After configuring my second Pi-Hole on the same network, and removing the first (I had an 8GB and replaced it after looking at the traffic and usage with a 2GB RPi) I am only getting 1/4 of the traffic I had before.
Details about my system:
RPi 4b 2Gb using the 64 Bit RPi OS. I have a static IP address set aside outside the router's DHCP range. 192..168.0.5
I have a TP-Link Archer C-4000 router, version 2. There are two settings within the router for DNS an upstream for the internet, and a DNS within the WiFi network settings. The upstream is OpenDNS, the WiFi is the Pi-Hole.
What I have changed since installing Pi-hole:
The only thing that changed was the moving the Pi-Hole IP from 182 to 5. I did this, because I did not understand the process with the first one. Once I figured it out, I setup the second Pi-Hole and moved the IP. Everything else is the same in the router. But I am only capturing about 1,400 requests a day v. the first Pi-Hole which was capturing about 40,000 or so a day. Within the first three weeks of the first Pi-Hole, I had one client that had over 188,000 requests through the device. Now this client is not going through the Pi-Hole at all.
After you made the DHCP changes to provide the new IP of the Pi-hole as DNS server, did you reboot the router and renew the DHCP lease on all clients?
If you don't renew the leases (to get the new DNS assignment), the clients will hang onto the old information for the duration of the lease period. If you renew the lease, they get the new information now.
If you don't want to reboot your router, alternatively, you can set the lease time to a minimum (1 minute if possible) and after the lease time expires, the DHCP server will send out new IP information including DNS IP to DHCP clients on your network.
Yes I did reboot the router twice and I also changed the lease time from 120 to 1 minute.
I am still only seeing 9 of 26 clients on the pi-hole. I just rebooted it again, and will check it over the weekend to see if I pick up the rest of the network. I also reduced the total number of sites that were blocked by disabling the additional lists that I had added with this instance.
With all of that, here's the rub. If the setting was 120 minute release time, then all of the clients should have already picked up the Pi-Hole.
I let it run for 24 hours, I had 10 yesterday when I rebooted the router.
This time I am going to turn it off and physically remove the power supply from the router. I will let it set for a minute, then turn it back on. We will go from there.
If I cannot get it to work I am considering buying a new router and does not have embedded tools. We will see.
So I did reboot the router and reset the release times. I also flushed the network client tables in the Pi-Hole. This cleared some of the devices that have not been turned on recently that were causing some of the false positives within the table.
I am good with what I see so far, with two exceptions.
My MacBook Pro for some reason is not picking up the PiHole. I have flushed the DNS settings using terminal, and cleared what browsing data and cash settings I can from the browser.
The second set of clients that are not picking up the PiHole are my LG Smart TVs. I have turned these on and off, but I think I am going to literally pull the plug from the wall and reset the DHCP on the router so that next time they reenter the network they are forced to get a new IP, and hopefully pickup the DNS.
If you all have ideas on the MBP please let me know. I don't want to think something nefarious is going on here, but I find it odd that it worked well with the first and not the second. I find it odd that they two Roku Smart TVs that I use as monitors were being blocked and now some how they are bypassing my DNS server. Considering the only thing that I did different was change the IP from 182 to 5 there should be no difference. It just does not make sense.
This will cause excess DHCP negotiations in your network, as it has your clients begin DHCP renewal 30 seconds after they requested it, and it may well take 30 seconds before a DHCP lease is finally negotiated successfully.
Changing the lease time wouldn't have addressed your issue anyways (your clients would still have waited for their existing lease to expire before they would have acquired a shorter lease time).
I'd recommend to set that back to a sane value.
And as you've disclosed now that your lease time was already in the lower few hours range, your issue doesn't seem related to delayed DHCP lease information at all.
Let's see what DNS server a sample client is using by running the following command on that client:
nslookup pi.hole
Also, please upload a debug log and post just the token generated by
pihole -d
allowing to upload when prompted, or do it through the Web interface:
One other note. Today we were gone most of the day. I had an increase in queries, 19,626 that went through the device, but only 1.1% were blocked, 218.
I still do not have my MacBook Pro, or either LG Smart TV going through the device. In addition my wife's work computer also came online today, and is not using the device.
I am wondering if I did a hard reset of the router and flushed everything, and started from ground zero if that would fix it. That is what happened with the first Pi-Hole. In my ignorance, I initially had the RPi on WiFi when I first loaded it because it was in the other room and I was using the monitors. While it was on WiFi, working through the settings menu, I realized that I had the PiHole listening on the wrong port. When I changed the setting to WiFi, it blew up my router. I thought that I had bricked the router. I was able to put it back on line, and then connected it to the eth0 and changed the settings to only the ethernet port. It was only after that hard reset of the router that the PiHole started picking all of the traffic on my network. At one point I was blocking in excess of 33% of my traffic and my network was very snappy.
That does not work. I have two Macs in my network, an iMac and this MacBook. Every time that I point the system preferences to the PiHole, it locks up my computer.
So after I removed the DNS settings from the network, and reran the nslookup it is now pointing to the router, but I am still getting the ** server can't find pi.hole: NXDOMAIN.