Expected Behaviour:
DNS queries from macOS against Pi-hole succeed.
Actual Behaviour:
macOS claims that "no servers could be reached".
I set up Pi-hole on 192.168.0.2. It seems to work, I can access the admin UI (even from the Mac) and set an upstream DNS (Quad9). Yet, once I configure Pi-hole as my DNS service on the Mac - either directly or through DHCP on the router - the Mac thinks it be not accessible.
I am quite certain this is a Mac-issue and Pi-hole is not to blame but I haven't been able to get to the bottom of this yet.
❯ scutil --dns
DNS configuration
resolver #1
search domain[0] : local
nameserver[0] : 192.168.0.2
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 301000
DNS configuration (for scoped queries)
resolver #1
search domain[0] : local
nameserver[0] : 192.168.0.2
if_index : 6 (en0)
flags : Scoped, Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
❯ nslookup edition.cnn.com
;; connection timed out; no servers could be reached
❯ nmap 192.168.0.2
Starting Nmap 7.93 ( https://nmap.org ) at 2023-06-10 13:21 CEST
Nmap scan report for thesource.home.arpa (192.168.0.2)
Host is up (0.0075s latency).
Not shown: 989 closed tcp ports (conn-refused)
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
88/tcp open kerberos-sec
445/tcp open microsoft-ds
3000/tcp open ppp
5432/tcp open postgresql
5900/tcp open vnc
8000/tcp open http-alt
8087/tcp open simplifymedia
8089/tcp open unknown
9000/tcp open cslistener
❯ telnet 192.168.0.2 53
Trying 192.168.0.2...
Connected to 192.168.0.2.
Escape character is '^]'.
❯ nslookup
> server 192.168.0.2
Default server: 192.168.0.2
Address: 192.168.0.2#53
> cnn.com
;; connection timed out; no servers could be reached
> set d2
> cnn.com
addlookup()
make_empty_lookup()
looking up cnn.com
start_lookup()
setup_lookup(0x7fa912015c08)
resetting lookup counter.
cloning server list
clone_server_list()
make_server(192.168.0.2)
using root origin
recursive query
add_question()
starting to render the message
done rendering
create query 0x7fa928028008 linked to lookup 0x7fa912015c08
do_lookup()
send_udp(0x7fa928028008)
bringup_timer()
have local timeout of 5
working on lookup 0x7fa912015c08, query 0x7fa928028008
sockcount=1
recving with lookup=0x7fa912015c08, query=0x7fa928028008, sock=0x7fa92802a000
recvcount=1
sending a request
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2743
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2774
connect_timeout()
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3056
success
resending UDP request to first server
send_udp(0x7fa928028008)
bringup_timer()
have local timeout of 5
working on lookup 0x7fa912015c08, query 0x7fa928028008
sending a request
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3109
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2743
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2774
connect_timeout()
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3056
success
resending UDP request to first server
send_udp(0x7fa928028008)
bringup_timer()
have local timeout of 5
working on lookup 0x7fa912015c08, query 0x7fa928028008
sending a request
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3109
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2743
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:2774
connect_timeout()
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3056
success
;; connection timed out; no servers could be reached
cancel_lookup()
check_if_done()
list empty
check_next_lookup(0x7fa912015c08)
still have a worker
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3109
recv_done()
lock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3632
success
recvcount=0
lookup=0x7fa912015c08, query=0x7fa928028008
no longer pending. Got operation canceled
clear_query(0x7fa928028008)
sockcount=0
check_next_lookup(0x7fa912015c08)
try_clear_lookup(0x7fa912015c08)
destroy
freeing server 0x7fa912017208 belonging to 0x7fa912015c08
start_lookup()
check_if_done()
list empty
shutting down
dighost_shutdown()
unlock_lookup /AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/bind9/bind9/bin/dig/dighost.c:3660
❯ dig @192.168.0.2 +tcp cnn.com
;; communications error to 192.168.0.2#53: end of file
A similar or same issue might be the one reported here DNS über Pi-hole unter macOS scheitert regelmäßig