp-name-match=set:hostname-ignore,wpad
dhcp-name-match=set:hostname-ignore,localhost
dhcp-ignore-names=tag:hostname-ignore

-rw-r--r-- 1 root root 623 Feb 6 20:49 /etc/dnsmasq.d/02-pihole-dhcp.conf
dhcp-authoritative
dhcp-range=192.168.0.100,192.168.0.251,168h
dhcp-option=option:router,192.168.0.2
dhcp-leasefile=/etc/pihole/dhcp.leases
domain=pi-lan
dhcp-option=option6:dns-server,[::]
dhcp-range=::100,::1ff,constructor:eth0,ra-names,slaac,168h
ra-param=*,0,0

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3499 Feb 6 19:46 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
mimetype.assign = ( ".png" => "image/png",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".html" => "text/html",
".css" => "text/css; charset=utf-8",
".js" => "application/javascript",
".json" => "application/json",
".txt" => "text/plain",
".svg" => "image/svg+xml" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include "%p"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {

   setenv.add-response-header = (
       "X-Pi-hole" => "The Pi-hole Web interface is working!",
       "X-Frame-Options" => "DENY"
   )
   $HTTP["url"] =~ ".ttf$" {
       
       setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
   }

}
$HTTP["url"] =~ "^/admin/.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1704 Feb 6 19:46 /etc/cron.d/pihole
51 3 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
20 18 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 11628 Feb 6 20:18 /var/log/lighttpd/error.log
2020-02-05 00:49:04: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 00:49:28: (server.c.2059) server stopped by UID = 0 PID = 1
2020-02-05 00:49:29: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 00:49:29: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 00:54:14: (server.c.2059) server stopped by UID = 0 PID = 1
2020-02-05 00:54:21: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 00:54:21: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:17:05: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:17:05: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:17:05: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:17:05: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:32:16: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:32:16: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:32:16: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:32:16: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:55:11: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:55:11: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 01:55:11: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 01:55:11: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 10:14:32: (server.c.2059) server stopped by UID = 0 PID = 1
2020-02-05 10:14:39: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 10:14:39: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
2020-02-05 10:42:46: (server.c.2059) server stopped by UID = 0 PID = 1
2020-02-05 10:42:53: (server.c.1464) server started (lighttpd/1.4.53)
2020-02-05 10:42:53: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 143023 Feb 6 20:56 /var/log/pihole-FTL.log
-----head of pihole-FTL.log------
[2020-02-06 09:30:15.422 9024] Shutting down...
[2020-02-06 09:30:15.423 9024] Finished final database update
[2020-02-06 09:30:15.424 9024] ########## FTL terminated after 28252552.0 ms! ##########
[2020-02-06 09:30:15.690 13953] Using log file /var/log/pihole-FTL.log
[2020-02-06 09:30:15.690 13953] ########## FTL started! ##########
[2020-02-06 09:30:15.690 13953] FTL branch: master
[2020-02-06 09:30:15.690 13953] FTL version: v4.3.1
[2020-02-06 09:30:15.690 13953] FTL commit: b60d63f
[2020-02-06 09:30:15.690 13953] FTL date: 2019-05-25 21:37:26 +0200
[2020-02-06 09:30:15.690 13953] FTL user: pihole
[2020-02-06 09:30:15.690 13953] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2020-02-06 09:30:15.690 13953] SOCKET_LISTENING: only local
[2020-02-06 09:30:15.690 13953] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2020-02-06 09:30:15.690 13953] MAXDBDAYS: max age for stored queries is 365 days
[2020-02-06 09:30:15.690 13953] RESOLVE_IPV6: Resolve IPv6 addresses
[2020-02-06 09:30:15.690 13953] RESOLVE_IPV4: Resolve IPv4 addresses
[2020-02-06 09:30:15.690 13953] DBINTERVAL: saving to DB file every minute
[2020-02-06 09:30:15.690 13953] DBFILE: Using /etc/pihole/pihole-FTL.db
[2020-02-06 09:30:15.690 13953] MAXLOGAGE: Importing up to 24.0 hours of log data
[2020-02-06 09:30:15.690 13953] PRIVACYLEVEL: Set to 0
[2020-02-06 09:30:15.691 13953] IGNORE_LOCALHOST: Show queries from localhost
[2020-02-06 09:30:15.691 13953] BLOCKINGMODE: Null IPs for blocked domains
[2020-02-06 09:30:15.691 13953] ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2020-02-06 09:30:15.691 13953] DBIMPORT: Importing history from database
[2020-02-06 09:30:15.691 13953] PIDFILE: Using /var/run/pihole-FTL.pid
[2020-02-06 09:30:15.691 13953] PORTFILE: Using /var/run/pihole-FTL.port
[2020-02-06 09:30:15.691 13953] SOCKETFILE: Using /var/run/pihole/FTL.sock
[2020-02-06 09:30:15.691 13953] WHITELISTFILE: Using /etc/pihole/whitelist.txt
[2020-02-06 09:30:15.691 13953] BLACKLISTFILE: Using /etc/pihole/black.list
[2020-02-06 09:30:15.691 13953] GRAVITYFILE: Using /etc/pihole/gravity.list
[2020-02-06 09:30:15.691 13953] REGEXLISTFILE: Using /etc/pihole/regex.list
[2020-02-06 09:30:15.691 13953] SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2020-02-06 09:30:15.691 13953] AUDITLISTFILE: Using /etc/pihole/auditlog.list
[2020-02-06 09:30:15.691 13953] MACVENDORDB: Using /etc/pihole/macvendor.db
[2020-02-06 09:30:15.691 13953] PARSE_ARP_CACHE: Active

-----tail of pihole-FTL.log------
[2020-02-06 20:49:31.630 11246] AUDITLISTFILE: Using /etc/pihole/auditlog.list
[2020-02-06 20:49:31.630 11246] MACVENDORDB: Using /etc/pihole/macvendor.db
[2020-02-06 20:49:31.630 11246] PARSE_ARP_CACHE: Active
[2020-02-06 20:49:31.630 11246] Finished config file parsing
[2020-02-06 20:49:31.632 11246] Database version is 3
[2020-02-06 20:49:31.632 11246] Database successfully initialized
[2020-02-06 20:49:31.632 11246] New forward server: 194.150.168.168 (0/512)
[2020-02-06 20:49:31.632 11246] New forward server: 9.9.9.10 (1/512)
[2020-02-06 20:49:31.633 11246] New forward server: 149.112.112.10 (2/512)
[2020-02-06 20:49:31.635 11246] Resizing "/FTL-strings" from 4096 to 8192
[2020-02-06 20:49:31.641 11246] Resizing "/FTL-strings" from 8192 to 12288
[2020-02-06 20:49:31.646 11246] Resizing "/FTL-strings" from 12288 to 16384
[2020-02-06 20:49:31.651 11246] Resizing "/FTL-queries" from 196608 to 393216
[2020-02-06 20:49:31.657 11246] Resizing "/FTL-strings" from 16384 to 20480
[2020-02-06 20:49:31.670 11246] Resizing "/FTL-queries" from 393216 to 589824
[2020-02-06 20:49:31.686 11246] Imported 11699 queries from the long-term database
[2020-02-06 20:49:31.686 11246] -> Total DNS queries: 11699
[2020-02-06 20:49:31.686 11246] -> Cached DNS queries: 994
[2020-02-06 20:49:31.686 11246] -> Forwarded DNS queries: 10147
[2020-02-06 20:49:31.686 11246] -> Exactly blocked DNS queries: 368
[2020-02-06 20:49:31.686 11246] -> Unknown DNS queries: 190
[2020-02-06 20:49:31.686 11246] -> Unique domains: 788
[2020-02-06 20:49:31.687 11246] -> Unique clients: 18
[2020-02-06 20:49:31.687 11246] -> Known forward destinations: 3
[2020-02-06 20:49:31.687 11246] Successfully accessed setupVars.conf
[2020-02-06 20:49:31.692 11248] PID of FTL process: 11248
[2020-02-06 20:49:31.693 11248] Listening on port 4711 for incoming IPv4 telnet connections
[2020-02-06 20:49:31.693 11248] Listening on port 4711 for incoming IPv6 telnet connections
[2020-02-06 20:49:31.693 11248] Listening on Unix socket
[2020-02-06 20:49:31.695 11248] Received SIGHUP, reloading cache
[2020-02-06 20:49:31.695 11248] Blocking status is enabled
[2020-02-06 20:49:31.695 11248] INFO: No whitelist file found
[2020-02-06 20:49:31.695 11248] Compiled 0 Regex filters and 0 whitelisted domains in 0.1 msec (0 errors)
[2020-02-06 20:49:37.129 11248] /etc/pihole/gravity.list: parsed 943712 domains (took 5432.6 ms)
[2020-02-06 20:56:22.164 11248] Resizing "/FTL-queries" from 589824 to 786432

*** [ DIAGNOSING ]: contents of /dev/shm
-rw------- 1 pihole pihole 323584 Feb 6 20:49 /dev/shm/FTL-clients
-rw------- 1 pihole pihole 108 Feb 6 20:49 /dev/shm/FTL-counters
-rw------- 1 pihole pihole 65536 Feb 6 20:49 /dev/shm/FTL-domains
-rw------- 1 pihole pihole 12288 Feb 6 20:49 /dev/shm/FTL-forwarded
-rw------- 1 pihole pihole 28 Feb 6 20:49 /dev/shm/FTL-lock
-rw------- 1 pihole pihole 53248 Feb 6 20:49 /dev/shm/FTL-overTime
-rw------- 1 pihole pihole 786432 Feb 6 20:59 /dev/shm/FTL-queries
-rw------- 1 pihole pihole 12 Feb 6 20:49 /dev/shm/FTL-settings
-rw------- 1 pihole pihole 20480 Feb 6 20:49 /dev/shm/FTL-strings

*** [ DIAGNOSING ]: Locale
LANG=

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 3787699 Feb 6 21:04 /var/log/pihole.log
-----head of pihole.log------
Feb 6 09:30:15 dnsmasq[9024]: exiting on receipt of SIGTERM
Feb 6 09:30:15 dnsmasq[13955]: started, version pi-hole-2.80 cachesize 10000
Feb 6 09:30:15 dnsmasq[13955]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify dumpfile
Feb 6 09:30:15 dnsmasq-dhcp[13955]: DHCP, IP range 192.168.1.201 -- 192.168.1.251, lease time 7d
Feb 6 09:30:15 dnsmasq[13955]: using nameserver 194.150.168.168#53
Feb 6 09:30:15 dnsmasq[13955]: using nameserver 149.112.112.10#53
Feb 6 09:30:15 dnsmasq[13955]: using nameserver 9.9.9.10#53
Feb 6 09:30:15 dnsmasq[13955]: read /etc/hosts - 5 addresses
Feb 6 09:30:15 dnsmasq[13955]: read /etc/pihole/local.list - 2 addresses
Feb 6 09:30:15 dnsmasq[13955]: failed to load names from /etc/pihole/black.list: No such file or directory
Feb 6 09:30:21 dnsmasq[13955]: read /etc/pihole/gravity.list - 943712 addresses
Feb 6 09:30:21 dnsmasq-dhcp[13955]: not giving name raspberrypi to the DHCP lease of 192.168.1.239 because the name exists in /etc/pihole/local.list with address 192.168.1.200
Feb 6 09:30:26 dnsmasq[13955]: query[A] pi.hole from 192.168.1.228
Feb 6 09:30:26 dnsmasq[13955]: /etc/pihole/local.list pi.hole is 192.168.1.200
Feb 6 09:30:30 dnsmasq[13955]: query[A] www.sueddeutsche.de from 192.168.1.228
Feb 6 09:30:30 dnsmasq[13955]: forwarded www.sueddeutsche.de to 194.150.168.168
Feb 6 09:30:30 dnsmasq[13955]: forwarded www.sueddeutsche.de to 149.112.112.10
Feb 6 09:30:30 dnsmasq[13955]: forwarded www.sueddeutsche.de to 9.9.9.10
Feb 6 09:30:30 dnsmasq[13955]: reply www.sueddeutsche.de is
Feb 6 09:30:30 dnsmasq[13955]: reply d21lj84g4rjzla.cloudfront.net is 13.227.198.56

[✓] ** FINISHED DEBUGGING! **

* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[i] Debug script running in automated mode
* Using curl for transmission.
[✗] There was an error uploading your debug log.

Please try again or contact the Pi-hole team for assistance.
A local copy of the debug log can be found at: /var/log/pihole_debug.log

The Pi returns:

sudo nmap --script broadcast-dhcp-discover
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-06 21:04 GMT
Pre-scan script results:
| broadcast-dhcp-discover:
| Response 1 of 1:
| IP Offered: 192.168.0.157
| DHCP Message Type: DHCPOFFER
| Server Identifier: 192.168.0.2
| IP Address Lease Time: 2m00s
| Renewal Time Value: 1m00s
| Rebinding Time Value: 1m45s
| Subnet Mask: 255.255.255.0
| Broadcast Address: 192.168.0.255
| Domain Name Server: 192.168.0.2
| Domain Name: pi-lan
|_ Router: 192.168.0.2
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 4.05 seconds

The OS X client returns:

sudo nmap --script broadcast-dhcp-discover
Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-06 22:11 CET
Unknown datalink type 138.
QUITTING!

On the Pi:

sudo nmap -sU -p67 --script dhcp-discover 192.168.0.1
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-06 21:06 GMT
Nmap scan report for 192.168.0.1
Host is up (0.00094s latency).

PORT STATE SERVICE
67/udp closed dhcps
MAC Address: AC:22:05:49:B4:0E (Compal Broadband Networks)

Nmap done: 1 IP address (1 host up) scanned in 1.52 seconds

deHakkelaar · February 6, 2020, 9:47pm

Are you sure about the IP's as before, the Pi-hole address was 192.168.1.200/24 residing in a different subnet as your Modem LAN IP address 192.168.0.1 ?

deHakkelaar · February 6, 2020, 9:53pm

Yeah IP/subnet has changed from before the Merlin switch!
Cant have two routers routing in the same subnet I think ... at least its very odd