Pi Hole is working, but not on all devices

Expected Behaviour:

Pi-Hole on network should block requests from all devices.

Actual Behaviour:

Pi Hole has blocked a few things, but seems to be missing a lot of queries, or some devices entirely.

Debug Token:

https://tricorder.pi-hole.net/28gf6jdpo9

This is my first time setting up a Pi-Hole, so I apologize if I've missed something obvious. I am running a Pi-Hole on a newly flashed Raspberry Pi 3 B+ with Raspbian buster installed. I used the standard installation script, allowed it to set a static IP address, and I am able to connect to the web client, where everything appears to be working correctly. Due to my router not giving me full control over some of the DNS settings, I disabled DHCP for the router and using the Pi-Hole's DHCP server instead. I rebooted my router and renewed the lease on a few devices I wanted to test. All of them are able to connect to the internet just fine now.

I am confused because the Pi-Hole is successfully blocking queries, about 5% or so right now, and most of those are from an Amazon Echo device. On my MacBook, for example, I renewed the DHCP lease, and even rebooted it, and the system blocked queries from it once (reporting about 10 blocks), but has not done so most of the time. I'm not sure why it has stopped functioning, or what to do about it now. I suspect it's not using the Pi-Hole for DNS, but I don't know how to fix that.

Thanks

Let's see what DNS servers the Mac is using. From the Mac terminal directly (and not via ssh session to the Pi), what are the outputs of the following commands:

nslookup pi.hole

ipconfig getoption en1 server_identifier

scutil --dns

Server: 2600:1700:19a0:5020::1
Address: 2600:1700:19a0:5020::1#53

Non-authoritative answer:
Name: pi.hole
Address: 23.221.222.250

DNS configuration

resolver #1
search domain[0] : attlocal.net
nameserver[0] : 2600:1700:19a0:5020::1
nameserver[1] : 192.168.1.204
if_index : 6 (en0)
flags : Request A records, Request AAAA records
reach : 0x00020002 (Reachable,Directly Reachable Address)

resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300000

resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300200

resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300400

resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300600

resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 300800

resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records, Request AAAA records
reach : 0x00000000 (Not Reachable)
order : 301000

DNS configuration (for scoped queries)

resolver #1
search domain[0] : attlocal.net
nameserver[0] : 2600:1700:19a0:5020::1
nameserver[1] : 192.168.1.204
if_index : 6 (en0)
flags : Scoped, Request A records, Request AAAA records
reach : 0x00020002 (Reachable,Directly Reachable Address)

The second command did not output anything. I assume by the abundance of attlocal.net that shows up that it is still using my AT&T router for DNS. The only setting I changed for my router was turning DHCP off, I'm not sure if other steps are required.

What device is living at that IPv6 address?

It's the AT&T router.

Update: I went and disabled IPv6 on my router, and that seems to have fixed the issue, all devices are being blocked with IPv4 alone.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.