Pi-hole is not blocking ads

The issue I am facing: The pi hole is not blocking ads for some reason

Details about my system: I have set up pi-hole on my raspberry pi 4 8gb I use it on my samsung a32 5g and I changed my dns settings to make it work since at&t does not let you change your dns settings.

What I have changed since installing Pi-hole: I was using it at my home network in New York using optimum and it was working just fine untill I set it up in florida on the same device and it stopped working I even had reinstall raspian lite and pi hole but still no luck.

Here is my debug link: https://tricorder.pi-hole.net/aexfzstl97

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] spindles-mod.tumblr.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] spindles-mod.tumblr.com is 0.0.0.0 via Pi-hole (192.168.1.76)
[✓] doubleclick.com is 172.217.2.206 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] sixteenth.pbphgwbr.in is :: via localhost (::1)
[✓] sixteenth.pbphgwbr.in is :: via Pi-hole (2600:<redacted>:f3db)
[✓] doubleclick.com is 2607:f8b0:4008:806::200e via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 349 bytes from eth0:192.168.1.254
     Offered IP address: 192.168.1.64
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.1.254
      router: 192.168.1.254
      dns-server: 192.168.1.254
         domain-name: "attlocal.net"
         --- end of options ---
    
   DHCP packets received on interface wlan0: 0
   DHCP packets received on interface eth0: 1
   DHCP packets received on interface lo: 0

Nevertheless, your debug log also shows some samples of blocked as well as successful DNS resolutions for a client at .249:

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 11226 Jul  4 05:08 /var/log/pihole.log
   -----head of pihole.log------
   Jul  4 04:40:58 dnsmasq[1081]: query[A] www.google.com from 192.168.1.249
   Jul  4 04:40:58 dnsmasq[1081]: exactly blacklisted www.google.com is 0.0.0.0
   Jul  4 04:40:58 dnsmasq[1081]: query[A] epdg.epc.mnc260.mcc310.pub.3gppnetwork.org from 192.168.1.249
   Jul  4 04:40:58 dnsmasq[1081]: forwarded epdg.epc.mnc260.mcc310.pub.3gppnetwork.org to 8.8.8.8
   Jul  4 04:40:58 dnsmasq[1081]: reply epdg.epc.mnc260.mcc310.pub.3gppnetwork.org is <CNAME>
   Jul  4 04:40:58 dnsmasq[1081]: reply epdg.epc.geo.mnc260.mcc310.pub.3gppnetwork.org is 208.54.85.64

This would be in line with you manually pointing your Samsung at Pi-hole's IPv4 address for DNS.
This will work - as far as IPv4 is concerned.

I've also noted that your Pi-hole is using a public IPv6 address (from 2000::/3 range).
For such a GUA address, both its IPv6 prefix as well as its interface identifier parts may change sporadically or even regularly.
As Pi-hole requires a fixed IP address, you should consider to Use IPv6 ULA addresses for Pi-hole instead - provided your router allows configuration of a ULA prefix.

But more importantly, since your network has IPv6 connectivity, your router almost certainly advertises its own IPv6 address as DNS server (or those of your ISP).
Hence, any IPv6 capable client may by-pass Pi-hole via IPv6.

It is likely that this is what you observe.

To avoid IPv6 by-passes, you've got to configure your router to stop advertising its own IPv6 address and advertise Pi-hole's IPv6 address instead.

If your router doesn't offer such a configuration option, consider disabling IPv6 altogether.
If your router doesn't support that either, clients will by-pass Pi-hole via IPv6.

I can't change any of my dns settigns because of the way at&t works if I change the dns settings it will brake the actual internet hense why it isnt change able but the raspberry pi is on a fixed ipv4 address.

Also for some reason it doesnt block the websites I blacklisted because I can still access them.

I still see ads on games like madfut and it just triggers me because they are still there. Even though I blocked all the websites and ads it uses.

Does your router have a DHCP toggle? If so, disable DHCP on the router and configure Pi-hole to be your DHCP server.

the thing is that if I change my dns settings it will kick me out of television use so thats why its disabled but I will try the dhcp server

This is probably because a lot of your traffic is flowing over IPv6 (including DNS resolution) and is not going to the pi-hole.

Actually - you need to ensure that your TV is getting the 'correct' DNS - but that shouldn't mean you can't take over DNS and just allow the TV to bypass the pi-hole.

The group managemet feature might work fine for this Redirecting...

I would suggest that instead of using one of the pre-configured upstream DNS servers (google, quad9, etc) - you use 'custom' upstream DNS servers and configure them to be whatever your AT&T routers is handing out by default.

This would allow you to place most/all of your devices behind the pi-hole - block ads, but anything that the TV or whatever else AT&T has given you will just flow upstream to the normal AT&T DNS server. Maybe not ideal, but I suspect it would make things work better.

well its what at&t have set and I cant change it sadly

Did you try disabling IPv6 on your router yet (provided your ISP is not IPv6 only)?

If there's no way to configure your router, you are stuck with IPv6 by-passes.

You could either replace your router. Or buy a cheap WLAN router (with some LAN ports also) that does support DNS configuration, and connect all your clients exclusively through that WLAN router, while the WLAN router is the only device connected to your AT&T.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.