How can I configure pi-hole to get NXDOMAIN for host.does.not.exist
Here is what pi-hole does ... (resolve to 127.0.0.1
with NOERROR
)
$ dig a @192.168.1.118 host.does.not.exist
; <<>> DiG 9.8.3-P1 <<>> a @192.168.1.118 host.does.not.exist
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26484
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;host.does.not.exist. IN A
;; ANSWER SECTION:
host.does.not.exist. 300 IN A 127.0.0.1
;; Query time: 7 msec
;; SERVER: 192.168.1.118#53(192.168.1.118)
;; WHEN: Mon Feb 27 21:05:37 2017
;; MSG SIZE rcvd: 53
Here is what normaly expected (NXDOMAIN e.g. from google's 8.8.8.8)
$ dig a @8.8.8.8 host.does.not.exist
; <<>> DiG 9.8.3-P1 <<>> a @8.8.8.8 host.does.not.exist
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 451
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;host.does.not.exist. IN A
;; AUTHORITY SECTION:
. 86364 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2017022701 1800 900 604800 86400
;; Query time: 31 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Feb 27 21:11:02 2017
;; MSG SIZE rcvd: 112
Any hint will be helpful. / Thanks!
Is that a dig on the Pi-hole device itself? I'm getting different results here:
$ dig host.does.not.exist @192.168.30.2
; <<>> DiG 9.9.5-9+deb8u9-Raspbian <<>> host.does.not.exist @192.168.30.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1418
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;host.does.not.exist. IN A
;; Query time: 8 msec
;; SERVER: 192.168.30.2#53(192.168.30.2)
;; WHEN: Mon Feb 27 20:17:53 UTC 2017
;; MSG SIZE rcvd: 48
Thanks for reply. Yes I get this from my pi-hole at 192.168.1.168
. Intresting to see that you get NXDOMAIN .. but why I'am a bit confused.
Not sure here either, and why you have a different version of dig than I do. Which OS is running on the Pi-hole?
The dig is from my macOS. But that does not matter, I also tested from other linux hosts.
On the Pi-hole runs Raspbian GNU/Linux 8
.
Did you have enabled additional adlists ... I have enabled/uncomented some from adlist.default
, may I have to disable them first?
DL6ER
February 27, 2017, 8:32pm
6
Could you do the following to help us debug your issue?
Run
sudo service dnsmasq restart
pihole -d
on your Pi-hole device. While it tells you to browse the web, run your dig
command on one of your clients.
You can then upload the debug log and give us the token (it will be securely shared with the developers only) or manually look though the stored log at the location the debugger tells you (whatever you like to do). Restarting dnsmasq
first is necessary to be sure that the cache is empty (mistakes might be masked otherwise).
That test was just on a stock Pi-hole, Raspbian Jessie Lite, and I get the same response with my Arch Linux client pointed to the Pi-hole. NXDOMAIN.
Hmm, I disabled all items in my addlist.default
but does not help. Which dnsmasq version is installed on your pi-hole?
OK, same here. So that not the reason. Do you have any ideas more for me?
DL6ER
February 27, 2017, 8:39pm
11
Have a look at my message here for a followable path.
Sorry, I have overseen your post ... here is the token: dig host.does.not.exist 9rfy7wej4m
DL6ER
February 27, 2017, 8:50pm
13
Please have a look into your /etc/dnsmasq.conf
and if that didn't help into your /etc/hosts
Ups sorry for confusion. Yes, I inserted a server= entry into /etc/dnsmasq.conf
which I droped now (nothing changed, dig continues to result into 127.0.01). I made a new log with token tawn3ak4tc can you give it a new try? Thanks!
DL6ER
February 27, 2017, 9:02pm
15
Hmm, next idea would be a
cat /etc/hosts | nc tricorder.pi-hole.net 9999
It will give you a new token.
Aaargh, I'am a idiot, I added it to my /etc/hosts yesterday while had some problems with it. I forgott it and now I'am sitting since hours in front of my /etc/hosts without seeing the obvious.
I'am very sorry for the noise ... and thanks a lot for your help!!!
DL6ER
February 27, 2017, 9:09pm
17
Glad we were able to resolve this strange behavior.