Keine Auflösung nach Neustart

Help Deutschsprachige Hilfe
21

Are you running the command line shell as Administrator ?

What bout the second option eg:

netsh interface ipv4 add dnsservers name="Ethernet 2" address=192.168.178.29 index=1 validate=no
netsh interface ipv4 show dnsservers
nslookup pi.hole

If you read that thread bit further down, you notice people commenting:

Unfortunately netsh can not delete dns servers assigned by dhcp. But this can be done by clearing DhcpNameServer parameter in

HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces{id}

registry key.

As of 2017 this is now possible if its based on OpenVPN

Add a line to your client config file of

pull-filter ignore "dhcp-option DNS "

and it will ignore all pushed config lines that start with the quoted text.

The three action keywords are accept ignore reject. I have not discovered a use case for reject.

22

[details=Summary]
Konfiguration der Schnittstelle "Ethernet"
Über DHCP konfigurierte DNS-Server: 192.168.178.29
Mit welchem Suffix registrieren: Nur primäres

Konfiguration der Schnittstelle "Ethernet 2"
Statisch konfigurierte DNS-Server: 192.168.178.29
Mit welchem Suffix registrieren: Nur primäres

Konfiguration der Schnittstelle "Loopback Pseudo-Interface 1"
Statisch konfigurierte DNS-Server: Keine
Mit welchem Suffix registrieren: Nur primäres[/details]

It don't resolve Domains with that.

With VPN

[details=Summary]
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.178.29

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Zeitüberschreitung bei Anforderung an UnKnown.[/details]

Without VPN

[details=Summary]Server: raspberrypi
Address: 192.168.178.29

Name: pi.hole
Address: 192.168.178.29[/details]

I guess i need to remove the line dhcp-option DNS 8.8.8.8. It still don't work.

23

What does below one display with, and without the VPN active ?

route print

This need to be edited in the OpenVPN dialer configuration file.
I dont have an openVPN dialer available at the time so you'll need to google (or RTFM) where this file resides.

24

[details=With VPN]===========================================================================
Schnittstellenliste
9...d0 50 99 4f 42 53 ......Intel(R) Ethernet Connection (2) I218-V
2...00 ff 01 61 ed 6b ......TAP-Windows Adapter V9
1...........................Software Loopback Interface 1

IPv4-Routentabelle

Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.21 25
0.0.0.0 128.0.0.0 10.122.64.1 10.122.68.193 56
5.189.145.149 255.255.255.255 192.168.178.1 192.168.178.21 26
10.96.0.0 255.224.0.0 Auf Verbindung 10.122.68.193 311
10.122.68.193 255.255.255.255 Auf Verbindung 10.122.68.193 311
10.127.255.255 255.255.255.255 Auf Verbindung 10.122.68.193 311
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 331
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 331
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 331
128.0.0.0 128.0.0.0 10.122.64.1 10.122.68.193 56
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.21 281
192.168.178.21 255.255.255.255 Auf Verbindung 192.168.178.21 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.21 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 331
224.0.0.0 240.0.0.0 Auf Verbindung 10.122.68.193 311
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.21 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 331
255.255.255.255 255.255.255.255 Auf Verbindung 10.122.68.193 311
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.21 281

Ständige Routen:
Keine

IPv6-Routentabelle

Aktive Routen:
If Metrik Netzwerkziel Gateway
1 331 ::1/128 Auf Verbindung
2 311 fe80::/64 Auf Verbindung
9 281 fe80::/64 Auf Verbindung
9 281 fe80::38cc:77aa:bd03:8b8d/128
Auf Verbindung
2 311 fe80::fc0a:4819:2a10:e894/128
Auf Verbindung
1 331 ff00::/8 Auf Verbindung
2 311 ff00::/8 Auf Verbindung
9 281 ff00::/8 Auf Verbindung

Ständige Routen:
Keine
[/details]

[details=Without VPN]===========================================================================
Schnittstellenliste
9...d0 50 99 4f 42 53 ......Intel(R) Ethernet Connection (2) I218-V
2...00 ff 01 61 ed 6b ......TAP-Windows Adapter V9
1...........................Software Loopback Interface 1

IPv4-Routentabelle

Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.21 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 331
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 331
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 331
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.21 281
192.168.178.21 255.255.255.255 Auf Verbindung 192.168.178.21 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.21 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 331
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.21 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 331
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.21 281

Ständige Routen:
Keine

IPv6-Routentabelle

Aktive Routen:
If Metrik Netzwerkziel Gateway
1 331 ::1/128 Auf Verbindung
9 281 fe80::/64 Auf Verbindung
9 281 fe80::38cc:77aa:bd03:8b8d/128
Auf Verbindung
1 331 ff00::/8 Auf Verbindung
9 281 ff00::/8 Auf Verbindung

Ständige Routen:
Keine[/details]

I know. I did(tried) it already.

25

Lets recap, we know setting a DNS server via the number two option works as nslookup was trying to connect to Pi-Hole, instead of the VPN assigned DNS, but failed connecting (DNS request timed out).

The client:

IP  = 192.168.178.21
GW  = 192.168.178.1     (FritzBox)
DNS = 192.168.178.29    (Pi-Hole)

VPN IP  = 10.122.68.193
VPN GW  = 10.122.64.1
VPN DNS = 8.8.8.8       (Google's DNS)

Added routes by OpenVPN:

Destination     Netmask         Gateway        Interface      Metric
0.0.0.0         128.0.0.0       10.122.64.1    10.122.68.193  56
5.189.145.149   255.255.255.255 192.168.178.1  192.168.178.21 26
10.96.0.0       255.224.0.0     Auf Verbindung 10.122.68.193  311
10.122.68.193   255.255.255.255 Auf Verbindung 10.122.68.193  311
10.127.255.255  255.255.255.255 Auf Verbindung 10.122.68.193  311
128.0.0.0       128.0.0.0       10.122.64.1    10.122.68.193  56
224.0.0.0       240.0.0.0       Auf Verbindung 10.122.68.193  311
255.255.255.255 255.255.255.255 Auf Verbindung 10.122.68.193  311

So my guess is that the added routes messed up something preventing you to connect to your LAN devices.
Once VPN is established, are you able to ping any of your other devices on your network ?
And other way around, are the other devices able to ping the Windows station ?

What if after connecting to VPN, you add a route as well:

netsh interface ipv4 add dnsservers name="Ethernet 2" address=192.168.178.29 index=1 validate=no
netsh interface ipv4 show dnsservers
route add 192.168.178.29 mask 255.255.255.255 192.168.178.21
nslookup pi.hole

If you want to delete the added route again:

route delete 192.168.178.29 mask 255.255.255.255 192.168.178.21

And check if deleted with:

route print

I was never good at making sense of all these routing tables once things got a bit complicated and mixed in with IPv6.
Maybe someone else with more routing skills can make sense and jump in ?

26

I can (with and without VPN) ping other devices but not reversed (Keeps timing out).

In the next few days i'll try if it works my Laptop.

27

Are you running a firewall on the Windows PC ?
Could disable firewall for diagnosing.

28

I'm using the default firewall from Windows. Without it other devices can ping my PC.
I also disabled the firewall for the VPN (Windows shows it as a not identified public network) but Pi-Hole didn't worked.

29

Once VPN established, you told us you were able to ping the other devices on your LAN from the Windows station.
At same time, are you able to ping the Pi-Hole address as well ?

ping 192.168.178.29

And if a ping is returned, are you able to do a lookup ?

nslookup pi.hole 192.168.178.29

30

This works.

This times out.

31

If ping(ICMP) is able to find a network path/route and nslookup(UDP/TCP) is not, most likely this is a firewall blocking.

32

I deactivated both firewalls (normal network and from the vpn) but nslookup pi.hole 192.168.178.29 still times out.

33

And if you do lookup against your router once VPN established ?

nslookup pi.hole 192.168.178.1

Ps. this lookup should result in "Non-existing domain" (NXDOMAIN).

34

This times out as well.

35

I dont know how to deal with Windows firewalls.
Most Linux kernels already have iptables(ipfilter) compiled in the kernel but ...
I already have a hard time configuring that firewall from shell.
Maybe someone else knows a solution or you might have better luck asking @OpenVPN community.

36

Did you try to disable the Win firewall (temporarily)? Does that help?

37

That didn't helped.

I connected the Pi with the VPN Provider and installed Polipo. I can now use Pi-Hole trough the Proxy(Only in Firefox, Win10 Apps don't really need it atm).

Thanks for your help guys! :smile: