Hi all,
I really like the idea of the Pi-hole. However since beginning I am facing one issue that drives me crazy
Intro
Whenever a domain is temporarily "down" (e.g. because the device is off or VPN is not turned on), my browser shows "This site can't be reached" with the error code of "DNS_PROBE_FINISHED_NXDOMAIN".
Expected Behaviour:
After e.g. the device (e.g. a raspberry pi with a webserver or kodi) is online again and hitting the refresh-button in the browser, I would expect to see the domain successfully.
Actual Behaviour:
The problem is that after the device is online, my browser still shows that this site is not reachable (same error).
My assumption
Pi-hole is caching this state? And whenever my browser tries to access this domain again, it gets the same cached error/state for a given amount of time...
Two questions:
Is my assumption right?
How can I force my browser/pihole to do a new serious attempt to get the domain again? Because without Pi-hole it works with a simple F5 (refresh of the screen)...
Am I the only one that is getting the error "DNS_PROBE_FINISHED_NXDOMAIN" in the browser once a website is (temporarily) down and also some minutes later when the website is eventually up again?
Since DNS_PROBE_FINISHED_NXDOMAIN is a browser-generated message, it is not even clear if this is related to Pi-hole. It may be your browser trying to contact an alternative DNS server.
When this happens next, try to do force a manual domain lookup for the domain involved through Pi-hole by running the following command on that client:
nslookup yourdomain.here pi.hole
Replace with your domain as required, e.g. if you'd fail to access https:/www.heise.de/newsticker, the command should look like:
Sorry, maybe this was not clear from my side:
My DNS server will never turn off! But the other devices could go off. Like a Pi with Kodi or another Pi with MoodeAudio. So, when my boy's Pi is off and he tries to access it via browser, he gets this error... Then he turns on the device and... he still gets the annoying error That's the problem.
If I turn off Pi-hole it works as expected. A normal DNS server is probalby not caching that aggressive or at all?
Even if the device is online, it cannot be found. Probably I do something wrong? See
My current solution/workaround:
Since two days I have a "workaround" that is working well (so far): using "Local DNS Records".
To each domain-name I added the dedicated IP. This means probably: It always uses the IP instead of trying to resolve the DNS by itself, which could lead to the error. Downside (minimal): I need to add all devices manually.
Your nslookup shows that your Pi-hole does not know htpc.
You'd have to either define the respective Local DNS Records yourself (like you already did in the meantime), or you have to point your Pi-hole to a DNS server that does know about those hostnames.
The latter can be achieved by enabling Pi-hole's Conditional Forwarding or by configuring Pi-hole to use your router as its only upstream DNS server.
In both cases, make sure your router is not using Pi-hole as its upstream DNS server, as that would close a DNS loop.
As a side note, use nslookup or dig when trying to troubleshoot DNS issues. Other tools are less useful, as they may acquire hostnames through other means than just DNS (as ping does) or they are opaque as to what DNS server they actually use (like browsers).
Oh, actually I thought I need to use the Pi-hole as DNS server within my fritz.box - this makes sense to me to catch all internet-dns-requests and it was recommended in all manuals.
What I did within my fritz.box (configuration):
Fritz.box uses the Pi-hole as "Internet DNS server".
Fritz.box uses itself as "local DNS server"
Haven't used DNS Rebind protection so far.
Maybe I should add the Pi-hole address to 2 and 3 also?
As your router is a FritzBox, you can configure it to distribute Pi-hole as local DNS server, instead of defining Pi-hole as only upstream DNS server for your FB.
That way, your DHCP clients would talk directly to Pi-hole instead of your FB for DNS, and you'd also be able to identify individual clients in Pi-hole's Query Log.
You'd still have to take care of correct local resolution as described before.
Thanks for your very helpful post again! I guess my original issue is fixed.
Now it just left me with a small issue (side-effect):
Yes, I use Pi Hole as local DNS server now also and via Conditional Forwarding it is getting the names from the fritz.box. However, the resolution includes always the fritz.box-suffix.
For example: KodiPi.fritz.box (in my client section within PiHole).
Do I still need to use the Local DNS Records to "correct" the names manually? Because I don't want to access my devies via "KodiPi.fritz.box", I want to access it via "KodiPi" (without the suffix).
Is there any solution for the Conditional Forwarding that it uses exact the same names w/o fritz.box suffix?
Example how it looks like:
Interesting, I thought I tested this... It actually works, you are right.
"htpc" and "htpc.fritz.box", both works, even I did not use the "Local DNS Record" of Pi Hole. Cool Thanks @Bucking_Horn, good guy
