FTL should be listening on port 53 for other machines in local network
Actual Behaviour:
FTL works and resolves on the host directly but not for other machines in same network. ping to host, ssh and other services work, but "dig@ip.of.host domain.com" times out. FTL shows as running and netstat shows ports as listening:
Your debug log shows that at one point the Pi-Hole was receiving and replying to DNS queries from client 192.168.21.191. Your Pi-Hole is on address 192.168.2.114, a different subnet.
Have you recently changed your IP addresses on your network?
Oct 28 00:02:20 dnsmasq[29522]: 8769 192.168.21.191/52794 query[A] play.google.com from 192.168.21.191
Oct 28 00:02:20 dnsmasq[29522]: 8769 192.168.21.191/52794 forwarded play.google.com to 173.255.199.5
Oct 28 00:02:20 dnsmasq[29522]: 8769 192.168.21.191/52794 forwarded play.google.com to 8.8.4.4
Oct 28 00:02:20 dnsmasq[29522]: 8769 192.168.21.191/52794 forwarded play.google.com to 8.8.8.8
Oct 28 00:02:20 dnsmasq[29522]: 8769 192.168.21.191/52794 reply play.google.com is 172.217.22.46
Thank you for your reply. I forgot to mention - I have set up the PI as AP and router as well. That's the 192.168.21.* subnet. For devices that connect to the Pi's AP, FTL works as well. But for devices that connect to the main router (192.168.2.1), they can't use the FTL (and never could).
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] bs.serving-sys.com.42237.9320.302br.net is 0.0.0.0 via localhost (127.0.0.1)
[✗] Failed to resolve bs.serving-sys.com.42237.9320.302br.net via Pi-hole (192.168.2.114)
[✓] doubleclick.com is 216.58.207.174 via a remote, public DNS server (8.8.8.8)
what is the result of the command ip addr only wondering about the portion of eth0
the reason i ask is using 127.0.0.1 your Pi-hole functions normally. when trying to use the IP assigned to it thats where it fails
can you try changing the listening behaviour Webgui>settings>DNS change it to listen on all interfaces but only reply if one hop away. then test and report back?
couple more questions do you have a standard consumer router somewhere in your setup? is the intent here to have all networked devices using Pi-hole?
If so more than likely it is one of two things the first being the subnets are separated. Devices in the 19.168.x.x by default will not be able to connect to other devices unless the third section in your case 21 and 2 are the same OR you use static routing to allow them to talk.
Second potential is a feature some routers have called DNS rebind which prevents them from using an internal IP to be a DNS server
Thanks. I will look into it. I can however connect to the pi via ssh or other services/ports without problem. Just DNS times out. Also, for the purposes of what I am trying to do, all machines are in 192.168.2.* - the router, the Pi and the device I want to use Pi-hole's DNS server with.
I had never heard of that - that would explain it. I'll try to find out if my router does this and report back.
So apparently there is no good solution for my router (German Telekom's Speedport Hybrid). It keep hogging the DNS requests.Thanks again for the help and pointing me in the right direction!