My Raspberry is the top advertiser


#23

OK. We wait for the “translator” :wink:
Thanks so far


#24

Is it perhaps something I’ve filled in while installing?


#25

I think it’s something to do with how your network works. But I don’t really understand the finer points of networking. I can see that they PTR queries (Or reverse-dns lookups) But I don’t know what that means.

It’s something that can be coded around on the Admin page, as your IP address shouldn’t really come up as an advertising domain! But it’s likely that it’s a situation we haven’t anticipated… Maybe.


#26

OK. I’ll wait. But if there is anything I can do concerning the config of my network I’dd like to know.


#27

@DanSchaper is probably best to help, but I wonder if it has something to do with the DNS search domains. Is there a setting for that on your router or devices? It looks like it’s trying to look up reverse records for your pi.


#28

I guess that’s the important question… what device is 192.168.1.10 and what does it do??


#29

That’s my (windows) PC. The settings are:

C:\Windows\system32>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Asus
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-17-C2-9A-9B-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9939:33a0:235:d06f%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : maandag 31 oktober 2016 09:06:20
   Lease Expires . . . . . . . . . . : zaterdag 5 november 2016 09:06:20
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 63969218
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-A6-14-44-D0-17-C2-9A-9B-CD
   DNS Servers . . . . . . . . . . . : 192.168.1.23
                                       208.67.222.222
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.lan:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

#30

I might be climbing out on a limb here…but what’s the output of this command:

reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient"

#31

I think the tl;dr of this is that it’s a reporting problem, rather than a problem with your setup.

The log parsing section of the web page is undergoing some heavy transformation right now to make the reported numbers more accurate!


#32

Sorry, I was out for a while.
Here’s the output:C:\Windows\system32>reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient"
ERROR: The system was unable to find the specified registry key or value.


#33

Did you set Pi-hole to be the DNS server on a per-client basis or via the router so it goes out to all clients?


#34

Via the router, so all clients should have the Pi-hola as dns server. The Pi-hole has a fixed ip adres.


#35

@josvliet

It’s definitely the way we are reporting. At the moment, the way we work out which requests are advertisers is to look for log lines containing /etc/pihole/gravity.list, then we take the 6th column of that line and display that as the domain that was blocked.

Ordinarily this is fine, but as an edge-case here, your PC is doing reverse lookups, too! Nothing to worry about, and if you can, it might just be something you need to put up with on your Admin page until we get a fix in place!

Hope that makes sense…


#36

It shure does. It’s functioning very well. So I won’t complain.
I will wait for an update with the fix in the future.
Thanks.


#37

Just FWIW, I experienced the same reverse DNS bug after setting up my Pi-hole yesterday. Please see attached dashboard and query screenshots detailing the culprits (192.168.0.105 being my Pi’s LAN address). If I can supply any log information to help fix the bug, please post here.



#38

It’ll just be a case of filtering them out when we parse the logs.

Psuedocode:

IF domain == piIPaddress THEN ignore ELSE add to json array to display on charts

Which is nice and simple!


#39

I used to have this same issue but it is due to my router setup.

I have set the main router WAN DNS to my pihole pi static address. Then while playing around, I think there is something wrong with it thought the blocking still works.

Then I change my setup to troubleshoot.

I leave my router WAN setting as default, and instead, setting my LAN DNS IP to my PI static ip. This has solved my PI being the top advertiser.

** I AM USING ASUS RT-AC88U**

SUMMARY: Do not set anything at WAN DNS settings, just LAN DNS


#40

Dennisfong86
Thanks for your reply.
In ny router I can’t choose for a DNS server in my WAN settings. I think I had to fill in theese DNS adresses when Setting up the router (that;s so long ago).
So I can only set if for LAN.
When I look at the router overview (see attachement), the WAN DNS is set to my providers DNS.I think that’s ok, but still I have the problem.


#41

Yea, for some reason the dns server on pi-hole takes the first result in the list and make it the reverse lookup IP. It should actually ignore any IPs in the reserved ranges 192.168, 10.0, 172. etc,

I.e a standard nslookup

>nslookup
Default Server: 0000mps.webpreview.dsl.net
Address: 192.168.1.4

>

I think most people are used to having their routers be the dns server, so it automatically resolves based on dhcp assignment… I wonder if the solution is this:

Set router WAN --> Your ISP or Opendns
Set router LAN assignment --> Your pi-hole ip
Set Pi-Hole DNS --> router
PCs get set to Pi-hole from router DHCP assignment.

EDIT: Nevermind, that didn’t do anything… Obviously the PI intercepts the request first and doesn’t pass it to the router for assignment. I wonder if making the router talk to the PI on the WAN port and making the clients talk to the router first would be the trick


#42

I just RTFM’d