PI HOLE DNS does not route local records

WaiserHai · May 23, 2024, 9:02am

Expected Behaviour:

I would like to access my services using the domain name instead of the IP address

Actual Behaviour:

My Pi-hole is not working correctly. I have tried many solutions, but nothing seems to work. I am using Pi-hole for both DNS and DHCP. When I try to use nslookup, it returns a "non-existent domain" error.

Debug Token:

https://tricorder.pi-hole.net/wNPOUJjV/

Bucking_Horn · May 23, 2024, 9:07am

Please share the output of the following commands, run from the client that can't resolve a domain:

nslookup pi.hole

nslookup <your.domain>

nslookup <your.domain> 192.168.178.240

where you substitute <your.domain> with your domain name.

WaiserHai · May 23, 2024, 9:50am

*** bck-s-pihole wurde von fritz.box nicht gefunden: Non-existent domain.
nslookup bck-s-pihole
Server:  fritz.box
Address:  fd00::<redacted>b5

*** bck-s-pihole wurde von fritz.box nicht gefunden: Non-existent domain.
nslookup bck-s-gitlab
Server:  fritz.box
Address:  fd00::<redacted>b5

*** bck-s-gitlab wurde von fritz.box nicht gefunden: Non-existent domain.
nslookup bck-s-gitlab 192.168.178.240
Server:  pi.hole
Address:  192.168.178.240

Name:    bck-s-gitlab.bck-church
Address:  192.168.178.7

Bucking_Horn · May 23, 2024, 10:02am

Your router is advertising its own IPv6 ULA as DNS server, allowing clients to bypass your Pi-hole completely.

Your Pi-hole has to be the sole DNS server for your clients.

Current FritzBox models should support deactivating IPv6 DNS servers via Home Network|Network|Network Settings|IP Addresses|IPv6 Settings.

Try:
a. Untick Also announce DNSv6 server via router advertisement (RFC 5006).
b. Tick Disable DHCPv6 server in the FRITZ!Box for the home network and
b.1. choose There are no other DHCPv6 servers for the home network.

This will have clients construct their IPv6 addresses via auto-configuration (SLAAC) exclusively, and will leave them with just an IPv4 address for DNS.

The one potential drawback would be that IPv6-only clients would have no means of DNS resolution. IPv4-only as well as dual-stack clients would still be fully satisfied with an IPv4 DNS server.

WaiserHai · May 23, 2024, 11:30am

I've currently lost the connection to our WireGuard network at the church and will be working to resolve the issue.

I'll get back to you once the connection is restored.

Thank you for your understanding!

system · June 13, 2024, 11:31am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.