standard installation, not using unbound or anything fancy on the pihole system. it's on a RPI3, not in a docker container.
Gateway/Router is a Ubiquiti UDM Pro, firmware is up-to-date.
Just updated pihole to the latest available and it updated some gravity lists.
Recently started getting a LOT of errors like this;
Connection error (4.2.2.1#53): TCP connection failed while connecting to upstream (Network unreachable)
For each of the listed upstream DNS servers. I've tried all of the upstream options available and it happens regardless of selection.
It presents as glitchy, but hasn't completely brought my network to it's knees.
Debug Token:
https://tricorder.pi-hole.net/VpLhO59g/
Appreciate some suggestions for troubleshooting, but I feel like I've done everything but replace the RPI/SD card with a fresh install.
You debug log would suggest that regardless of upstreams, your message is always TCP connection failed (…) Network unreachable.
If an upstream DNS server truncates its reply because it gets too big to fit in a UDP package, Pi-hole would resubmit the query via TCP, which seems to always fail with Network unreachable in your case.
While successful DNS requests from your debug log demonstrate that outbound port 53/UDP is open, those messages would indicate that something is blocking outbound port 53/TCP in your network, e.g. your router or a dedicated firewall device.
I'll double-check, but I don't think I'm block outbound TCP/53 on purpose. I don't recall having this issue before, so is this something relatively new for PiHole?
The TCP fallback behaviour has always been part of previous versions of pihole-FTL, but they did not log detailed TCP connection failures.
This has been added with Pi-hole v6.
1 Like
Thank you for that clarification.
What worked for me was creating an outbound firewall rule to allow port 53 over TCP.