Pi hole ad blocking a hit and miss?

Please follow the below template, it will help us to help you!

Expected Behaviour:

Pihole should block ads

Actual Behaviour:

Ad blocking is a hit or miss.

Debug Token:

https://tricorder.pi-hole.net/8iszrne7k1

I have setup my ddwrt router with method 2 as mentioned in this post

But the setup isnt working as expected… the ad blocking seems to be a hit or miss.

I have setup pihole on raspi 4B with official raspbian using official install method.

curl -sSL https://install.pi-hole.net | bash

The other thing i have doubt about is the output from dig command:
When i switch off my pi, the dig command still resolves the addresses, isint the dig supposed to be blocked?
i mean when is say:
dig google.com
i get the following response:

> ; <<>> DiG 9.11.3-1ubuntu1.9-Ubuntu <<>> google.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52730
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 65494
> ;; QUESTION SECTION:
> ;google.com.			IN	A
> 
> ;; ANSWER SECTION:
> google.com.		151	IN	A	216.58.196.206
> 
> ;; Query time: 6 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Thu Oct 10 00:12:27 IST 2019
> ;; MSG SIZE  rcvd: 55

I dont understand, how would adblocking ever work, if the name resolves using 127.0.0.53 ?
Can anyone explain whats going on?
Does it mean, the dns requests arent even going to my ddwrt router, which should forward all such requests to my pi’s address?

Yes, it should fail. If you have turned off your DNS server, and the clients are still able to resolve DNS queries, then the clients have available to them an alternate DNS server. This can also explain why your ad-blocking is hit or miss - some of the queries go to Pi-Hole and some do not.

Is the terminal ouput you posted from the platform that hosts Pi-Hole, or from a connected client?

From a connected client, using the terminal or command line on that client and not via ssh to Pi-Hole, what is the output of this command?

nslookup pi.hole

the debug logs i posted were from the HOST pi’s prompt.

Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
Name: pi.hole
Address: 192.168.1.10

Just to reiterate, what does this mean in above output?

Server: 127.0.0.53
Address: 127.0.0.53#53

how is 127.0.0.53 different from 127.0.0.1? and whats that #53 ?

There are both localhost so that makes no difference as long resolv.conf contains it.

#53 is the portnumber to wich resolv request are sent. DNS is using port 53 so that is correct.

The clients and router should 192.168.1.10 as dns server and not any second or third other IP addresses.

About still resolving, where did you ran that as obvious your PI was switched off.

I have not modified clients to manually point to pi’s ip as DNS server. I intend to achieve this through the router settings itself.
And yes, in my DDWRT router, all DNS servers are 0.0.0.0 , and i have used the method 2 in the post i linked in my original post, i.e dhcp-option=6,192.168.1.10 as additional dnsMasq options, for assigning the PI’s DNS server ip.

So, i just need to debug to which DNS server, are my queries getting forwarded to, when its not going to the pi.

As i have mentioned, the output of dig isnt of much help in this, as its only saying:

> ;; ANSWER SECTION:
> google.com.		151	IN	A	216.58.196.206
> 
> ;; Query time: 6 msec
> ;; SERVER: 127.0.0.53#53(127.0.0.53)
> ;; WHEN: Thu Oct 10 00:12:27 IST 2019
> ;; MSG SIZE  rcvd: 55

Which actually does not tell, to which DNS server the queries are ending up for getting resolved when pi is off.
Any tool i can use for this?
Thanks.

The dig tells that it using the DNS resolver or the resolver stated in /etc/resolv.conf on that local machine.

If you want to test it from a client it should display: > ;; SERVER: 192.168.1.10#53(192.168.1.10)

Forcing dig to use the Pihole is done as follow: sudo dig google.com @192.168.1.10

Oh yes, the output of dig command i posted, is from one of the clients only. Thats why i am puzzled.

The output is telling you that the client machine is not configured to use Pi-Hole. it is using a local loopback address 127.0.0.53. On this client, check the DNS settings and change them to either get the DNS from the router (which will provide them once you set up DNS in the router), or manually assign the DNS to Pi-Hole at 192.168.1.10

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.