Please follow the below template, it will help us to help you!
Some info:
I recently bought a new Raspberry Pi Zero W, installed the latest version of Raspbian Lite (no UI) and installed Pi-Hole as per the instructions from the website. After install was complete, I tried to manually set the DNS on 1 client (Windows 10). I apologize if this question is a duplicate, however after hours of searching and trying I decided to ask for help instead.
Expected Behaviour:
Running nslookup google.com or accessing any website produces any meaningful results. Both client and Raspberry Pi should return something. Alternatively I left DNS as automatic and ran the command nslookup google.com 192.168.8.108 (whole local network is on 192.168.8.* with modem occupying 1, raspberry 108 and Windows 10 client 105).
Actual Behaviour:
nslookup returns DNS request timed out on client. Running the command on Raspberry Pi returns valid results.
I've tried reinstalling from scratch in fear I somehow did something wrong, but that doesn't help either. I tried changing my upstream DNS multiple times (basically every possible choice), I tried changing interface listening behaviour to every possible choice. I don't want to use Pi-Hole's DHCP and I already tried setting it as my router's default DNS (if the client would somehow have issues with the DNS change), but nothing seems to work.
You pointed W10 to your RPI as DNS server?
Simple insight if your PiHole serves as DNS server and if your RPI DNS system is up and running properly can be obtained with DNS Benchmark
Don't forget to add your RPI address in DNS Benchmark first.
I tried to run DNS Benchmark. And (evidently) it didn't go so well ...
System's nameserver is dead & NOT replying to queries!
It probably comes as no surprise that all of this system's sole DNS resolving nameserver, with the IP address of [192.168.8.108] is apparently dead (at least for the moment) and is not replying to DNS queries since very little of the Internet is accessible without any DNS services.
Oddly enough RPi doesn't have problems running nslookup:
Pi-hole is working, but your connection to the internet on that device is not:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] tracker.tagsrvcs.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] tracker.tagsrvcs.com is 0.0.0.0 via Pi-hole (192.168.8.108)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] wesolywagonik.pl is :: via localhost (::1)
[✓] wesolywagonik.pl is :: via Pi-hole (fd5c:78f8:9326:fe00:d14e:b583:3ec9:2ec5)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
Looks like you've added some script or function that is manipulating the database as well.
*** [ DIAGNOSING ]: Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)
id type enabled group_ids domain date_added date_modified comment
---- ---- ------- ------------ ---------------------------------------------------------------------------------------------------- ------------------- ------------------- --------------------------------------------------
1 0 1 0 0.client-channel.google.com 2020-12-05 12:41:05 2020-12-05 12:41:05 In order for users on your network to access Googl
2 0 1 0 1drv.com 2020-12-05 12:41:05 2020-12-05 12:41:05 It is actually a legitimate Microsoft owned domain
3 0 1 0 2.android.pool.ntp.org 2020-12-05 12:41:05 2020-12-05 12:41:05 This domain is a part of The pool.ntp.org project
4 0 1 0 akamaihd.net 2020-12-05 12:41:05 2020-12-05 12:41:05 This domain is owned by Akamai Technologies which
5 0 1 0 akamaitechnologies.com 2020-12-05 12:41:05 2020-12-05 12:41:05 This domain is owned by Akamai Technologies which
6 0 1 0 akamaized.net 2020-12-05 12:41:05 2020-12-05 12:41:05 This domain is owned by Akamai Technologies which
7 0 1 0 amazonaws.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Amazon Web Services (AWS) is a subsidiary of Amazo
8 0 1 0 android.clients.google.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Google Play Store and few devices (especially Andr
9 0 1 0 api.ipify.org 2020-12-05 12:41:05 2020-12-05 12:41:05 It is used to get your public IP address programma
10 0 1 0 app-api.ted.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Used by ted.com streams. - qjz9zk
11 0 1 0 api.rlje.net 2020-12-05 12:41:05 2020-12-05 12:41:05 Used to deliver contents on video straming apps on
12 0 1 0 appleid.apple.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Used to sign in t your Apple account. - qjz9zk
13 0 1 0 apps.skype.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Used to make group calls, group chats etc. on Skyp
14 0 1 0 appsbackup-pa.clients6.google.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Used to backup device settings and app data. - qjz
15 0 1 0 appsbackup-pa.googleapis.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Used to backup device settings and app data. - qjz
16 0 1 0 apt.sonarr.tv 2020-12-05 12:41:05 2020-12-05 12:41:05 Sonarr is a PVR for Usenet and BitTorrent users. I
17 0 1 0 aspnetcdn.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Owned by Microsoft. Used to deliver files such as
18 0 1 0 attestation.xboxlive.com 2020-12-05 12:41:05 2020-12-05 12:41:05 Owned by Microsoft. Used for Xbox updates, game do
19 0 1 0 ax.phobos.apple.com.edgesuite.net 2020-12-05 12:41:05 2020-12-05 12:41:05 Used by Apple Photos. - qjz9zk
20 0 1 0 brightcove.net 2020-12-05 12:41:06 2020-12-05 12:41:06 Video delivery systems, popular in entertainment a
21 0 1 0 c.s-microsoft.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Used to deliver fonts. - qjz9zk
22 0 1 0 cdn.cloudflare.net 2020-12-05 12:41:06 2020-12-05 12:41:06 Used to deliver static files over CloudFlare CDN.
23 0 1 0 cdn.embedly.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Embedly is used to embed videos, images and rich m
24 0 1 0 cdn.optimizely.com 2020-12-05 12:41:06 2020-12-05 12:41:06 optimizely.com is a progressive delivery and exper
25 0 1 0 cdn.vidible.tv 2020-12-05 12:41:06 2020-12-05 12:41:06 Video delivery systems, popular in entertainment a
26 0 1 0 cdn2.optimizely.com 2020-12-05 12:41:06 2020-12-05 12:41:06 optimizely.com is a progressive delivery and exper
27 0 1 0 cdn3.optimizely.com 2020-12-05 12:41:06 2020-12-05 12:41:06 optimizely.com is a progressive delivery and exper
28 0 1 0 cdnjs.cloudflare.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Used to deliver static files over CloudFlare CDN.
29 0 1 0 cert.mgt.xboxlive.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Owned by Microsoft. Used for Xbox updates, game do
30 0 1 0 clientconfig.passport.net 2020-12-05 12:41:06 2020-12-05 12:41:06 Owned by Microsoft. Used in Windows Store. - qjz9z
31 0 1 0 clients1.google.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Used in Google Maps and other Google services. - q
32 0 1 0 clients2.google.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Used in Google Maps and other Google services. - q
33 0 1 0 clients3.google.com 2020-12-05 12:41:06 2020-12-05 12:41:06 Used in Google Maps and other Googl
Well, fair point, though even without the whitelist, it still isn't really working. I'll try to reinstall the whole system without the added step and I'll post whether there's any change ...
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
That's the issue that needs to be fixed. Pi-hole is working, it's responding with 0.0.0.0 for a domain that we know should be blocked. The problem is a query to a DNS server off your network (an upstream DNS server) is failing. That's a networking problem. And if that is not solved then a re-install of everything won't fix it.
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] phox2ey.bid is 0.0.0.0 via localhost (127.0.0.1)
[✓] phox2ey.bid is 0.0.0.0 via Pi-hole (192.168.8.104)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] prod.zenkube.com is :: via localhost (::1)
[✓] prod.zenkube.com is :: via Pi-hole (fd5c:78f8:9326:fe00:2c9a:810d:d9a3:d0f2)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
Well, as previously stated, changing the upstream DNS doesn't help. And this time it's a clean, out-of-the box solution with only defaults set. All devices on my network work properly (since I obviously can post this from my computer), but for some reason Pi-Hole doesn't work properly.
Could it be due to some modem settings? Or did I miss anything there? Could it be because I'm using the wireless model of RPi Zero, instead of connecting it to ethernet? As far as I could see, people made it work using this RPi model, but maybe there's some extra step I missed?
You probably noticed it in the logs, but the installation was complaining about the OS - although I used the official Raspberry Pi tool to download the latest OS version & I ran sudo apt-get update -y and sudo apt-get upgrade -y before installing Pi-Hole. I had to use the PIHOLE_SKIP_OS_CHEKC=true flag to install it on the device ...
nslookup flurry.com 192.168.8.104
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.8.104
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
Your clients are not using Pi-hole for DNS, but rather 103.86.96.100.
That's one of NordVPN's DNS servers.
EDIT:
That's also a bit unexpected, since your DHCP server is distributing its own IP as local DNS server:
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 286 bytes from wlan0:192.168.8.1
dns-server: 192.168.8.1
nslookup fails to contact your Pi-hole at 192.168.8.104.
Considering both results could imply you are trying to use Pi-hole as a custom DNS server in a VPN setup.
If that's the case, you'd have to consult with your VPN provider if and how a local custom DNS server can be configured.
You should also make sure Pi-hole's IP address is accessible from its prospective clients.