I'm still seeing Google Ads 😕

I have Pi-hole running on a Pi Zero W.

Expected Behaviour:

See no ads.

Actual Behaviour:

I'm seeing Google Ads. When I inspect the ad elements I see URLs that are already blocked as part of the existing lists. I can query the lists and I do see those URLs in those lists. I've also added these URLs to blacklists but I can still see the ads.

Debug Token:

Li7tnW74

You configured a lot of adlists, but only one is in your default group (ID 0). As you didn't configure any clients, all your clients are in that default group - meaning most adlists don't apply to them.

*** [ DIAGNOSING ]: Adlists
   id     enabled  group_ids     address                                                                                               date_added           date_modified        comment                                           
   -----  -------  ------------  ----------------------------------------------------------------------------------------------------  -------------------  -------------------  --------------------------------------------------
   1            1  0             https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts                                      2021-06-27 17:01:51  2021-06-27 17:01:51  Migrated from /etc/pihole/adlists.list            
   2            1  3             https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt                      2021-06-27 21:05:05  2021-06-27 21:20:32  Suspicious Lists                                  
   3            1  3             https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts                         2021-06-27 21:05:05  2021-06-27 21:20:37  Suspicious Lists                                  
   4            1  3             https://v.firebog.net/hosts/static/w3kbl.txt                                                          2021-06-27 21:05:05  2021-06-27 21:20:41  Suspicious Lists                                  
   5            1  4             https://adaway.org/hosts.txt                                                                          2021-06-27 21:05:05  2021-06-27 21:20:46  Advertising Lists                                 
   6            1  4             https://v.firebog.net/hosts/AdguardDNS.txt                                                            2021-06-27 21:05:05  2021-06-27 21:20:51  Advertising Lists                                 
   7            1  4             https://v.firebog.net/hosts/Admiral.txt                                                               2021-06-27 21:05:05  2021-06-27 21:20:55  Advertising Lists                

*** [ DIAGNOSING ]: Clients

Please make yourself familiar with how the group management works
https://docs.pi-hole.net/database/gravity/example/


Also, your Pi-hole hasn't received a lot of queries yet and the number of known clients is low - are you sure, your clients use Pi-hole at all?

[i] 2021-09-14:22:47:40 debug log has been initialized.

   [2021-09-14 22:39:31.194 991M] Imported 4 queries from the long-term database
   [2021-09-14 22:39:31.195 991M]  -> Total DNS queries: 4
   [2021-09-14 22:39:31.195 991M]  -> Cached DNS queries: 1
   [2021-09-14 22:39:31.195 991M]  -> Forwarded DNS queries: 3
   [2021-09-14 22:39:31.196 991M]  -> Blocked DNS queries: 0
   [2021-09-14 22:39:31.196 991M]  -> Unknown DNS queries: 0
   [2021-09-14 22:39:31.196 991M]  -> Unique domains: 4
   [2021-09-14 22:39:31.196 991M]  -> Unique clients: 2
   [2021-09-14 22:39:31.196 991M]  -> Known forward destinations: 1

You configured your router to distribute Pi-hole's IP as DNS server via DHCP - did you reconnect your clients to the network after you made this configuration?

   * Received 305 bytes from wlan0:192.168.29.1
     Offered IP address: 192.168.29.156
     Server IP address: 192.168.29.1
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.29.1
      lease-time: 86400 ( 1d )
      renewal-time: 43200 ( 12h )
      rebinding-time: 75600 ( 21h )
      netmask: 255.255.255.0
      broadcast: 192.168.29.255
      router: 192.168.29.1
      dns-server: 192.168.29.156
      dns-server: 192.168.29.156
      domain-name: "xyz.com"
      --- end of options ---

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the wlan0 interface:
    192.168.29.156/24

I don't fully understand what you are saying here, especially the part about my other adlists not applying to all clients but I'll read through the link you've given.

Just before posting this I flushed my logs and restarted the DNS resolver.

Yes.

I created a new group called All-local-devices. I then added all my local devices under Clients as 192.168.29.2/24 and assigned them to this newly minted group. Under Adlists I then assigned the All-local-devices group to each of the ad lists there. This should now apply these ad lists for all these devices right? I then ran pihole restartdns reload-lists as mentioned on the Examples page. And I can still see the ads on msn.com...

Run from a client that you expect to use Pi-hole for DNS while still seeing ads, what's the output of:

nslookup pi.hole
nslookup flurry.com

This is what I see:

~ ❯ nslookup pi.hole                                                                                                                                                                           23:52:37
Server:		2405:201:1007:8a2::c0a8:1d01
Address:	2405:201:1007:8a2::c0a8:1d01#53

** server can't find pi.hole: NXDOMAIN

~ ❯ nslookup flurry.com                                                                                                                                                                        23:52:39
Server:		2405:201:1007:8a2::c0a8:1d01
Address:	2405:201:1007:8a2::c0a8:1d01#53

Non-authoritative answer:
Name:	flurry.com
Address: 212.82.100.150
Name:	flurry.com
Address: 74.6.136.150
Name:	flurry.com
Address: 98.136.103.23

The device at that IPv6 address isn't Pi-hole:
It does not know to resolve pi.hole, and it returns IP addresses for flurry.com instead of the expected blocking 0.0.0.0.

Likely, your router is advertising its own IPv6 address as DNS server, allowing your clients to by-pass Pi-hole.

You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server instead of its own.

You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.

If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.

If your router doesn't support that either, your clients will always be able to bypass Pi-hole via IPv6.

Minor correction - domains, not URLs.

You are right. The router is an ISP provided one and it has its own IPv6 address which is the one I see in the post above.

I tried converting my Pi-hole IP to v6 and setting it here but then it won't let me since I had reserved this IP in the v4 configuration! I guess there is no getting past this.

The following command will give you a list of currently assigned IPv6 addresses when run on your Pi-hole host machine:

ip -6 address

I'd guess you should try to set one of those addresses as DNS Servers under DHCPv6 Setup (and most likely not as IPv6 address under LAN IPv6 Configuration), but please consult your router's documentation and/or support for further details.

I turned off IPV6 in my router (provided by the service provider). The blocking seems to have worked now. When I run nslookup pi.hole I now see the IP of my Pi-hole server and nslookup flurry.com shows me 0.0.0.0 as expected.

Will keep an eye out for any unexpected behaviour. The percentage of blocked queries has almost doubled now. The group management and applying multiple lists was an eye opener. I did not know that and most tutorials online do not talk about that. So thanks for that.