Hello,
I have been trying to resolve this for the past 3 days! I assure you than I looked everywhere for similar issues, all of them are closed without solution or their solution didn't work.
Thanks in advance.
[Pihole blocks ads on all devices on the network]
[Pihole blocks ads ONLY on devices in which I manually set their DNS servers to be Pihole's IP address (IPv4 and IPv6)]
[fsbnrmrc5p]
Your debug log shows no problems with your Pi-Hole. It is working normally.
Since you can connect to Pi-Hole with manual DNS entries on clients and not through the router, this indicates a setup problem in your router.
You are using Pi-Hole as DHCP server, which should provide the Pi-Hole IP as DNS to all connected clients. Have you disabled DHCP in the router, rebooted the route and renewed the DHCP lease for all clients?
Thank you for the prompt response.
Yes I disabled the DHCP in the main router and rebooted it and the Raspberry Pi after turning its DHCP server.
At some point I was trying to stop dnsmasq so that I can erase the DHCP client list (in /etc/pihole/dhcp.leases) so that all clients get new and fresh DHCP lease, but I couldn't because dnsmasq is not working.
This is the output for systemctl status dnsmasq.service
` dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2019-01-29 16:56:33 GMT; 35s ago
Process: 25736 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=2)
Process: 25733 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Jan 29 16:56:33 raspberrypi systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Jan 29 16:56:33 raspberrypi dnsmasq[25733]: dnsmasq: syntax check OK.
Jan 29 16:56:33 raspberrypi dnsmasq[25736]: dnsmasq: failed to bind DHCP server socket: Address already in use
Jan 29 16:56:33 raspberrypi systemd[1]: dnsmasq.service: Control process exited, code=exited status=2
Jan 29 16:56:33 raspberrypi systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Jan 29 16:56:33 raspberrypi systemd[1]: dnsmasq.service: Unit entered failed state.
Jan 29 16:56:33 raspberrypi systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
`With versions of Pi-Hole 4.x and later, dnsmasq does not run as a separate process - the code is embedded in pihole-FTL. FTL uses the same dnsmasq configuration files that dnsmasq does. Pi-Hole disables dnsmasq for this reason.
If you want to start/stop FTL, these are the proper commands:
sudo service pihole-FTL stop
sudo service pihole-FTL start
Thanks. Indeed I noticed FTL as I was checking what process was listening on port 53 and I realized it's embedded in FTL. I just used these two commands to stop dnsmasq and wipe all DHCP leases from /etc/pihole/dhcp.leases then enable it again.
But no luck 
, I tried the [Mod Edit: Link no longer available] and all of them shows ads.
Any idea how to solve this ?
I would start with these tools to track down the source of ads and see if the client requests are coming through Pi-Hole.
Thank you for your assistant. I have seen this FAQ before but it doesn't seem to solve the problem, however, I just installed DNSthingy and inspected the queried when speedtest.com is loaded, and it seems that all ad-related domains would normally be blocked by pihole.
I want to let you know that I have Unifi Access Points and I'm using the Unifi Controller (a controller that is running alongside Pihole to manage the APs and to see stats about the network). For that, I have been looking if there are any further configuration that I should do and I landed on this post which suggest adding config.gateway.json to specific location in the Unifi Controller.
My config.gateway.json is
{ "service": { "nat": { "rule": { "1": { "description": "DNS Redirect", "destination": { "address": "!192.168.100.40", "port": "53" }, "inbound-interface": "eth0", "inside-address": { "address": "192.168.100.40" }, "source": { "address": "192.168.100.2-192.168.100.39,192.168.100.41-192.168.100.252" }, "log": "disable", "protocol": "tcp_udp", "type": "destination" } } } } }
My raspberry pi's IP address is 192.168.100.40
Please know that this may or may not be the problem.
I can't help you with the configuration of the UniFi equipment as I don't have that equipment or experience with that equipment.
I appreciate your time and help!
As a last resort, is there any way I can track down what DNS server(s) are my devices ACTUALLY using ?
In other words, I am almost certain that all devices are outsmarting the networking and using some way to bypass Pihole as DNS server, is there any way I can track down what are they using instead? IPv6 maybe ?
On Windows - from the command line run ipconfig/all
On MacOS - from the terminal run scutil --dns
On IOS - settings > network > circled "i" next to the network name, DNS
Don't know on Android.
Here's a partial output for ipconfig /all
DHCP Server . . . . . . . . . . . : 192.168.100.40 DHCPv6 IAID . . . . . . . . . . . : 205790376 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-F2-6A-XX-XX-XX-XX-XX-XX-XX DNS Servers . . . . . . . . . . . : fe80::1%4 192.168.100.40 fe80::1%4
Pihole's IPv6 starts with fd82:76a and ends with :1bb6 which is NOT what I'm getting above.
Can we conclude that IPv6 is the problem ?!
If you don't use IPv6, disable it on the router and clients. IPv6 is a frequent source of DNS bypasses.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.