IP mismatch and gateway not responding - Networking Configuration Issues

Help
1

Expected Behaviour:

So I've got everything setup very nearly identically to various guides and how to's I've found on setting up Pi-hole as a beginner. Felt confident in everything up until this point. I have a netgear orbi system that I've changed to only the Pi-hole DNS and I've reserved the IP it is using so it is static.

Actual Behaviour:

When I go in to real world test and change the router DNS officially to the Pi-hole or simply just changing the Mac or iOS device I'm working on to test it individually, nothing comes through. Internet seems to be cut off entirely. I've read through multiple posts here to troubleshoot it to little success. After debugging and reading through everything it basically comes down to the "Diagnosing Network" section saying IPv4 and IPv6 addresses do not match the IP found, which I've reconfigured I don't know how many times now. Originally was using .31, now .56 however debug shows .31 when the actual device IP is .56. That and the gateway doesn't seem to respond to pinging even though the numbers all are accurate there as well. At this point I'm not sure what to do.

Raspberry is running standard Raspbian Buster w/ Desktop for reference. Desktop is connected to wifi, ethernet is plugged in as well.

52%20AM
52%20AM854×540 331 KB

55%20AM
55%20AM3016×320 27.7 KB

Debug Token:

rjveyrantg

Some of the resources I've used in addition to these forums

Thanks for whatever help you guys are able to give. I've enjoyed working on this, I'd just like to be able to show how worth it this will be to the family. :smiley:

2

This is likely causing you problems.
Each of your interfaces (.i.e. WLAN and Ethernet adapters) gets issued with an IP address of their own.
It seems you used your WiFi address when setting up Pi-hole, but Pi-hole is listening on Ethernet (eth0) by default (if that's present).

Try setting the address shown in your screenshot in /etc/pihole/setupVars.conf
IPV4_ADDRESS=192.168.1.31/24
Do the same for your IPv6 address.
(I'd have included that as well if you'd posted plain text instead of a screen shot :stuck_out_tongue_winking_eye:)

Afterwards, restart your Pi-hole.

3

@Bucking_Horn Ah that does make sense. So the SetupVars.conf files, anytime I try to make a change it gives me a permission denied prompt. Even when attempting to save a separate file from that original.

Update - I was using text editor to edit for some reason. By simply opening it made a difference. However it still won't let me save, saying permission denied.

Also do you think it would make sense to disconnect the wifi and just roll with ethernet? I've got it headless with teamviewer as my client currently.

If you need anything in plain text I can pull that if it would help. I'm in and out today but that wouldn't be too difficult.

Thanks for the help!

4

You are lacking the rights to save the file.

From a command prompt or terminal window on your Pi-hole machine, edit your file through the following command:
sudo nano /etc/pihole/setupVars.conf

Unless you want to use your wifi in other ways (e.g. making it into a WLAN access point providing a separate subnet), you'd probably be better off disabling WiFi. You'd also save a few mA on power and heat.

5

@Bucking_Horn
Alright! That worked out really well and fixed my ip issue no problem.

Wifi is turned off on the pi now and I'm only running ethernet.

Testing it only on my iMac using the DNS of the pi-hole it seems to be working! I've got internet and the admin page works great.

Currently Its only set to OpenDNS and I haven't added or changed anything but what comes standard, but its working! So thank you for the help there. The only thing that seems to be hitting back red now is listed below..

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.1.31/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
fe80::e728:3434:a975:9214 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.1.1

  • Pinging 192.168.1.1...
    [✓] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
127.0.0.1:5942 teamviewer (IPv4)
[:80] is in use by lighttpd
[:80] is in use by lighttpd
[:53] is in use by pihole-FTL
[:53] is in use by pihole-FTL
[127.0.0.1:4711] is in use by pihole-FTL
[[::1]:4711] is in use by pihole-FTL

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] vserv.bc.cdn.bitgravity.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] vserv.bc.cdn.bitgravity.com is 0.0.0.0 via Pi-hole (192.168.1.31)
[✓] doubleclick.com is 74.125.136.101 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] www.ads.revenue.net is :: via localhost (::1)
[✓] www.ads.revenue.net is :: via Pi-hole (192.168.1.31)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

But aside from those two things in bold everything seems to be flowing well.
If there are any additional recommendations I would happily take them.

Thank you for your advice @Bucking_Horn!

Update - I haven't seen a noticeable ad blocking shift just yet from Facebook or simple browsing, but I may need to wait more I would guess. The pi.hole/admin page is working and I can see nearly 1,000 queries hitting and around 120 blocked now, just not sure how to make it more effective really.

6

Update to that.

I tested it originally just by changing the DNS on my iMac alone, but now I've added in 192.168.1.31 to the Orbi router system (it wouldn't allow for 192.168.1.32/24) and now admin console is only reachable through the ip address and not pi.hole/admin anymore.

7

You've probably elided changing your IPv6 address, or mistyped it:

Please verify that your /etc/pihole/setupVars.conf contains the correct IPv6 address.

IPv6 not being setup correctly might account for ads not being blocked for some clients that actually employ IPv6.

Depending on your network setup, it might take a while before your clients are updated to use Pi-hole as DNS (click for details).

This can be true for clients that are always on and permanently connected to your network, like a Home Theatre PC or an Amazon Echo device, and that have been issued IP addresses via DHCP by your router ( a so-called DHCP lease). Depending on the validity duration of their DHCP lease, they might update their DNS settings only on renewal.
Some routers may force a lease renewal the moment you change a setting.
You can force a new lease for a device yourself by invalidating its current lease in your router, or by disconnecting and reconnecting them from the network, e.g. by cutting down WiFi on your router, replugging the Ethernet cable or by rebooting or switching a machine on and off.

However, since you have set Pi-hole just on one iMac, in that machine's DNS settings (as I just read now), your machine should benefit from Pi-hole's filtering right away.

8

If this persists, it would award an altogether new topic, since the issue you initially addressed seems to be solved.

Resolving it might be simple (or not), but will be highly specific to your router model (click for details).

Your observation implicits that only internal network names (like pi.hole) don't get resolved once you alter the router's DNS settings to use Pi-hole.

This might be explained by your router suppressing an upstream (supposedly external) DNS server's answer that points to an address in your local network. This is a security feature - normally, an upstream DNS server cannot know your internal IP addresses, so an answer like that is deemed as an attempt to breech into your network from the outside. Some router models allow to define exceptions for this DNS rebind protection, but your router might not.

Furthermore, this would only apply if you configured Pi-hole as upstream DNS server, as opposed to propagating Pi-hole as local DNS server. Local DNS is the preferred variant, read more about this in Why should Pi-hole be my only DNS server? and How do I configure my devices to use Pi-hole as their DNS server?

The vast majority of routers will allow customising upstream DNS servers (some may not even allow that, using just the DNS servers as supplied by your ISP). But not all routers offer local DNS server configuration, usually done over the LAN's DHCP settings, but sometimes hidden on the upstream page as an option like 'DNS relay'.

You can find out whether your router is merely using Pi-hole as upstream DNS server or propagating Pi-hole as local DNS server by executing the following command in a terminal window from a client (e.g. your iMac):
nslookup pi.hole
This will produce an output like:

Server:         raspberrypi
Address:       192.168.1.31#53

Name:   pi.hole
Address: 192.168.1.31

If Server and Address in the first two lines show your router's name or IP address, then your router is configured to use Pi-hole as upstream DNS server.

Whether your router allows setting up Pi-hole als local DNS server, or defining DNS rebind exceptions, and how you do that exactly, will depend on your router's make and model and even firmware version.

I am not familiar with Orbi routers, so I cannot help you any further.

So, the best option would be to open a new topic for this, with a title expressive enough to attract the right people's attention.

9

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.