The issue I am facing: When network devices use Pi-hole as DNS server (manually set, for instance), I see the Total Queries increasing in the dashboard, but no connection goes through (ie. a ping or nslookup to google.com gets timed out).
Attempting to update the Adlists results in a "DNS resolution is currently unavailable" error.
I've also tried generating a debug log but that ends in "* Error message: curl: (6) Could not resolve host: tricorder.pi-hole.net". I've uploaded the full log here as an alternative.
Details about my system: I'm using a Raspberry Pi 4 with LibreElec, running Pi-hole in a Docker container (compose file available here, no changes from the default setup). No other Docker containers running.
What I have changed since installing Pi-hole:
I've searched for solutions and attempted a few settings changes, but I believe everything is reverted to default at this point.
This seems to be an issue with DNS resolution on your host machine (Raspberry Pi).
I'm not sure how LibreElec configures DNS servers (using a Addon, or service, or whatever), but you can try to temporarily reset the nameserver on the Pi and generate the log.
Try:
sudo nano /etc/resolv.conf
Edit the nameserver line to nameserver 1.1.1.1 or your preferred third party DNS service, save and exit
Run
pihole -d
and upload the debug log, then post here only the Token.
I had made this change in the past without success; LibreElec rewrites that file on every boot also.
In any case I've done this change now, and the log result is the same (including not being able to use curl).
One thing I should have mentioned, the ping/nslookup do not work if I run them from clients using Pi-hole as DNS server; if I run them directly from Raspberry Pi, the host, they work (I have not made the change to have the host use Pi-hole as DNS server).
That does not seem to link to a docker-compose file?
Your debug log suggests that your Pi-hole container has no upstream connectivity:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✗] Failed to resolve flurry.com on lo (127.0.0.1)
[✗] Failed to resolve flurry.com on eth0 (172.18.0.2)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
Did you perhaps configure your router to restrict your network to specific DNS servers only?
If so, your Libreelec machine would need to be exempted at least for Pi-hole's upstreams.
Aslo, please share the results of the following commands, run from your LibreElec machine:
nslookup flurry.com
And another one from a client in your network:
nslookup pi.hole <pi.ho.le.ip>
where you substitute <pi.ho.le.ip> with the IP of the LibreElec machine running your Pi-hole container.
My bad with the compose file, some extra junk at the top - if you scroll down you'll see the file contents.
Agree with the lack of upstream connectivity, though I haven't been able to pinpoint why. I haven't made any such changes to my router, and don't even find anything similar to it in its settings panel.
So your LibreElec host can successfully request public DNS resolution via 1.1.1.1 (as demonstrated by your first nslookup result), and your client is able to request DNS resolution through 192.168.1.222, with Pi-hole blocking the request (as per your second result).
Apparently, your Pi-hole container is currently using a set of four DNS servers, your host's 1.1.1.1 among them.
You could try to restrict Pi-hole's upstream to just 1.1.1.1, and see if that would make any difference.
I'm not sure how to attempt your suggestion. In case this is it, I have changed Pi-hole's upstream DNS settings to have only the first tick on Cloudflare's options. It didn't make a difference.
I've also accessed Pi-hole's Docker container, and edited its resolv.conf file to "nameserver 1.1.1.1", also no change.