Keine Auflösung nach Neustart

Help Deutschsprachige Hilfe
1

Hey Leute,

Pi-Hole läuft auf einem Lubuntu 16.04. (64bit) System. In der Fritzbox 7490 ist Pi-Hole als Lokaler DNS-Server eingetragen.

Anfangs wurde nach einem Neustart des System keine Domain mehr aufgelöst. Es wurde immer angezeigt, das die Domain xy nicht gefunden werden kann. Dies wurde bei allen Geräten im Netzwerk angezeigt.

Nur ein zufälliger Eintrag in der Whitelist schien das Problem zu lösen.
Seit dem letzten Update passiert dies bei meinen Geräten nicht mehr, sondern nur noch bei den Geräten hinter meinem Lan-Switch. Allerdings hilft hier das mit der Whitelist hier nicht mehr.

Die Geräte sind folgendermaßen angeschlossen:

Meine Geräte & Pi-Hole<->TP-Link TL SG1008D via 25m Lankabel<->Fritzbox <-> Andere Geräte via Lan & Wlan

Bei den anderen Geräten konnte ich auf einem Windows7 Rechner den DNS Server manuell ändern. Hier funktioniert es wieder.
Bei einem Android Smartphone (Ich glaub es ist ein Huawei P8 mit Android Nougat) hat dies seltsamerweise nicht geholfen.

Edit: Das Huawei hat im Gast-Wlan keinerlei Probleme.

Habt ihr evtl eine Idee woran das liegen kann?
Danke für eure Hilfe :slight_smile:

2

I started typing below but wonder if there are any objections replying in English on this German sub forum ?

Make sure all the DNS services that you depend upon are chained so the DNS path for resolving hostnames to IP addresses would look like so:

[Clients] --> [Pi-Hole] --> [Fritzbox] --> [ISP DNS servers] --> [Root DNS servers]

The result is that if Pi-Hole cant resolve a DNS query from one of the clients,
it will ask its upstream configured DNS server which is Fritzbox.
And if Fritzbox cant answer the client query, Fritzbox will ask its upstream DNS server(s) from your ISP etc etc.

EDIT: But be careful setting a secondary DNS server setting alongside a primary one!
If you setup one of your DNS services to use a secondary DNS server upstream, make sure both primary and secondary will resolve to the same DNS records.
If they dont, you can expect it sometimes working OK ... and sometimes not.

3

Hi,
so got the same problem after restart my pi 2. (PI-Hole / FHEM ....) and Fritzbox 7490

After boot all Clients in the local network can not solve DNS request. On the Pi himself it is working. :wink:
I can solve this by "service dnsmasq restart" or over web interface disable/enable pihole.

But a power fail in my vacation ..... .:-/ FHEM and Enigma SAT will have some ....

This is new, in the past 12 month this is working fine. I also try a new installation on my prototype Pi 3 thats working fine no problem after restart. :-/

Perhaps an timing problem during start up ? dnsmasq is up before the .... ?

Can you pls give me an introduction were to look ?

Regards

4

I set the FritzBox DNS Setting to default again. It's using now the Settings from my Provider.
My devices didn't used Pi-Hole as the DNS Server. It seems that the VPN Software changed it automatically to 8.8.8.8.

Once i changed it to the Pi-Hole nothing worked. It wasn't even showing any request in the logfile.
I tried the the steps from How do I troubleshoot name resolution?
dnsmasq and lighttpd are running without an error.
The config file is ok.

curl -I a-ads.com

Without Pi-Hole i get

HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.2
Date: Thu, 06 Apr 2017 15:27:45 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://a-ads.com/

And with Pi-Hole

curl: (6) Could not resolve host: a-ads.com

Nothing changed in /var/log/pihole.log while i tried it.

5

Hey LinkItUp,

did you try so restart dnsmasq from an command, or stop / start via admin web page ?

Only to be sure we have the same problem !

Regards

6

I tried both and it didn't helped.

7

Hi @LinkItUp, know that if you use a VPN dialer on your clients, they will add their own DNS server(s) and the client will only resolve via this newly added DNS server.
You can see the different DNS servers responding if you do below command on the client with and without the VPN active:

nslookup pi.hole

Have a look at below post for options (IPVanish being a VPN too) :

8

There was no mentioning of "VPN" in your initial post. What kind of VPN do you use? An external provider (that you may even pay for?) or your own VPN?

Note that in the latter case you might want to take advantage of the extensive Pi-hole & OpenVPN tutorial you can find here:

9

I pay for the VPN. But even without the VPN i get the same result.

10

Hi,

so my suspicion go to dnsmasq is not listen / bind to the right network.

After restart no change in the log (if request come over lan), local ping I can see in log. After an restart of dnsmasq also any request from local LAN is in the LOG.

How can I check on which port/lan dnsmasq is listening ? (netstat -untap) ?

Regards

11

What option have you selected for the listening behavior on the Settings page?

Screenshot at 2017-04-07 18-44-32.png775×437 37.9 KB

If your Pi is not facing the Internet directly (i.e. behind a firewall / NAT in a router), you can safely chose the last option which leads to that dnsmasq is listening everywhere.

12

Ok.

great thx. But I try this tomorrow. (otherwise my wife will kill me :wink:

Regars

13

@LinkItUp, first get everything to work without any VPN dialers active as they complicate things a bit.
If your using your Fritzbox to hand out IP addresses and details via the Fritzbox DHCP service,
make sure only one DNS server, your Pi-Hole IP address, is set as DNS resolver for the clients in your network!
And if you change any DHCP settings on Fritzbox, make sure the clients renew their IP leases (to receive new settings) by either bringing their network interface down and up again or rebooting.

If setup DHCP correctly, you can check on Linux clients with:

  • Honnoring the request "Please stop asking for ANY" "See draft-ietf-dnsop-refuse-any" :wink:

    $ host -a -t a pi-hole.net
    Trying "pi-hole.net"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26565
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;pi-hole.net. IN A

    ;; ANSWER SECTION:
    pi-hole.net. 300 IN A 104.24.108.83
    pi-hole.net. 300 IN A 104.24.109.83

    Received 61 bytes from 10.0.0.8#53 in 40 ms

In my case, as can be seen from above, the answering DNS server is 10.0.0.8 which happens to be my Pi-Hole Pi.

On Windows clients you can check with below command:

$ nslookup -type=A pi-hole.net
Server:  noads.dehakkelaar.nl
Address:  10.0.0.8

Non-authoritative answer:
Name:    pi-hole.net
Addresses:  104.24.109.83, 104.24.108.83

Again you see my Pi-Hole IP address 10.0.0.8 replying.

14

Advanced DNS Settings
Listen on all interfaces, permit all origins .... or "Listen only on interface eth0"

Work great.

Was set to "Listen on all interfaces, but allow only queries from devices that are at most one hop away (local devices)" this make the "trouble"

so my Problem is gone. :slight_smile: THX

Regards

15

My Pi 3 finally came yesterday. I installed Pi-Hole now on the Raspberry Pi. It works now quite well. There's now the thing with the VPN.
The VPN uses the OpenVPN Protocol and it uses it owns network adapter (Ethernet 2, TAP-Windows Adapter V9). When i change the DNS Server for this it won't resolve any Domain. Pi-Hole don't show any request either.

16

Hi @LinkItUp, it seems most VPN dialers add their own DNS server once VPN connection is established putting the configured or DHCP assigned one out of use.
Have a readup on the first answer by "Ashley Ross":

However, you can reset the DNS changes after the VPN connection is established.

17

I tried Option 1.
If i understood it right, the DNS entrance should be removed or changed to the default one which didn't happened.
Btw the command netsh interface ipv4 show dnsservers shows me a third adatper: Loopback Pseudo-Interface 1 What is that?

I tried it in the Winwows Network Settings and in the VPN Software but it won't resolve any domain. It keeps timing out.

18

So after removing the VPN DNS server on the Windows client (option 1), what does below one display ?

netsh interface ipv4 show dnsservers

And whats the output for below one on the Windows client after removal ?

nslookup pi.hole

19

Thats the internal loopback interface used by processes to comunicate internaly.
Dont mind that one, everyone has got one.

20

Before i tried Option 1 it showed me

[details=Info] Konfiguration der Schnittstelle "Ethernet"
Über DHCP konfigurierte DNS-Server: 192.168.178.29
Mit welchem Suffix registrieren: Nur primäres

Konfiguration der Schnittstelle "Ethernet 2"
Über DHCP konfigurierte DNS-Server: 8.8.8.8
Mit welchem Suffix registrieren: Nur primäres

Konfiguration der Schnittstelle "Loopback Pseudo-Interface 1"
Statisch konfigurierte DNS-Server: Keine
Mit welchem Suffix registrieren: Nur primäres[/details]

After netsh interface ipv4 delete dnsservers name="Ethernet 2" address=all validate=no it's still the same.