Local DNS Records only working on some devices

Garywoo · February 24, 2021, 7:43pm

I have just installed Pi-hole v5.2.4, and set up my network to route DNS requests through it via DHCP on my router. It's working fine as far as I can tell. What is not working well though, is the Local DNS Records function.

My network looks like this:

192.168.1.1 is my router, which is my DHCP server. It's a unifi UDM-Pro.
192.168.3.14 is my pi, running Pi-hole

I have added the Local DNS record in Pi-hole for unifi to point to 192.168.1.1.

I flushed the DNS on my PC, but when accessing https://unifi/ I get the error " This site can’t be reached" DNS_PROBE_FINISHED_NXDOMAIN

I also noticed that http://pi.hole was sometimes not working on the same PC. It is working as I write this though.

On other PC's and devices like phones on my network, https://unifi and http://pi.hole work fine.

Running nslookup pi.hole on the troublesome PC, gives me the following output:

Server:  pi
Address:  192.168.3.14

Name:    pi.hole
Addresses:  fd1b:612b:fcb3:1:2329:9382:e940:73b3
          192.168.3.14

Both the IPv4 & IPv6 addresses point to the Pi-hole.

What's going on here?

Debug log: https://tricorder.pi-hole.net/s0uoajf9e8

Bucking_Horn · February 24, 2021, 7:53pm

What DNS servers is your troubled PC using?

Assuming that PC is running Windows, you should find those in the DNS-Server output of

ipconfig /all

EDIT: yubiuser is right, but check the servers nonetheless, to see if IPv6 would be involved also.

yubiuser · February 24, 2021, 7:53pm

You advertise not only Pihole's IP as DNS server via DHCP but also other. As clients decide on their own which DNS to choose they might not be able to resolve internal DNS records via a public server.

      dns-server: 192.168.3.14
      dns-server: 1.1.1.1
      dns-server: 1.0.0.1

Garywoo · February 24, 2021, 7:59pm

Outputs:

DNS Servers . . . . . . . . . . . : 192.168.3.14
                                    1.1.1.1
                                    1.0.0.1

Garywoo · February 24, 2021, 8:02pm

So I should remove the other DNS servers from the router DHCP config? I don't like the sound of that. My pi is used for a couple other applications and so gets rebooted every now and then.

If the pi is rebooting, or goes down, suddenly all the internet requests in my network stop resolving?

yubiuser · February 24, 2021, 8:09pm

Yes. DNS is a critical part of your network, it might be useful if you notice that Pi-hole is down. You should consider to not use the device for a lot of other services that require a lot of reboots.

yubiuser · February 24, 2021, 8:09pm

That's the only way to ensure clients won't bypass Pi-hole.

Garywoo · February 24, 2021, 8:17pm

Okay, for troubleshooting, I removed the other DNS servers from my routers DHCP settings, so that the Pi-hole is the only DNS server. I then ran:

ipconfig /release
ipconfig /renew
ipconfig /flushdns

Now the output of ipconfig /all is:

DNS Servers . . . . . . . . . . . : 192.168.3.14

as the only DNS server for the adapter.

Trying to visit https://unifi is still not working. I added a couple more test local DNS records to point to the pi and router:

These are not working either, i.e. http://foo

I've also tried clearing Chrome's host resolver cache at chrome://net-internals/#dns

Something is still not quite right...

yubiuser · February 24, 2021, 8:19pm

Try with only unifi/.
What's the output of nslookup foo

jfb · February 24, 2021, 8:26pm

Yes. It is your DNS server (and should be the only one). There would be no difference if you reboot your router or modem - you lose part of the internet path and lose internet during that time.

Providing other DNS servers in the DHCP process allows queries to bypass Pi-hole.

You have a few options:

(1) Setup Pi-hole on an independent device that won't be rebooted. Keep it running 24/7.

(2) Add a second Pi-hole, running in parallel with the first. Advertise both those DNS servers in the DHCP process. If you reboot the first one with other things running on it, traffic will seamlessly shift to the running Pi-hole.

Garywoo · February 24, 2021, 8:29pm

Try accessing that in a browser? Same DNS_PROBE_FINISHED_NXDOMAIN error.

Server:  pi
Address:  192.168.3.14

*** pi can't find foo: Non-existent domain

yubiuser · February 24, 2021, 8:35pm

Do those queries show up in the query log?

Garywoo · February 24, 2021, 8:42pm

I'm seeing this in the query log when searching for foo:

Bucking_Horn · February 24, 2021, 8:45pm

You need to add both a record for the plain hostname as well as the FQDN for your local domain (aka search suffix), e.g. foo and foo.localdomain.

Some software may choose to query both, so its best to safeguard for that.
It doesn't fully explain why your browsers won't resolve the plain names, though.

EDIT:
The solution also comprised removing secondary and tertiary DNS servers from your router in order to guarantee that Pi-hole is your only DNS server (as advised by yubiuser).

Garywoo · February 24, 2021, 8:55pm

Aha! I added a record in Pi-Hole local DNS records for both, and it's now working! I can now access unifi/ and foo/ etc.

My records list now looks like this:

Thanks very much for the help all!

system · March 17, 2021, 8:56pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.