Please follow the below template, it will help us to help you!
Expected Behaviour:
Normal page loads.
Actual Behaviour:
When I open a web page (tried Safari and Brave) on MacOS 13.1 MAMP 6.6.4 my pages are opening VERY slowly - 30 secs or so per action. There is a progress bar that moves to about 25% then a long pause before the page loads.
I use PiHole as an ad blocker and for DNS resolution on xxx.xxx.xxx10 - If MAMP uses that, then we get the behavior - 30 sec page loads. I installed MAMP on my notebook and noted that it performs as expected. The only obvious difference was that notebook DNS was using the IP of the router. When I change my desktop to NOT use the Pi-Hole, then I get the expected behavior.
Your debug log shows your router to distribute 192.168.1.254 as local DNS server:
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 300 bytes from eno1:192.168.7.1
Offered IP address: 192.168.7.199
DHCP options:
router: 192.168.7.1
dns-server: 192.168.1.254
Your Pi-hole is hosted on 192.168.7.10:
*** [ DIAGNOSING ]: Network interfaces and addresses
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.7.10/24 brd 192.168.7.255 scope global noprefixroute eno1
valid_lft forever preferred_lft forever
How is Pi-hole involved in DNS resolution in your network?
Yes, that's available from your debug log as well, but it's not what I'm after.
Your router doesn't distribute Pi-hole's host 192.168.7.10, but 192.168.1.254 instead (which is also different from your router at 192.168.7.1).
Your DHCP clients thus will talk to 192.168.1.254 for DNS.
How does a client's DNS requests ever reach your Pi-hole then?
EDIT: And what is sitting at 192.168.1.254 and handling DNS instead?
Ideally Pihole would do everything, including issuing static IPs to a majority of fixed devices.
I've been nervous of a slam dunk approach as I'm not a network guru - I have the basic basics - and if I mess it up the household pain may be more than the gain!
I thought that the router was only issuing one IP to the Eero mesh network - which then runs DHCP. Problem is that setting Eero up to serve static IPs is challenging. I also like the approach of bypassing ISPs for DNS lookup.
It may be that I have to stick with the idiot's approach.
I did bug the problem with MAMP and they shrugged and blamed PiHole.
As far as I'm aware .254 plays no role in DNS. If I understood Unbound correctly, it bypasses all and goes directly to find the authoritative name server for each site if that domain is not previously known to PiHole.
And of course MAMP itself runs locally - though the web sites that are hosted may need to go "out" for updates etc. But the slow loading APPEARS to be locally served web pages that shouldn't have any external dependencies other than hitting localhost on a predefined port.
Again, I may have an incomplete understanding of any or all of these factors!
But you have your router configured to distribute this as a DNS server.
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
Timeout: 10 seconds
* Received 300 bytes from eno1:192.168.7.1
Offered IP address: 192.168.7.199
Server IP address: N/A
Relay-agent IP address: N/A
BOOTP server: (empty)
BOOTP file: (empty)
DHCP options:
Message type: DHCPOFFER (2)
server-identifier: 192.168.7.1
lease-time: 14400 ( 4h )
netmask: 255.255.255.0
router: 192.168.7.1
dns-server: 192.168.1.254
broadcast: 192.168.7.255
ntp-server: 192.168.7.1
--- end of options ---
DHCP packets received on interface lo: 0
DHCP packets received on interface eno1: 1
That is true, but unrelated to this problem. Unbound doesn't use any assignments from a DHCP server - it goes to the authoritative nameservers when you have it configured as a recursive resolver.
The mode/router issues a single IP 192.168.1.163 as the WAN IP to the Eero mesh network. The Eero in turn issues an IP to each device and designates .1.254 as the DNS server.
My understanding is that this would be used for clients on the network that were not pointed at PiHole on .10 Those pointed to .10 would "bypass" the settings for other clients and via direct lookup using Unbound.
Again, I suspect that there is something fundamental I'm missing here
DHCP clients in your network use .254 for DNS.
A client that you point to Pi-hole won't.
Since you run into difficulties with such a client:
A quick test would be to configure your Pi-hole to use .254 as its only upstream, as any knowledge that .254 has would then be provided back to Pi-hole by .254 itself.
But if .254 would not be a DNS server after all, then this would kill DNS resolution for the client (or clients) using Pi-hole.