Fairly familiar with docker but new to Pi-hole. Just set it up and wanted to test with my Windows PC so I changed the DNS settings to point to Pi-hole, but I don't get any internet connection over it.
Here's the debug log if anyone is able to take a look: https://tricorder.pi-hole.net/eRrY6vuS/
Nothing stands out other than
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
Any ideas on what could be the problem?
What do these three commands give you when you run them from a computer (not from Pi-hole itself) that would be using Pi-hole for DNS?
nslookup pi.hole
nslookup flurry.com
nslookup flurry.com 172.26.0.2
The error you highlighted is caused by your network not supporting IPv6. That's not a problem. The section above that shows that Pi-hole appears to be blocking domains correctly when using IPv4.
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] olx.pl-id823942.site is 0.0.0.0 on lo (127.0.0.1)
[✓] olx.pl-id823942.site is 0.0.0.0 on eth0 (172.26.0.2)
[✓] doubleclick.com is 142.250.81.238 via a remote, public DNS server (8.8.8.8)
There are a lot of errors from startup of the form below – not sure if this is a separate issue, the devs will advise if so.
-----head of error-pihole.log------
...
2023-07-10 20:38:07: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: file_get_contents(): read of 8192 bytes failed with errno=61 No data available in /var/www/html/admin/scripts/pi-hole/php/header_authenticated.php on line 68
2023-07-10 20:38:34: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: file_get_contents(): read of 8192 bytes failed with errno=61 No data available in /var/www/html/admin/scripts/pi-hole/php/header_authenticated.php on line 68
...
You posted your debug log on Pastebin which means anyone can see it with the link. The better way is to let it upload to the Pi-hole "tricorder" server when prompted. It gives you a debug URL which you post in here, and only selected Pi-hole people can see it, and uploaded logs auto-expire after 48 hours. It's a bit more private that way.
Thanks for the reply. I didn't realize I could do that for the log, just replaced the Pastebin URL in the first post with the tricorder link.
The output for both
nslookup pi.hole
and
nslookup flurry.com
was:
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.xx.xxx
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
And the output for nslookup flurry.com 172.26.0.2 was:
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 172.26.0.2
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
That client has been using a machine at 192.168.xx.xxx for DNS.
(That's a private range IPv4 address, so it is commonly safe to share it.)
Assuming that 192.168.xx.xxx would be the IPv4 of your machine hosting Docker (in turn hosting your Pi-hole container), that would suggest that something is blocking or intercepting DNS requests.
You should verify that the host machine's firewall allows access to Pi-hole's required ports.
Ha, ya blocked out the IP out of habit.
I was able to figure it out. When I originally installed Pi-hole, I was getting an error that port 53 was already in use. I ended up mapping 553:53 for tcp and udp to get around it which was probably what caused my problem.
I found another thread mentioned that it was most likely systemd-resolved using it, which it was. I had to change a couple quick lines /etc/systemd/resolved.conf to solve that. After that I was able to map 53:53 without any issues and now my DNS through Pi-hole works perfectly.