Administering PiHole via Win11 Firefox browser the gravity list in Pi Hole can be updated in menu Tools/Update Gravity. Raspbe is set to a fixed IP address in my "Fritzbox" DSL router. This worked fine for several years.
Raspbian GNU/Linux 11 (bullseye)
Raspberry Pi 4 Model B Rev 1.5
Pi-hole v5.17.3 FTL v5.24 Web Interface v5.21
Actual Behaviour:
When I try to update the Gravity DB I get the error message: "DNS resolution is currently unavailable"
The blocking of Pi-hole advertisement traffic works fine. All internet traffic also. Just the update is the problem.
This system worked fine for years and suddenly I get this message since some days or weeks. I checked around here and in other forums for solution. Several people had the same problem, but nowhere was a solution.
Can anybody help me please? Thanks.
Debug Token:
Replace this text with the debug token provided from running pihole -d
(not sure what to do here)
Open a shell/SSH prompt (the same you used to install Pi-hole).
And run/execute below on that prompt:
sudo pihole -d
When asked to upload the generated debug log, reply with "yes".
When the upload is successful you'l be shown a token URL.
Post this token URL here (not the full log!).
This token URL will look similar like below:
Thanks deHakkelaar. Unfortunatelly after generating the debug log file I get the message in the shell:
[β] ** FINISHED DEBUGGING! **
The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
[?] Would you like to upload the log? [y/N] y
* Using curl for transmission.
* curl failed, contact Pi-hole support for assistance.
* Error message: curl: (6) Could not resolve host: tricorder.pi-hole.net
[β] There was an error uploading your debug log.
Please try again or contact the Pi-hole team for assistance.
A local copy of the debug log can be found at: /var/log/pihole/pihole_debug.log
Looks like Pi-hole can not resolve the IP address when it comes from the same machine.
To copy pihole_debug.log to tricorder.pi-hole.net by hand I need a user name and password for GitHub.
EDIT: Oh before you change below, could you post content first of that file being changed with below:
grep nameserver /etc/resolv.conf
Might want to redact the latter part of IPv6 addresses if any are listed for privacy!
Run below to temporarily change the local DNS server(s) used into that of Google's 8.8.8.8:
sudo tee /etc/resolv.conf <<< 'nameserver 8.8.8.8'
And run the debugger again:
sudo pihole -d
This nameserver change will revert back to how it was originally when rebooting, or when network state changes, or when the DHCP lease gets renewed if its supplied via DHCP, or an IPv6 RA change is received.
Thanks a lot @deHakkelaar, here is the information you wanted:
EDIT: Oh before you change below, could you post content first of that file being changed with below: grep nameserver /etc/resolv.conf
Might want to redact the latter part of IPv6 addresses if any are listed for privacy!
nameserver fd00::3f44:d681:ef80:????
When the upload is successful you'l be shown a token URL.
Post this token URL here (not the full log!).
Check time of day. DNS resolution may not be available if time is wrong.
Mon 26 May 18:40:17 BST 2025
Date an time is correct. Just one hour delayed here. Probably because it is British summer time (BST) and I am in MEZ time zone. Is this a problem?
Run below to temporarily change the local DNS server(s) used into that of Google's 8.8.8.8: sudo tee /etc/resolv.conf <<< 'nameserver 8.8.8.8'
And run the debugger again: sudo pihole -d
[β] Building tree
[β] Swapping databases
[β] The old database remains available
[i] Number of gravity domains: 184937 (184937 unique domains)
[i] Number of exact blacklisted domains: 3
[i] Number of regex blacklist filters: 0
[i] Number of exact whitelisted domains: 0
[i] Number of regex whitelist filters: 0
[β] Flushing DNS cache
[β] Cleaning up stray matter
[β] FTL is listening on port 53
[β] UDP (IPv4)
[β] TCP (IPv4)
[β] UDP (IPv6)
[β] TCP (IPv6)
Shall I set Pi-hole back to my problem status before or leave it on working 8.8.8.8 ?
I set the pi-hole back to problem status (did a reboot).
The output is then:
dig raw.githubusercontent.com
; <<>> DiG 9.16.50-Raspbian <<>> raw.githubusercontent.com
;; global options: +cmd
;; connection timed out; no servers could be reached
I see you have edited your answer while I was replying:
This would indicate that your issue is with the nameservers that the OS on the device running Pi-hole is using.
Obviously, overwriting resolv.conf with a public nameserver fixes your issue, but that fix is only temporary. Your device OS will update nameservers as received from your network's router.
That may suggest that your router is advertising its own IPv6 as local DNS server, or perhaps a non-existing one.
Unfortunately, your answer is a bit overwhelming for me. I am scared if I make these 3 changes I will screw up my internet connection.
I didn't change anything on the Fritzbox when the problems arose. The Gravity Update worked without any problems in previous years.
How did you configure your FritzBox's DNS server back then?
Your ISP may have enabled IPv6 recently, or you manually set an IPv6 DNS server address in your FritzBox that has expired in the meantime.
In any case, following the advice from the post I've linked above should at least preclude that IPv6 DNS servers would be an issue (not only for your Pi-hole machine, but for all of your network).
In my Fritzbox the configuration "Also announce DNSv6 server via router advertisement (RFC 5006)" is ticked and shows exactly the IP adresss which is shown by
Generated by resolvconf
nameserver fd00::3f44:d681:ef80:????
Find the lines/fields starting with "dns-server" for IPv4,
or "Recursive DNS server" for IPv6 ... if any is/are listed
The "problem" is that if any of those addresses are not those of the Pi host, clients would be able to bypass Pi-hole via this IPv6 DNS IP and ads etc will leak in:
Also most implementations prefer IPv6 over IPv4 DNS.
If you run below on the Pi, it wil list IPv4 addresses configured on all detected interfaces for you to compare with the dhcp-discover output:
ip -br -4 address
And below will list IPv6 addresses:
ip -br -6 address
Dont post any of the output for above commands here for privacy!
Also have a look at the docs for more options/details etc:
I am scared if I make these 3 changes I will screw up my internet connection.