No Internet Access after rebooting router using Pi-Hole and DNS-Over-HTTPS

PeskyPiHole · November 12, 2019, 10:41am

Expected Behaviour:

I expect internet access when rebooting router using Pi-Hole as DNS server and Pi-Hole running DNS-Over-HTTPS (Cloudflared)

Actual Behaviour:

When i reboot my router (Nighthawk R7000), i lose internet acces.

This only happens when i use Pi-Hole as my DNS server (changing to ISP's DNS works fine)

I can sometimes get it to work by hard rebooting my router and rebooting Pi-Hole several times and waiting 5-10 minutes, but it's not a reliable solution.

I run Cloudflared on my Pi-Hole (DNS-Over-HTTPS) using 127.0.0.1#5053 as DNS server, but recently discovered that if i change my DNS to Cloudflare (1.1.1.1 and 1.0.0.1), i get internet access immidiately.

This has worked fine for now, and i can reboot my router with no problem, but i am curious to why Cloudflared only works sometimes.

Debug Token:

https://tricorder.pi-hole.net/81ewsjo5s2

PS. i am blocking Google DNS to route hardcoded devices (read "Chromecast") to Pi-Hole.

jfb · November 12, 2019, 5:02pm

This would indicate a Cloudflared problem. I would inquire at their support site.

Is your Pi powered from the router or a separate power supply?

I recommend that you modify the iptables to allow outgoing port 53 traffic from Pi-Hole. From your debug log:

[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)

drewski · November 12, 2019, 6:40pm

There is nothing wrong with blocking 8.8.8.8 or 8.8.4.4

jfb · November 12, 2019, 6:58pm

Except that it limits the ability of the debug script to check for external connectivity, since the script uses 8.8.8.8.

drewski · November 12, 2019, 7:57pm

I thought the script pulled multiple resolvers. I now see it is indeed a problem if you are debugging. Sorry about that

PeskyPiHole · November 13, 2019, 8:51am

My Pi runs on a seperate power supply.

Would this still route DNS request from Chromecast trough Pi-Hole? And how do you do that?

jfb · November 13, 2019, 1:49pm

Yes.

This isn't a Pi-Hole feature, so I recommend that you look on a forum dedicated to IPTables and network routing.

PeskyPiHole · November 21, 2019, 2:01pm

I think i may have figured it out.

Could it be because of HTTPS certifications and wrong date and times?

When i reboot my router, the date and time is wrong (by months), and it can't connect to the NTP-server, because there is no internet access.

When i disable DNS-Over-HTTPS i get internet access immediately and the date and time is updated.

Afterwards i can enable DNS-Over-HTTPS again it works fine.

Is there a way to get the router to remember the date and time?

jfb · November 21, 2019, 2:12pm

I would check the support site and forums for your router.

Staudie · November 22, 2019, 2:57am

I'm having the same'ish problem. This has been happening after PG&E PSPS (power outage). My Edgerouter X is forcing all connections to the pi-hole. I can ping cloudflare but browsers give a DNS error. The way I've cleared it is to add Google DNS to the pihole and then remove it.

system · December 13, 2019, 2:57am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.