New Install, Final Hurdles?

Hi,

Complete novice, googling my way through this. Managed to get pi-hole installed OK and the web interface is working however it says that DNS Service not running. If you hit Enable then it starts and appears to stay started, but after a while reverts.

I've set a static IP and configured to suit in my router, mapping one device to use this DNS server - that device cant resolve any sites and no queries have come through to pi-hole server yet

IPV6 is not configured, which is why you will see the IP mismatch in the logs... the more interesting entry and i think the crux of the problem is the diagnosing name resolution over IPv4 - this fails for localhost and pi-hole

Thanks,
SiL

Debug Token:

4hekbaofo6

You have dnsmasq running on two different ports; was that intended?

What does systemctl status dnsmasq return?

There was a problem getting it started, port 53 was already in use and some suggestions online said to uninstall dnsmasq-base then reinstall dnsmasq and network manager, others suggested changing the port in the config so i changed to 5353, didn't realise it was still running on another though?!

root@dnssink:~# systemctl status dnsmasq
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2018-05-27 13:58:00 BST; 23min ago
Process: 23600 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS)
Process: 23619 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
Process: 23609 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
Process: 23608 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 23618 (dnsmasq)
Tasks: 1 (limit: 2291)
CGroup: /system.slice/dnsmasq.service
└─23618 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --loca

May 27 13:58:00 dnssink systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
May 27 13:58:00 dnssink dnsmasq[23608]: dnsmasq: syntax check OK.
May 27 13:58:00 dnssink systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.

I tried reverting my change to the port in etc/dnsmasq.conf and when running pihole -r it hangs at 'Starting dnsmasq service' again

Debug with reverted change - 2l12necmut

sudo lsof -i

With port 53 configured (eg my change reverted?)

root@dnssink:~# sudo lsof -i
COMMAND     PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
cupsd       705            root    6u  IPv6  22213      0t0  TCP ip6-localhost:ipp (LISTEN)
cupsd       705            root    7u  IPv4  22214      0t0  TCP localhost:ipp (LISTEN)
avahi-dae   710           avahi   12u  IPv4  20360      0t0  UDP *:mdns 
avahi-dae   710           avahi   13u  IPv6  20361      0t0  UDP *:mdns 
avahi-dae   710           avahi   14u  IPv4  20362      0t0  UDP *:46662 
avahi-dae   710           avahi   15u  IPv6  20363      0t0  UDP *:60819 
cups-brow   768            root    7u  IPv4  22828      0t0  UDP *:ipp 
firefox    5618            dave   94u  IPv4 346182      0t0  TCP dnssink:33926->a23-198-86-70.deploy.static.akamaitechnologies.com:https (ESTABLISHED)
firefox    5618            dave  167u  IPv4 245662      0t0  TCP dnssink:59986->167.99.26.239:https (ESTABLISHED)
systemd-r 15782 systemd-resolve   12u  IPv4 106373      0t0  UDP localhost:domain 
systemd-r 15782 systemd-resolve   13u  IPv4 106374      0t0  TCP localhost:domain (LISTEN)
dhclient  19499            root    6u  IPv4 158845      0t0  UDP *:bootpc 
lighttpd  22566        www-data    4u  IPv4 189904      0t0  TCP *:http (LISTEN)
lighttpd  22566        www-data    5u  IPv6 189905      0t0  TCP *:http (LISTEN)
lighttpd  22566        www-data    9u  IPv4 344841      0t0  TCP dnssink:http->Silmaril-Laptop:63297 (ESTABLISHED)
pihole-FT 22684          pihole    3u  IPv4 193545      0t0  TCP localhost:4711 (LISTEN)
pihole-FT 22684          pihole    4u  IPv6 193547      0t0  TCP ip6-localhost:4711 (LISTEN)

The connection from Silmaril-Laptop is just to the admin site, btw

systemd-resolve is using the port that Pi-hole needs for dnsmasq. You need to either disable that or configure your clients to use the alternative port.

Something went wrong there, i've lost internet access from the pihole, followed these instructions - dns - How to disable systemd-resolved in Ubuntu? - Ask Ubuntu

Solved that part - re-creating the network connection did the trick, though nothing looks any different to the previous one!

Annnd.... Bingo! I'm now seeing the queries come through, only from localhost though

Did you reinstall dnsmasq?

Actually, i was seeing queries when i first repaired pihole but nothing has logged since

And my mobile (test device) is showing no internet on the wifi connection

The repair was after removing systemd-resolve?

Yep, last thing i did

Try rebooting the device after making all the changes.

It's logging promptly for sites called from the pihole, but still showing no internet on my test device. Presumably this is now something related to the router configuration - do i need to set a port to the pihole IP in my DNS settings maybe?

Running on ASUS Merlin dd-wrt so rather than a network-wide configuration i've only assigned one device to use the pihole so far

Devices should use port 53 by default, so you shouldn't have to do anything. Send a screenshot of where you are setting Pi-hole as the DNS server. We also have an FAQ for different ways to set it up.

Plan to go with the hosts file approach to this, but for the moment i've got opendns working on some devices that i will change over in due course.

This is under AI Protection in asus merlin

Edit: removed image containing MAC addresses

It looks like you would want to use "Router" mode to force the DHCP clients to use Pi-hole for their DNS server. But you said you weren't going for the network-wide method, so I'm confused.

There are two places you can configure DNS on this firmware, at router level or at client level. If i were to select Router then the default config there is to go out to OpenDNS or quad8 as a failsafe, but i'm trying to separate it out. Separating might not be necessary if i get the hosts file set up properly but the limitations of OpenDNS are what led me to be device specific, the other advantage of setting it here is that i can quickly disable this remotely if the pihole were to go down

That makes sense. In terms of verifying that Pi-hole is working, can you manually set a device to use Pi-hole? After that, you know things are working so it's just a matter of configuring things in your router.

I have and it isn't, device shows as having no internet. I've tried setting the DNS server in the other configuration point too and switching to router but no change.

Is there configuration somewhere i've missed to only log/acknowledge from localhost?