No DNS resolution after apt-get upgrade (openhabian)

ping · September 5, 2018, 5:58pm

Expected Behaviour:

working DNS resolution on pi-hole:

ping -c 4 www.google.com
PING www.google.com(fra16s12-in-x04.1e100.net (2a00:1450:4001:818::2004)) 56 data bytes
64 bytes from fra16s12-in-x04.1e100.net (2a00:1450:4001:818::2004): icmp_seq=1 ttl=57 time=17.2 ms
...

Actual Behaviour:

no internet access from pi-hole

ping -c 4 www.google.com
ping: www.google.com: Temporary failure in name resolution

Debug Token:

0mu1n5r7w4

Dear community,

I am using pi-hole on a Raspberry Pi 2. It is running an openhabian linux distribution, based on Raspbian 9 (stretch) for smart home automation. Everything was working fine until my last apt-get upgrade command which broke DNS resolution. All clients in the network can access websites but without ad filtering.

According to /var/log/apt/history.log.1.gz the package openresolv was removed and replaced by resolvconf during the upgrade.

I also attached the content of history.log.1.gz here:

Start-Date: 2018-08-08  10:34:53
Commandline: apt-get -o APT::Status-Fd=4 -o APT::Keep-Fds::=5 -o APT::Keep-Fds::=6 --yes --no-install-recommends install resolvconf
Requested-By: openhabian (1000)
Install: resolvconf:armhf (1.79)
Remove: openresolv:armhf (3.8.0-1)
End-Date: 2018-08-08  10:35:15
Start-Date: 2018-08-08  10:53:11
Commandline: apt-get upgrade
Requested-By: openhabian (1000)
Upgrade: perl-base:armhf (5.24.1-3+deb9u3, 5.24.1-3+deb9u4), libc-ares2:armhf (1.12.0-1+deb9u1, 1.14.0-1~bpo9+1), libraspberrypi-bin:armhf (1.20180417-1, 1.20180703-1), libcups2:armhf (2.2.1-8, 2.2.1-8+deb9u2), libraspberrypi-dev:armhf (1.20180417-1, 1.20180703-1), libraspberrypi-doc:armhf (1.20180417-1, 1.20180703-1), php7.0-cgi:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), php7.0-cli:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), gnupg-agent:armhf (2.1.18-8~deb9u1, 2.1.18-8~deb9u2), git-man:armhf (1:2.11.0-3+deb9u2, 1:2.11.0-3+deb9u3), libsystemd0:armhf (232-25+deb9u2, 232-25+deb9u4), pi-bluetooth:armhf (0.1.7, 0.1.8), php7.0-opcache:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), perl-modules-5.24:armhf (5.24.1-3+deb9u3, 5.24.1-3+deb9u4), php7.0-common:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), git:armhf (1:2.11.0-3+deb9u2, 1:2.11.0-3+deb9u3), udev:armhf (232-25+deb9u2, 232-25+deb9u4), php7.0-sqlite3:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), libmagic1:armhf (1:5.30-1+deb9u1, 1:5.30-1+deb9u2), libudev1:armhf (232-25+deb9u2, 232-25+deb9u4), raspberrypi-kernel:armhf (1.20180417-1, 1.20180703-1), dirmngr:armhf (2.1.18-8~deb9u1, 2.1.18-8~deb9u2), libperl5.24:armhf (5.24.1-3+deb9u3, 5.24.1-3+deb9u4), raspberrypi-bootloader:armhf (1.20180417-1, 1.20180703-1), dpkg:armhf (1.18.24, 1.18.25), libuv1:armhf (1.9.1-3, 1.18.0-3~bpo9+1), php7.0-json:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), libmagic-mgc:armhf (1:5.30-1+deb9u1, 1:5.30-1+deb9u2), php7.0-readline:armhf (7.0.27-0+deb9u1, 7.0.30-0+deb9u1), bluez-firmware:armhf (1.2-3+rpt5, 1.2-3+rpt6), systemd-sysv:armhf (232-25+deb9u2, 232-25+deb9u4), libgcrypt20:armhf (1.7.6-2+deb9u2, 1.7.6-2+deb9u3), gpgv:armhf (2.1.18-8~deb9u1, 2.1.18-8~deb9u2), libpam-systemd:armhf (232-25+deb9u2, 232-25+deb9u4), shared-mime-info:armhf (1.8-1, 1.8-1+deb9u1), systemd:armhf (232-25+deb9u2, 232-25+deb9u4), libraspberrypi0:armhf (1.20180417-1, 1.20180703-1), file:armhf (1:5.30-1+deb9u1, 1:5.30-1+deb9u2), openhab2:armhf (2.2.0-1, 2.3.0-1), ca-certificates:armhf (20161130+nmu1, 20161130+nmu1+deb9u1), perl:armhf (5.24.1-3+deb9u3, 5.24.1-3+deb9u4), libhomegear-node:armhf (0.1.6-22, 0.1.7-25), gnupg:armhf (2.1.18-8~deb9u1, 2.1.18-8~deb9u2), libipc-run-perl:armhf (0.94-1, 0.94-1+deb9u1), libdpkg-perl:armhf (1.18.24, 1.18.25), patch:armhf (2.7.5-1, 2.7.5-1+deb9u1), dpkg-dev:armhf (1.18.24, 1.18.25), tzdata:armhf (2018c-0+deb9u1, 2018e-0+deb9u1)
End-Date: 2018-08-08  11:04:09

Could this be the cause for the broken DNS resolution? What would you recommend me to get pi-hole working again?

Thank you very much for all ideas

Kind regards,
ping

jfb · September 5, 2018, 9:54pm

Your debug log shows that your Pi-Hole is using your router as DNS server. It can resolve IP addresses when using a designated third party (i.e. Google), but when pointed to it's default DNS server it cannot resolve anything. A similar situation exists for IPV6.

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] na53.visual.force.com is via localhost (127.0.0.1)
[✓] na53.visual.force.com is via Pi-hole (192.168.2.3)
[✓] doubleclick.com is 216.58.207.174 via a remote, public DNS server (8.8.8.8)

What is the router using as DNS? If the router is using a third party, are your clients manually mapped to Pi-Hole DNS?

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=192.168.2.3/24
    ...
    PIHOLE_DNS_1=192.168.2.1#53

What are the outputs of the following commands run from the Pi-Hole host terminal?

cat /etc/resolv.conf

ping · September 7, 2018, 8:40am

Hi jfb,

the router is using 217.0.43.65 as primary and 217.0.43.81 as secondary DNS server. These are given by my provider and cannot be changed.
I am using an old switch with OpenWrt as DHCP server. There I configured pi-hole to be advertised as DNS server(192.168.2.3). So all clients are configured to use pi-hole which worked perfectly before the upgrade.

The output of cat /etc/resolv.conf is

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.2.1

BUT, this was changed by me "quick and dirty" to be able to upload the debug log. I did the following steps:

sudo systemctl stop resolvconf     # otherwise my changes would be overwritten immediately
vim /etc/resolf.conf: Enter nameserver 192.168.2.1 (router)
sudo systemctl restart networking

To show you the "original state", I rebooted pi-hole to revert my changes and then cat /etc/resolv.conf says

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1

And for completeness I also created a new debug log, which I unfortunately have to paste here as pi-hole cannot upload it:

This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations.  This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected.  Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2018-09-07:09:15:53 debug log has been initialized.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gddbdb51

*** [ DIAGNOSING ]: Web version
[i] Web: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gaf8c926c

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)

*** [ DIAGNOSING ]: dnsmasq version
[i] 340:

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45

*** [ DIAGNOSING ]: php version
[i] 7.0.30

*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 9 (stretch)

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
[✓] armv7l

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
   192.168.2.3/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
   2003:e1:5713:c843:98bc:9e7f:10fa:2c03 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
   fd4b:d998:8418:1:6d2:a6ec:3412:f27b matches the IP found in /etc/pihole/setupVars.conf
   fe80::ff40:ef0b:609d:f92e does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)

   ^ Please note that you may have more than one IP address listed.
   As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.2.1
   * Pinging 192.168.2.1...
[✓] Gateway responded.
[i] Default IPv6 gateway: fe80::1
   * Pinging fe80::1...
[✓] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
*:1883 mosquitto (IPv4)
*:1883 mosquitto (IPv6)
127.0.0.1:44727 java (IPv6)
*:5007 java (IPv6)
127.0.0.1:8101 java (IPv6)
*:8443 java (IPv6)
*:8080 java (IPv6)
*:9126 java (IPv6)
*:9001 node (IPv4)
*:22 sshd (IPv4)
*:22 sshd (IPv6)
*:80 lighttpd (IPv4)
*:80 lighttpd (IPv6)
*:2001 homegear (IPv6)
*:2002 homegear (IPv6)
*:2003 homegear (IPv6)
*:53 pihole-FTL (IPv4)
*:53 pihole-FTL (IPv6)
127.0.0.1:4711 pihole-FTL (IPv4)
[::1]:4711 pihole-FTL (IPv6)
*:445 smbd (IPv6)
*:139 smbd (IPv6)
*:445 smbd (IPv4)
*:139 smbd (IPv4)

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] ad.doubleclick.net.16011.9088.302br.net is  via localhost (127.0.0.1)
[✓] ad.doubleclick.net.16011.9088.302br.net is  via Pi-hole (192.168.2.3)
[✓] doubleclick.com is 216.58.207.174 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] bsads.looksmart.com is  via localhost (::1)
[✓] bsads.looksmart.com is  via Pi-hole (fd4b:d998:8418:1:6d2:a6ec:3412:f27b)
[✓] doubleclick.com is 2a00:1450:4016:80b::200e via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is inactive
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=192.168.2.3/24
    IPV6_ADDRESS=fd4b:d998:8418:1:6d2:a6ec:3412:f27b
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true
    DNSMASQ_LISTENING=single
    PIHOLE_DNS_1=192.168.2.1#53
    DNS_FQDN_REQUIRED=false
    DNS_BOGUS_PRIV=false
    DNSSEC=false
    CONDITIONAL_FORWARDING=false

*** [ DIAGNOSING ]: Dashboard and block page
[✓] Block page X-Header: X-Pi-hole: A black hole for Internet advertisements.
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3050804 Sep  2 21:38 /etc/pihole/gravity.list
   -----head of gravity.list------
   0.0.0.0
   0.r.msn.com
   0.start.bz
   000.0x1f4b0.com

   -----tail of gravity.list------
   zzz.clickbank.net
   zzzezeroe.fr
   zzzpooeaz-france.com
   zzzrtrcm2.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 root root 381 Aug 29 09:52 /etc/pihole/adlists.list
   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
   https://mirror1.malwaredomains.com/files/justdomains
   http://sysctl.org/cameleon/hosts
   https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
   https://hosts-file.net/ad_servers.txt

-rw-r--r-- 1 root root 0 Jul 28 09:51 /etc/pihole/blacklist.txt

-rw-r--r-- 1 root root 124 Sep  2 21:38 /etc/pihole/local.list
   192.168.2.3 raspi
   fd4b:d998:8418:1:6d2:a6ec:3412:f27b raspi
   192.168.2.3 pi.hole
   fd4b:d998:8418:1:6d2:a6ec:3412:f27b pi.hole

-rw-r--r-- 1 root root 234 Aug  8 11:15 /etc/pihole/logrotate
   /var/log/pihole.log {
   	su root root
   	daily
   	copytruncate
   	rotate 5
   	compress
   	delaycompress
   	notifempty
   	nomail
   }
   /var/log/pihole-FTL.log {
   	su root root
   	weekly
   	copytruncate
   	rotate 3
   	compress
   	delaycompress
   	notifempty
   	nomail
   }

-rw-r--r-- 1 root root 0 Jun 16 18:39 /etc/pihole/whitelist.txt

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1500 Aug 31 14:10 /etc/dnsmasq.d/01-pihole.conf
   addn-hosts=/etc/pihole/gravity.list
   addn-hosts=/etc/pihole/black.list
   addn-hosts=/etc/pihole/local.list
   localise-queries
   no-resolv
   cache-size=10000
   log-queries=extra
   log-facility=/var/log/pihole.log
   local-ttl=2
   log-async
   server=192.168.2.1
   interface=eth0

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3027 Aug  8 11:15 /etc/lighttpd/lighttpd.conf
   server.modules = (
   	"mod_access",
   	"mod_accesslog",
   	"mod_auth",
   	"mod_expire",
   	"mod_compress",
   	"mod_redirect",
   	"mod_setenv",
   	"mod_rewrite"
   )
   server.document-root        = "/var/www/html"
   server.error-handler-404    = "pihole/index.php"
   server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
   server.errorlog             = "/var/log/lighttpd/error.log"
   server.pid-file             = "/var/run/lighttpd.pid"
   server.username             = "www-data"
   server.groupname            = "www-data"
   server.port                 = 80
   accesslog.filename          = "/var/log/lighttpd/access.log"
   accesslog.format            = "%{%s}t|%V|%r|%s|%b"
   index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
   url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
   static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
   compress.cache-dir          = "/var/cache/lighttpd/compress/"
   compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
   include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
   include_shell "/usr/share/lighttpd/create-mime.assign.pl"
   include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"
' 2>/dev/null"
   $HTTP["url"] =~ "^/admin/" {
       
       setenv.add-response-header = (
           "X-Pi-hole" => "The Pi-hole Web interface is working!",
           "X-Frame-Options" => "DENY"
       )
       $HTTP["url"] =~ ".ttf$" {
           
           setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
       }
   }
   $HTTP["url"] =~ "^/admin/\.(.*)" {
        url.access-deny = ("")
   }
   include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1496 Aug  8 11:15 /etc/cron.d/pihole
   25 3   * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity
   00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
   @reboot root /usr/sbin/logrotate /etc/pihole/logrotate
   */10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
   37 19  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
   @reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 558 Sep  7 09:02 /var/log/lighttpd/error.log
   2018-09-03 06:25:04: (server.c.1534) logfiles cycled UID = 0 PID = 28557 
   2018-09-03 09:56:30: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-03 09:57:30: (log.c.217) server started 
   2018-09-03 17:01:04: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-03 17:02:04: (log.c.217) server started 
   2018-09-03 17:12:21: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-03 17:13:19: (log.c.217) server started 
   2018-09-07 09:01:52: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-07 09:02:52: (log.c.217) server started 

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 2987 Sep  7 09:03 /var/log/pihole-FTL.log
   -----head of pihole-FTL.log------
   [2018-09-07 09:03:00.185] ########## FTL started! ##########
   [2018-09-07 09:03:00.185] FTL branch: 
   [2018-09-07 09:03:00.185] FTL version: v4.0
   [2018-09-07 09:03:00.186] FTL commit: 8493df4
   [2018-09-07 09:03:00.186] FTL date: 2018-08-05 13:40:30 -0700
   [2018-09-07 09:03:00.186] FTL user: pihole
   [2018-09-07 09:03:00.188] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2018-09-07 09:03:00.189]    SOCKET_LISTENING: only local
   [2018-09-07 09:03:00.189]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2018-09-07 09:03:00.189]    MAXDBDAYS: max age for stored queries is 365 days
   [2018-09-07 09:03:00.189]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2018-09-07 09:03:00.190]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2018-09-07 09:03:00.190]    DBINTERVAL: saving to DB file every 3600 seconds
   [2018-09-07 09:03:00.190]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2018-09-07 09:03:00.190]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2018-09-07 09:03:00.190]    PRIVACYLEVEL: Set to 0
   [2018-09-07 09:03:00.191]    IGNORE_LOCALHOST: Show queries from localhost
   [2018-09-07 09:03:00.191]    BLOCKINGMODE: Null IPs for blocked domains
   [2018-09-07 09:03:00.191]    REGEX_DEBUGMODE: Inactive
   [2018-09-07 09:03:00.191] Finished config file parsing
   [2018-09-07 09:03:00.191] Compiled 0 Regex filters and 0 whitelisted domains in 0.4 msec (0 errors)
   [2018-09-07 09:03:00.228] Database successfully initialized
   [2018-09-07 09:03:00.251] Notice: Increasing queries struct size from 0 to 10000
   [2018-09-07 09:03:00.252] Notice: Increasing domains struct size from 0 to 1000
   [2018-09-07 09:03:00.252] Notice: Increasing clients struct size from 0 to 10
   [2018-09-07 09:03:00.252] New forward server: 192.168.2.1 (0/0)
   [2018-09-07 09:03:00.252] Notice: Increasing forwarded struct size from 0 to 4
   [2018-09-07 09:03:00.252] Notice: Increasing overTime struct size from 0 to 100
   [2018-09-07 09:03:00.309] Imported 2615 queries from the long-term database
   [2018-09-07 09:03:00.309]  -> Total DNS queries: 2615
   [2018-09-07 09:03:00.309]  -> Cached DNS queries: 444
   [2018-09-07 09:03:00.310]  -> Forwarded DNS queries: 2171
   [2018-09-07 09:03:00.310]  -> Exactly blocked DNS queries: 0
   [2018-09-07 09:03:00.310]  -> Unknown DNS queries: 0
   [2018-09-07 09:03:00.310]  -> Unique domains: 460

   -----tail of pihole-FTL.log------
   [2018-09-07 09:03:00.189]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2018-09-07 09:03:00.190]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2018-09-07 09:03:00.190]    DBINTERVAL: saving to DB file every 3600 seconds
   [2018-09-07 09:03:00.190]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2018-09-07 09:03:00.190]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2018-09-07 09:03:00.190]    PRIVACYLEVEL: Set to 0
   [2018-09-07 09:03:00.191]    IGNORE_LOCALHOST: Show queries from localhost
   [2018-09-07 09:03:00.191]    BLOCKINGMODE: Null IPs for blocked domains
   [2018-09-07 09:03:00.191]    REGEX_DEBUGMODE: Inactive
   [2018-09-07 09:03:00.191] Finished config file parsing
   [2018-09-07 09:03:00.191] Compiled 0 Regex filters and 0 whitelisted domains in 0.4 msec (0 errors)
   [2018-09-07 09:03:00.228] Database successfully initialized
   [2018-09-07 09:03:00.251] Notice: Increasing queries struct size from 0 to 10000
   [2018-09-07 09:03:00.252] Notice: Increasing domains struct size from 0 to 1000
   [2018-09-07 09:03:00.252] Notice: Increasing clients struct size from 0 to 10
   [2018-09-07 09:03:00.252] New forward server: 192.168.2.1 (0/0)
   [2018-09-07 09:03:00.252] Notice: Increasing forwarded struct size from 0 to 4
   [2018-09-07 09:03:00.252] Notice: Increasing overTime struct size from 0 to 100
   [2018-09-07 09:03:00.309] Imported 2615 queries from the long-term database
   [2018-09-07 09:03:00.309]  -> Total DNS queries: 2615
   [2018-09-07 09:03:00.309]  -> Cached DNS queries: 444
   [2018-09-07 09:03:00.310]  -> Forwarded DNS queries: 2171
   [2018-09-07 09:03:00.310]  -> Exactly blocked DNS queries: 0
   [2018-09-07 09:03:00.310]  -> Unknown DNS queries: 0
   [2018-09-07 09:03:00.310]  -> Unique domains: 460
   [2018-09-07 09:03:00.310]  -> Unique clients: 10
   [2018-09-07 09:03:00.310]  -> Known forward destinations: 1
   [2018-09-07 09:03:00.311] Successfully accessed setupVars.conf
   [2018-09-07 09:03:00.331] PID of FTL process: 1024
   [2018-09-07 09:03:00.331] Listening on port 4711 for incoming IPv4 telnet connections
   [2018-09-07 09:03:00.332] Listening on port 4711 for incoming IPv6 telnet connections
   [2018-09-07 09:03:00.333] Listening on Unix socket
   [2018-09-07 09:03:00.348] Compiled 0 Regex filters and 0 whitelisted domains in 0.2 msec (0 errors)
   [2018-09-07 09:03:19.340] Notice: Increasing clients struct size from 10 to 20
   [2018-09-07 09:03:19.341] Notice: Increasing overTime struct size from 100 to 200

*** [ DIAGNOSING ]: Locale
    LANG=en_US.UTF-8

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 0 Sep  7 09:02 /var/log/pihole.log
   -----head of pihole.log------

Kind regards,
ping

allanburleson · September 26, 2018, 2:14am

I just upgraded my Pi and I'm having the same problem.

deHakkelaar · September 26, 2018, 5:12pm

Whats output for below ones on a Linux, Windows or Mac client PC ?

nslookup -type=txt -class=chaos version.bind 192.168.2.3

nslookup -type=txt -class=chaos version.bind fd4b:d998:8418:1:6d2:a6ec:3412:f27b

And for below one on Pi-hole ?

sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471'

ping · October 1, 2018, 2:24pm

nslookup -type=txt -class=chaos version.bind 192.168.2.3
executed on my linux client gives me the message
nslookup: parse of /etc/resolv.conf failed

This is the conent of /etc/resolv.conf on my linux box:

# Generated by resolvconf
domain lan
nameserver 192.168.2.3
nameserver fe80::1%enp2s0

The command nslookup -type=txt -class=chaos version.bind fd4b:d998:8418:1:6d2:a6ec:3412:f27b
gives me the same message:
nslookup: parse of /etc/resolv.conf failed

sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471' on my Pi-hole gives me:

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      631/lighttpd        
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      1109/dnsmasq        
tcp6       0      0 :::80                   :::*                    LISTEN      631/lighttpd        
tcp6       0      0 :::53                   :::*                    LISTEN      1109/dnsmasq        
udp        0      0 0.0.0.0:53              0.0.0.0:*                           1109/dnsmasq        
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1109/dnsmasq        
udp6       0      0 :::53                   :::*                                1109/dnsmasq

Tho · October 1, 2018, 6:42pm

Better not manually assign fe80::1 since this is link local. Better use fd00::1 since this should be used for local networks…

But I don't think that this will solve your error.

deHakkelaar · October 1, 2018, 7:15pm

dnsmasq is running instead of pihole-FTL.
First check if versions are at 4.0 with pihole -v:

pi@noads:~ $ pihole -v
  Pi-hole version is v4.0 (Latest: v4.0)
  AdminLTE version is v4.0 (Latest: v4.0)
  FTL version is v4.0 (Latest: v4.0)

If everything is on version 4.0, run below ones to stop and disable dnsmasq:

sudo systemctl stop dnsmasq

sudo systemctl disable dnsmasq

Reboot:

sudo reboot

And check if pihole-FTL is running now instead of dnsmasq with:

sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471'

If not running, post results for below one:

sudo systemctl status pihole-FTL -l

No idea why the nslookups on that client isn't working.
Try below one (ipv4 and ipv6) on the Linux client instead:

host -t txt -c ch version.bind <PIHOLE_IP_ADDRESS>

Or:

host pi.hole <PIHOLE_IP_ADDRESS>

Or try on another client.

deHakkelaar · October 1, 2018, 10:05pm

Ohw that last ipv6 nameserver address could be causing the nslookup parse failures.
I believe the "enp2s0" bit is when using Predictable Network Interface Names which you are not using as the interface is still named eth0.
I dont know how you've configured network for this client computer but its save to temporarily remove that last line in /etc/resolv.conf and try do the nslookup's or host commands again.

EDIT: do mind, at next reboot, these changes will be reset in resolv.conf depending on how network is configured for this client.

ping · October 2, 2018, 7:07am

pihole is up to date:

Pi-hole version is v4.0 (Latest: ERROR)
AdminLTE version is v4.0 (Latest: ERROR)
FTL version is v4.0 (Latest: ERROR)

You are right, dnsmasq was still running, although I disabled it via systemctl. A forgotten script in the background started dnsmasq again without my knowledge. I disabled the script and dnsmasq and did a reboot. Now sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471' shows the following:

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      631/lighttpd        
tcp6       0      0 :::80                   :::*                    LISTEN      631/lighttpd

So no pihole-FTL here... sudo systemctl status pihole-FTL -l shows:

● pihole-FTL.service - LSB: pihole-FTL daemon
   Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
   Active: active (exited) since Tue 2018-10-02 08:44:36 CEST; 30min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 304 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/pihole-FTL.service

Oct 02 08:44:23 raspi systemd[1]: Starting LSB: pihole-FTL daemon...
Oct 02 08:44:23 raspi pihole-FTL[304]: Not running
Oct 02 08:44:23 raspi pihole-FTL[304]: chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory
Oct 02 08:44:35 raspi su[1106]: Successful su for pihole by root
Oct 02 08:44:35 raspi su[1106]: + ??? root:pihole
Oct 02 08:44:35 raspi su[1106]: pam_unix(su:session): session opened for user pihole by (uid=0)
Oct 02 08:44:36 raspi pihole-FTL[304]: dnsmasq: cannot open or create lease file /var/lib/misc/dnsmasq.leases: Permission denied
Oct 02 08:44:36 raspi systemd[1]: Started LSB: pihole-FTL daemon.

Ohw that last ipv6 nameserver address [in /etc/resolv.conf] could be causing the nslookup parse failures.

I think you are right. I commented the last line out in /etc/resolv.conf, now I get the following results:

host -t txt -c ch version.bind 192.168.2.3
;; connection timed out; no servers could be reached

host pi.hole 192.168.2.3
;; connection timed out; no servers could be reached

Thank you very much for your time and your commitment!

EDIT: I was curious about the line

dnsmasq: cannot open or create lease file /var/lib/misc/dnsmasq.leases: Permission denied

from sudo systemctl status pihole-FTL -l so I googled some time around and I found this thread.

In /etc/init.d/pihole-FTL I changed the line

su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"

to

/usr/bin/pihole-FTL

Afterwards I did a

sudo systemctl daemon-reload
sudo systemctl restart pihole-FTL

and it worked!

Now sudo systemctl status pihole-FTL -l shows:

● pihole-FTL.service - LSB: pihole-FTL daemon
   Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
   Active: active (running) since Tue 2018-10-02 09:30:16 CEST; 52s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 5086 ExecStop=/etc/init.d/pihole-FTL stop (code=exited, status=0/SUCCESS)
  Process: 5137 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/pihole-FTL.service
           └─5225 /usr/bin/pihole-FTL

Oct 02 09:30:04 raspi systemd[1]: Starting LSB: pihole-FTL daemon...
Oct 02 09:30:04 raspi pihole-FTL[5137]: Not running
Oct 02 09:30:04 raspi pihole-FTL[5137]: chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory
Oct 02 09:30:16 raspi pihole-FTL[5137]: FTL started!
Oct 02 09:30:16 raspi systemd[1]: Started LSB: pihole-FTL daemon.

I really don't know why this change solves the problem? Maybe there is a problem with access rights? It feels a bit like a "quick and dirty" solution which could cause new problems after the next update. So maybe someone knows how I can change access rights to its proper settings?

Nevertheless I am very happy to get that far with all your help!

deHakkelaar · October 2, 2018, 4:43pm

What you did by altering /etc/init.d/pihole-FTL is that pihole-FTL is now started as user root (can access all files) instead of before when pihole-FTL was started as the "$FTLUSER" user which default is the user pihole.
Thats why pihole-FTL is now able to read that /var/lib/misc/dnsmasq.leases file which does not belong to Pi-hole with a basic install.

pi@noads:~ $ sudo grep 'root\|pihole' /etc/passwd
root:x:0:0:root:/root:/bin/bash
pihole:x:999:996::/home/pihole:/usr/sbin/nologin

Can you post results for below one to check current permissions and ownership of that file ?

stat /var/lib/misc/dnsmasq.leases

Have a read here for another solution:

Afterwards, if working, you can test blocking/resolution on a client with those host commands addressing both the ipv4 and ipv6 addresses:

xbian@avr ~ $ host -t txt -c ch version.bind 10.0.0.2
Using domain server:
Name: 10.0.0.2
Address: 10.0.0.2#53
Aliases:

version.bind descriptive text "dnsmasq-pi-hole-2.79"

xbian@avr ~ $ host pi.hole 10.0.0.2
Using domain server:
Name: 10.0.0.2
Address: 10.0.0.2#53
Aliases:

pi.hole has address 10.0.0.2

EDIT: oops ... forgot to add a naughty domain

xbian@avr ~ $ host doubleclick.com 10.0.0.2
Using domain server:
Name: 10.0.0.2
Address: 10.0.0.2#53
Aliases:

doubleclick.com has address 0.0.0.0
doubleclick.com has IPv6 address ::

system · October 23, 2018, 4:43pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.