Until recently I've had a fairly standard Pi-Hole setup. I have several adlists, several whitelisted domains for my use cases, only the default group and no manually set clients. I also have a Linksys router which forcibly lists itself as a DNS server to DHCP clients instead of sending my Pi-Hole information, however, most devices are manually set to use the Pi-Hole and this should not be the cause of my issue. My Raspberry Pi is also hosting a Wireguard server, but I have had no issues with it and similarly do not believe it be the cause of the issue.
Recently, I've tried to expand my usage of Pi-Hole by introducing group and client management to accommodate those on my network who want to watch ads for various rewards in their games. However, no matter what I do, all the clients, seemingly, still are blocked according to the default group.
Group Config
Client Config
Domain Config
For illustration, let us focus on the blocked domains apple.com, amazon.com, and cloudflare.com. (Don't worry these domains are blocked simply because I needed a domain to test and thought of them first.) Administration and testing is done on the same computer, with an android phone corroborating the same results. nslookup and direct navigation to the websites was used to generate this data.
Theoretically, the following should be true:
- Apple.com should only be blocked to clients in the default group
- Amazon.com should only be blocked to clients in the Test group
- Cloudflare.com should be blocked to clients in both the default and Test group.
Cold, Hard, Reality:
- Apple.com is blocked [Should not be]
- Amazon.com is allowed [Should not be]
- Cloudflare.com is blocked [But for the wrong reasons]
If I swap the groups on apple and amazon, the behavior also swaps, so it seems like the default group is still applying to my devices, even through I have clearly set them to only be apart of the Test group. I have also triple checked the MAC and IP addresses of the clients devices to ensure that devices I am messing with are the devices I am testing and both addresses match in both of my devices.
My logic is clearly impeccable and free from errors... in my eyes at least. What do y'all think?