Please follow the below template, it will help us to help you!
Expected Behaviour:
I've setup Pi-hole on my RPi 1. Able to connect to the internet when using Pi-hole.
Actual Behaviour:
Admin interface works just fine. When I change my DNS server on one of my laptops, it appears to connect to the internet as expected though I'm not 100% sure how to check that it is using the Pi-hole. Though I think it is because it shows up in the Network overview on the admin interface. However, when I set the DNS server on my router to point to the Pi-hole, none of the devices on my network can connect to the internet. Including the laptop that works fine when on its own.
The conclusion was that this specific model does intercept some of its network's DNS traffic and blocks or redirects it, with little means to change that.
Please have a read of post #13 that summarises and explains most of the steps involved in finding that out.
Feel free to return here should you need further advice on putting these steps into action to verify if your Netgear model exposes similar behaviour.
You would need to run a series of nslookup commands as detailed in the post I linked and check your results against the expected outcome (likewise detailed in that post).
You'd have to run these commands on different machines to evaluate if your LAN and/or WiFi network is affected. An Ethernet connected client and a WiFi client will do.
Ok, so I'm not sure that the testing I've been able to do so far is going to be useful. My LAN testing is using my Pi-hole/RPi as it is the only ethernet connectable device I have access to.
Using my Wifi connected Windows laptop (note that I had to change my router DNS from the Pi-hole address to Cloudflare otherwise there was no connection):
Your LAN connection looks OK, no DNS blocking or redirection there.
Your WiFi connection does not redirect public DNS (as demonstrated by the blocked flurry.com via 80.241.218.68), so that's good as well.
We can't be sure about local DNS requests yet, as you had to switch DNS settings in your router.
You'd have to try to force an nslookup through your Pi-hole's address:
nslookup flurry.com <your.pi-hole.ip.here>
That should return 0.0.0.0.
If it does, your router wouldn't block or redirect local DNS requests either, and we'd have to look at possible issues with your configuration.
In that case, you should provide a debug token as generated by
Your debug log shows your Pi-hole has been successfully introduced into your network, with full IPv4 connectivty. It is also positively receiving, blocking and forwarding DNS queries.
Also, you did not enable Conditional Forwarding, which may have created a DNS loop if you had configured your router as its upstream DNS server.at the same time.
As far as Pi-hole is concerned, there is no obvious reason why DNS resolution should not work.
Since we've confirmed that other clients (i.e your Windows laptop) can request DNS resolution through Pi-hole, it is neither an issue with a firewall on the Pi-hole machine blocking access to DNS ports.
How did you configure your router to make use of Pi-hole?
a) use Pi-hole as its upstream DNS server (commonly a WAN / Internet setting)
b) distribute Pi-hole as local DNS server to your DHCP clients (commonly a LAN setting)
c) both
You can introduce Pi-hole into your network in this indirect way.
However, Pi-hole would not be able to attribute DNS statistics to individiual client IP addresses this way, since it sees all DNS requests as originating from your router.
If your router supports it, you can have individual client statistics if you'd distribute Pi-hole via your router's DHCP server. This would also be the preferred way.
Can you check whether your router supports distributing local DNS servers via DHCP?
No really update yet other than to say that I'm not sure my router is capable of distributing local DNS via DHCP. I found a support thread that seems to discuss a similar issue. However, the last entry on that thread seems to suggest exactly what we are trying to do...
What we can do is provide you a workaround to try. There is no further support if the workaround is not successful in your network.
1. Configure only the "primary DNS" to the internal DNS server, remove external DNS server.
2. Configure internal DNS to query external DNS server if the domain name doesnโt exist.
By doing this, the primary (internal) DNS server will finish all the query actions.
While you are researching your router's capabilities, you could also check whether you can disable your router's DHCP server. As a backup solution, Pi-hole could then take over that role and handle DHCP as well as DNS for your network.
Ok, so I just did that. I disabled DHCP on my router and enabled it on the Pi-hole. It appears now that my wired devices are running through the Pi-hole, but my wifi devices are not, according to the Pi-hole's Network page. Do I also point the DNS server setting on my router at the IP address of my Pi-hole or is that bypassed somehow by using the Pi-hole for DHCP?
DCHP clients are renewing their lease information (containing local DNS server settings, among others) only when their existing lease is due to expire (which may be an hour, a day, a week or whatever your router configures it to be).
To force DHCP lease renewal, you may simply disconnect devices from network access shortly and then reconnnect them.
So the Pi-hole appears to be working now that I am using it as the DHCP server. Not really clear yet why setting the DNS server address in my router's settings disabled the internet connection for all of my devices, but thanks to @Bucking_Horn, I at least have the Pi-hole working.
