Hi, after a recent update of pi-hole in which the app recommended me to deactivate some feature or server call it lighttpd or something like that, sometimes happen that when I turn on the VPN app I'm unable to browse the web and some apps stop to connect to the internet and when I check the Pi-Hole web interface there is an error: No valid NTP replies received, check server and network connectivity.
Searching the internet I saw that NTP is related to keep the system time synced and the problem with the VPN is like if it kind of stop to resolve DNS queries, a weird thing is that it is suppose the VPN use its own DNS resolver. I'm not sure if the problem with the VPN is actually related to Pi-Hole but all this unwanted behaviour started just after this update mentioned above. I never got this VPN problem/Pi-Hole error before the update.
Any idea why is Pi-Hole showing this error and if it can be causing the VPN to not to work properly? thanks in advance!
Can you provide more details about the VPN setup? Is it running on your router so that when it's turned on, every device on your home network is using it? Or is it just an app on your computer that you can turn on and off?
Hi Chris, the VPN it's just an app in the computer, yesterday I was using another VPN and it worked fine and the NTP message in the Pi-Hole keep on showing up. So now I think the problem with the VPN is not related with Pi-Hole, the NTP message still appear from time to time specially if I use any VPN but the connection sometimes keep on working fine and sometimes fail. Why could Pi-Hole be showing this message? The time and date is ok in the computer and this NTP message only started to appear after the Pi-Hole update I commented in the first post. Greetings.
Well, today I tried to use the "problematic" VPN again and tried to see what's the problem, the VPN doesn't work still, and after about 30 minutes or more and until now Pi-Hole didn't show up any warning or error message and seems to work normally, the only thing I don't understand is that while the VPN is active there is no internet connection and when I try some commands on the CLI I got this:
~$ host debian.org
;; communications error to 127.0.0.1#53: timed out
;; communications error to 127.0.0.1#53: timed out
;; no servers could be reached
~$ ping www.eff.org
ping: www.eff.org: Temporary failure in name resolution
Any clue on what can be happening in this case? Do you think it is a Pi-Hole problem or can this be related to any other thing? thanks in advance..! Greetings.
So this is not my area of expertise so I'm only tossing out a thought. Is your Piholes DNS set to permit queries from all origins? This would be under Expert DNS Settings > Interface Settings ( Potentially Dangerous Setting ).
Ok, according to the explanation of the option, it should be safe to do this since this is my desktop located at home behind a router with no 53 port opened and ufw showing no ports opened:
~$ sudo ufw status
[sudo] password..:
Status: active
But the only complain I can have is why need I to do this change now after more than a year using Pi-Hole and this same VPN without any problem like this? I would want to get at least a clue about this to feel I'm doing the right thing from a logic perspective. =)
That's unbound returning SERVFAIL, not Pi-hole.
Presumably, while you were connected to your VPN?
Commonly, VPN client software intended to connect you to the services of a VPN provider forcefully redirects all DNS traffic, in an attempt to prevent DNS leakages.
That would prevent unbound from talking to authoritative DNS servers directly, and consequently, DNSSEC validation would fail, i.e. you cannot use a recursive DNS server with a VPN service.
V6 was a total rewrite so take that into consideration. Again, if it doesn't work then change it back. Also note what @Bucking_Horn mentions. I'm just tossing a suggestion. He is going to be far better at lending a hand.
Hey Bucking, thanks for the response. So this take me to the point of my last post: Why is this happening now if everything has been working ok until a few days? This is happening only with this specific VPN and everything keeps going on ok with the other (free) VPN service I use to use. This tell me that most likely the problem is related to the VPN but, you know, can be frustrating to not get the reason of a problem like this. Since many users of this space have a lot of expertise on many different computing areas maybe you or someone else can confirm if this is kind of 95% chance of a VPN problem. Thanks a lot! Greetings.
Hey Curious, ok, anyway I don't use IPv6 and it is also disabled in my system and not active in the Unbound configuration as well, so if I can't ensure this is a VPN problem I will try this option and let you know the results. Thanks a lot my friend. There had been different connection problems with this (free) VPN service in the past and they disappear by themself with no actions from my part. This time I was experiencing an unexpected Pi-Hole behavior at the same time but now I I'm thinking it is only coincidental.
Oh, sorry, bro now I see you're talking about Pi-Hole V6.. Ok, however, it doesn't change to much my point so, again, I will try your recommendation latter. Thanks.
There are many topics about Pi-Hole showing this NTP message in this forum recently. This make me think it is related to some recent update. I suspect it will be fixed with another new update at any time.
uk.pool.ntp.org and the basic pool.ntp.org dont work for me however time.google.com has worked fine.
the error at least for me is via the pool.ntp.org servers as as soon as i put one of those back in i start getting the error messages again at least 2 times a day. I have not tested any other ntp providers.
been running google's for almost a week with no issues at all (have the pi set to uk time via the raspi-config
if it matters im running pihole v6 on a pi 4b via usb drive as i have found it much more reliable then running it via a sd card