Is your router's DNS server at 10.12.23.1 really answering on port 5353, though?
It probably shouldn't listen on that port - 5353 is reserved for the mDNS protocol.
Hmm, your debug log shows Conditional Forwarding to be disabled?
Oh good to know on the port, maybe that is part of the problem, I will switch it to 5335 and give that a shot, conditional formatting was disabled when doing the log report
Unbound is running with opnsense so it should be the same IP as opnsense I believe, and I have set the listen port to 5335
I can confirm it is working though, I can see that as I browse the web the Unbound queries continue to go up, so I would assume it is working, I can see individual requests which are correct for my browsing activity
Pi-hole does not have any knowledge about your local hostnames - it has to acquire that somehow, either by configuring respective DNS records, or by querying a DNS server that has that knowlegde.
So your Pi-hole is forwarding all non-blocked traffic to unbound, including requests for those local hostnames that it doesn't know about (e.g. via Local DNS records).
How does unbound learn about local hostnames then?
Since you state that Conditional Forwarding would work, that would suggest that your router's DHCP server is registering local hostnames at least with its local DNS resolver (assuming that CF targets your router's IP).
Enabling CF would be one correct way to have local hostname resolution in that case.
Alternatively, you could also consider to have Pi-hole use 10.12.23.1#53 (assuming that your router's local DNS resolver would also use unbound as its upstream).
Yet another way would involve configuring unbound on your router to forward queries for your local zone to your router's local DNS resolver, but you'd have to be careful to avoid a DNS loop with that configuration.
I have DNSmasq setup on port 53 currently, and I setup the edns0.conf file which successfully worked prior to having unbound setup. Once I added unbound to the equation hostnames stop coming across to pihole altogether.
I would normally just enable Conditional Fowarding and call it a day, but the issue I have is more with OPNsense than PiHole in that, hostnames are not coming across anywhere so I am trying to solve this issue because I think it will solve my other issues since those were also working prior to using unbound.
Very likely, that's because you have been using 10.12.23.1#53 as your Pi-hole's sole upstream then.
Configuring your router for EDNS0 ECS (Extended Client Subnet) would allow your router to expand its DNS requests with client IP address information. In turn, that would allow Pi-hole to attribute DNS requests to individual client IPs even if those clients are using your router for DNS.
Pi-hole still would have to acquire knowledge about client hostnames as explained.
That's a question for unbound.
If you are not familiar with unbound yet, it would probably be easiest to enable CF or go back to use your router as Pi-hole's upstream.
Note that either would work only if your router still knows about local hostnames.
That may not be the case if unbound has completely replaced your router's previous DNS resolver and your router's DHCP server would not inject DNS records for clients into unbound.
I have decided that it makes the most amount of sense to disable unbound, so I have done that and obviously changed the DNS settings to use couldflare as the upstream DNS service. I then enabled conditional formatting to get the correct hostnames, and it does work again now. Does not in other services obviously but that seems to be an opensense issue not anything to do with pihole.
The one issue I am now having is, I keep getting this error in pihole
DNSMASQ_WARN Maximum number of concurrent DNS queries reached (max: 150)
So I am not sure where the problem lies, but I have bypassed pihole altogether now, its so unbelievably slow compared to just using opnsense, i may just have to look for alternative solutions to pihole for now
Your debug log shows that your Pi-hole machine has upstream connectivity issues:
*** [ DIAGNOSING ]: Operating system
[i] Distro: Debian
[i] Version: 11
[✗] dig return code: 9
[✗] dig response: ;; connection timed out; no servers could be reached
[✗] Error: dig command failed - Unable to check OS
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] s.anticrsss1-ep.xyz is 0.0.0.0 on lo (127.0.0.1)
[✓] s.anticrsss1-ep.xyz is 0.0.0.0 on eth0 (10.12.23.2)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
That may be related to your observation:
That warning would indicate a client excessively requesting DNS resolution, or your Pi-hole lacking any upstream connectivity, or a DNS loop of sorts.
From your Pi-hole machine, what's the output of:
echo ">stats >quit" | nc localhost 4711
echo ">top-clients>quit" | nc localhost 4711
echo ">top-domains >quit" | nc localhost 4711
echo ">top-ads >quit" | nc localhost 4711
Since your debug log indeed shows upstream issues for your Pi-hole host machine:
Are you blocking DNS access on your OPNsense, probably allowing it only for a selected few DNS resolvers?
Are those resolvers part of Pi-hole's configured upstreams?
Did you perhaps deploy other rules in your OPNsense firewall hat would affect DNS?
And likely unrelated to that warning, your debug log also shows quite a few issues for your PiAlert installation hosted on the same machine:
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 78K May 12 01:20 /var/log/lighttpd/error-pihole.log
-----head of error-pihole.log------
2023-05-07 05:51:40: server.c.1513) server started (lighttpd/1.4.59)
2023-05-07 06:19:20: server.c.1976) server stopped by UID = 0 PID = 1
2023-05-07 06:19:20: server.c.1513) server started (lighttpd/1.4.59)
2023-05-07 06:19:39: server.c.949) [note] graceful shutdown started
2023-05-07 06:19:39: server.c.1976) server stopped by UID = 0 PID = 23429
2023-05-07 06:19:39: server.c.1513) server started (lighttpd/1.4.59)
2023-05-07 06:20:25: server.c.1976) server stopped by UID = 0 PID = 1
2023-05-07 06:20:26: server.c.1513) server started (lighttpd/1.4.59)
2023-05-07 06:20:47: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined index: SubmitConfigFileEditor in /root/pialert/front/index.php on line 17
2023-05-07 06:20:47: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined index: action in /root/pialert/front/index.php on line 30
2023-05-07 06:20:47: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/index.php on line 48
2023-05-07 06:20:48: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Trying to access array offset on value of type bool in /root/pialert/front/php/server/parameters.php on line 49
2023-05-07 06:20:48: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Trying to access array offset on value of type bool in /root/pialert/front/php/server/parameters.php on line 49
2023-05-07 06:20:48: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-07 06:20:48: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-07 06:21:15: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-black-light): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-black): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-blue-light): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-blue): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-green-light): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-green): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-purple-light): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
2023-05-07 06:21:23: mod_fastcgi.c.487) FastCGI-stderr:PHP Warning: unlink(../../../db//setting_skin-purple): No such file or directory in /root/pialert/front/php/server/devices.php on line 899
-----tail of error-pihole.log------
2023-05-12 00:55:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 00:56:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 00:57:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 00:58:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 00:59:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:00:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:01:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:02:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:03:39: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:04:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:05:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:06:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:07:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:08:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:09:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:10:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:11:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:12:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:13:40: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:14:41: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:15:42: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:17:08: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:18:25: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:19:30: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
2023-05-12 01:20:31: mod_fastcgi.c.487) FastCGI-stderr:PHP Notice: Undefined variable: pia_lang_selected in /root/pialert/front/php/server/devices.php on line 17
OK, so I had done some research and I had read a few people who have had trouble running pihole on proxmox so instead of installing it manually I used an automated LXC installer for proxmox which honestly so far does seem better, not perfect but better.
I also tried a test out, I have another instance of Pihole on my network, I previously ran Pihole on my unraid server via a docker container however this has been my attempt at moving Pihole off of my unraid server so that when I take my Unraid offline I then do not lose internet completely (also trying to minimize the number of docker containers that machine has running). However when I use this Pihole setup things run much smoother, albeit I am manually telling my mac machine to use it as DNS rather than the opnsense firewall to use it, so that might have some weight, not sure.
So I have created a fresh new LXC container for Pihole, only have PiHole running on it for now, no PiAlert. I copied all of my settings from my unraid Pihole, setup the same adlists and whitelists etc. And things seem to be running better, for example it is now pulling hostnames without conditional forwarding enabled which is a start.
But it does sort of do this thing where the DNS resolution seems like it's on an on off switch, it either works or it doesn't
For example when running the whitelist script from github, I got this output
[✗] DNS resolution is currently unavailable
[✓] DNS resolution is now available
which sat there for about a min or two, and then ran fine.
Well I have figured out that the pihole is not accessible if the pihole is set as the DNS provider for DHCP (This is the only place I am telling OPNsense to use pihole) if I use 9.9.9.9 as my DNS provider, then pihole is accessible but not if its the ip of my pihole, I hope this makes sense
Your results show that over half of the requests that your Pi-hole has sent upstream never receiced an answer:
Also, your most recent debug log again shows your Pi-hole is having upstream connectivity issues:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
(...)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Operating system
[i] Distro: Debian
[i] Version: 11
[✗] dig return code: 10
[✗] dig response: dig: couldn't get address for 'ns1.pi-hole.net': failure
[✗] Error: dig command failed - Unable to check OS
This would reaffirm my previous suspicion that something is blocking outbound DNS for your Pi-hole.
Run from the machine hosting your Pi-hole, what is the result of the following commands: