When Microsoft Edge is used to open this browser.sentry-cdn.com URL, I should get a query log entry inside Pi-hole.
Microsoft Edge
Version 103.0.1264.62 (Official build) (64-bit)
Windows 10 Pro 21H2
OS build 19044.1826
Actual Behaviour:
When I am opening browser.sentry-cdn.com in Microsoft Edge browser, I do not get any query log entry. Meanwhile, I get query log entries for base domain or sub domains like -
C:\Users\test>nslookup pi.hole
Server: UnKnown
Address: 192.168.29.22
Name: pi.hole
Address: 192.168.18.1
C:\Users\test>nslookup browser.sentry-cdn.com
Server: UnKnown
Address: 192.168.29.22
Name: browser.sentry-cdn.com
Addresses: ::
0.0.0.0
C:\Users\test>dig browser.sentry-cdn.com
; <<>> DiG 9.16.24 <<>> browser.sentry-cdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61333
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;browser.sentry-cdn.com. IN A
;; ANSWER SECTION:
browser.sentry-cdn.com. 2 IN A 0.0.0.0
;; Query time: 46 msec
;; SERVER: 192.168.29.22#53(192.168.29.22)
;; WHEN: Sun Jul 17 21:11:02 India Standard Time 2022
;; MSG SIZE rcvd: 67
So, when using nslookup or dig, I do get proper query log entry and works as expected, since this URL is blacklisted as (\.|^)sentry-cdn\.com$. Also, Secure DNS in Microsoft Edge is turned off.
I don't use Windows regularly, and never use Edge, so I can't help much with how Edge works. A visit to the Microsoft or Edge forums may be your best bet.
Do you see the same behavior from a different browser on that client, or with different clients?
I tested Firefox on Windows (same client), Brave on Android (different client) and they behave expectedly i.e. requests go through Pi-Hole, including the mentioned domain. Maybe Edge maintains some different DNS cache, not sure.
Thank you, will update here if I found anything related to it.
All these services were & are turned off in my Edge browser and wasn't affected by it. I was suspicious that Edge might be treating few domains specially and not honoring DNS settings, but it wasn't the case, turns out it was caused by multiple intermediaries services and their DNS caches.
Future PiHole users if you face similar issue, you may take guidance from below -
1. PiHole Installation Host
Make sure to restart the DNS resolver or complete host itself. Though, newly added Regex blacklist was blocking as expected but changing it from on-to-off-to-on wasn't blocking until I deleted this rule and re-added it, @-pihole-community may comment on this. Mistake #1: My misunderstanding was that ignore_localhost just hides all local resolves from web interface, but it also skips DNS resolution from PiHole, thus local dig command at this host was resolving this domain irrespective of blocking status.
2. PiHole Client
Make sure to restart the DNS resolver or complete client itself. My local home rPi connects to remote PiHole host via Wireguard, then uses Dnsmasq to create a local only DNS server for local network clients which maintains its own cache.
3. ISP Router-Gateway
Make sure to restart the complete Router-Gateway. Though you might have mentioned to use custom DNS addresses for all your DHCP clients but one of my CCTV windows app ignore these DNS settings instead uses the Gateway address as a DNS resolver/server.
4. Windows Client
Make sure to clear Windows DNS cache by executing ipconfig /flushdns in Windows Command Prompt (cmd). NOTE: May not be very much relevant for web-browsers.
5. Edge/Other Browser (Mistake #2)
Make sure to clear DNS cache of browser by visiting edge://net-internals/#dns and Flush socket pools on edge://net-internals/#sockets or just use Private/Incognito windows but making sure all Private/Incognito windows were closed before opening a new window. Also, make sure to turn off Secure DNS to a different service provider like OpenDNS, Cloudfare, etc