No internet, can't ping gateway, but can access over ssh on other device

Dustin_Cooper · July 25, 2019, 12:57am

root@DietPi:~# ping google.com
ping: google.com: Temporary failure in name resolution
root@DietPi:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.20.1.65 icmp_seq=9 Destination Host Unreachable
From 10.20.1.65 icmp_seq=10 Destination Host Unreachable
From 10.20.1.65 icmp_seq=11 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
14 packets transmitted, 0 received, +3 errors, 100% packet loss, time 13502ms
pipe 4
root@DietPi:~# ping 10.20.1.1
PING 10.20.1.1 (10.20.1.1) 56(84) bytes of data.
From 10.20.1.65 icmp_seq=9 Destination Host Unreachable
From 10.20.1.65 icmp_seq=10 Destination Host Unreachable
From 10.20.1.65 icmp_seq=11 Destination Host Unreachable
^C
--- 10.20.1.1 ping statistics ---
12 packets transmitted, 0 received, +3 errors, 100% packet loss, time 11470ms
pipe 4
root@DietPi:~# ping -c3 10.20.1.1
PING 10.20.1.1 (10.20.1.1) 56(84) bytes of data.

--- 10.20.1.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2054ms

root@DietPi:~# ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2084ms

This is with 10.20.1.65(pi) as primary dns and 1.1.1.1 as secondary in the router. With dns relay disabled. Enabled yields same results.

I have my phone set to the pi as dns and I have network connectivity with no issues.

DanSchaper · July 25, 2019, 1:00am

Does your router have rebind protection? If that is present and enabled then it's possible that the router is dropping packets as it sees this as an attempt to hijack the network.

What is your gateway set to? What does ip -4 route show? What does ip -4 route get 10.20.1.1 show?

Dustin_Cooper · July 25, 2019, 1:12am

That's what I'm thinking, it's definitely not an option to disable that's why I thought dns relay may have something to do with it. Secondly, I wonder if since I'm on a foreign subnet to my router it's blocking 10.20 thinking it's a spoofed IP. To correct myself, I do not have connectivity from other devices either when I set pi as dns in the router. Only when I don't goes pi respond to queries.

DanSchaper · July 25, 2019, 1:16am

Once you provide the ip route commands then we can see if it's a routing issue instead.

DanSchaper · July 25, 2019, 1:37am

So you got it working, great!

Dustin_Cooper · July 25, 2019, 1:37am

That's without dns set to pi in router. Incoming.

Dustin_Cooper · July 25, 2019, 1:40am

Can you delete the screenshot btw

DanSchaper · July 25, 2019, 1:40am

Yes, they are deleted. What does the ip route commands show for each of the scenarios?

Dustin_Cooper · July 25, 2019, 1:50am

10.20.1.0/24 dev eth0 proto kernel scope link src 10.20.1.65

Dustin_Cooper · July 25, 2019, 2:11am

root@DietPi:~# ip -4 route get 10.20.1.1
10.20.1.1 dev eth0 src 10.20.1.65
cache
root@DietPi:~# ip -4 route get 8.8.8.8
8.8.8.8 via 10.20.1.1 dev eth0 src 10.20.1.65
cache

With router dns pointed to pi (no connection)

Dustin_Cooper · July 25, 2019, 2:12am

And same results for 8.8.8.8 in router dns (but pi can ping as expected)

DanSchaper · July 25, 2019, 2:35am

Everything points to this not being a Pi-hole issue and one with either the Pi device or the router. I think you may have better help with asking the DietPi community for further assistance.

Dustin_Cooper · July 25, 2019, 2:52am

I guess I can live with having to set it statically on client devices and set 1.1.1.1 in the router. Pi still answers queries this way. And dnssec is working for statically set devices.

system · August 15, 2019, 2:52am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.