Pi-hole ignored by all devices in LAN

camisy · March 19, 2017, 7:12pm

Hello,

I have Pi-hole setup remotely on a debian server. I have changed the DNS in my fritzbox router to the IP of the server which is running pi-hole.

We have configured pi-hole to reply 0.0.0.0 as domain if it is blacklisted. We share this pi-hole server. For the other network it is working fine, all domains are blocked. On my end I can see that domains are piholed but I can still access these via browser. I have tried this on iphone, ipad and imac. When I try nslookup domain it correctly gives back 0.0.0.0.

Any ideas?

DanSchaper · March 19, 2017, 8:55pm

Is the Pi-hole the only listed DNS server, or do you have a secondary server configured for the clients?

camisy · March 19, 2017, 9:02pm

I guess the fritzbox router has a DNS server but it points to the pi-hole IP in the customized DNS setting. So yes it is the only listed one. Clients IP goes to the router DNS (DHCP).

camisy · March 20, 2017, 7:33am

DNS setting

iOS Safari screenshot (can access page)

Pi-hole screenshot (although it shows blocked)

spacemonkey · March 20, 2017, 8:48am

Just to rule out everything, have you tried setting iOS' DNS manually?
iOS 8 Configuration for iPhone / iPad – OpenDNS

camisy · March 20, 2017, 9:22am

Yes, it is the same result.

I manually changed the Ipv4 DNS address on a windows maschine and rebooted it.

What it gives me back on nslookup is:

server: mydomain.com
address: my DNS server IP
Name: goodgoth.com.fritz.box
address: 127.0.53.53

If it is set to obtain DNS automatically the result is

server: fritz.box
address: 192.168.178.1
name: goodgoth.com
address: ::
0.0.0.0

and I can access the website

spacemonkey · March 20, 2017, 9:30am

Remotely means it's inside your LAN or it's on the internet?

camisy · March 20, 2017, 9:35am

on the internet. It's running on a hosted VM.

spacemonkey · March 20, 2017, 9:41am

Can you try https://www.dnsleaktest.com/

camisy · March 20, 2017, 9:46am

spacemonkey · March 20, 2017, 9:47am

~~Is that your pi-hole's IP? It should be showing only the pi-hole's IP there.~~

camisy · March 20, 2017, 9:50am

no I do not know what IP this is.

spacemonkey · March 20, 2017, 9:58am

Just a reminder - this topic has been covered many times before How do I access my Pi-hole remotely? - FAQs - Pi-hole Userspace

Try setting your router's DNS to Google's 8.8.8.8. Clear your dnscache, and try the dns leak test in a private/incognito window. It should show 8.8.8.8 then.

camisy · March 20, 2017, 10:02am

yes, it now shows all the google DNS

spacemonkey · March 20, 2017, 10:09am

One more thing to double check is if you have selected in Pi-hole Advanced DNS settings -> Interface listening behavior -> Listen on all interfaces, permit all origins (make sure your Pi-hole is firewalled!)

camisy · March 20, 2017, 10:12am

both IPs are from DNSwatch which is Pi-holes Upstream DNS Server

camisy · March 20, 2017, 10:25am

it is currently set to only listen on interface eth0 but this is even the only available interface on the VM and it also did not help.

spacemonkey · March 20, 2017, 10:43am

Ping a blocked site like doubleclick.net?

camisy · March 20, 2017, 10:45am

answer on ping is "couldn't find host"

@@@@@ I can't do any new post as I am limited to 10 a day!

no and I even cannot open bild.de due to adblock.

spacemonkey · March 20, 2017, 10:47am

Do you see ads on http://www.speedtest.net/