Pi-Hole not blocking ads for MacBook Pro when connected via wifi

I'm new to Raspberry Pi, and not very experienced with Linux. My network primarily consists of a Mac mini (ethernet), a MacBook Pro (wirelessly, ethernet capable), AppleTV 4K (ethernet) my Raspberry Pi 3B+ (ethernet, Stretch, Pi-Hole), an iPhone, 2x HomePods, and an iPad. The router is a tp-link Archer C9.

The MBP and the mini have been configured in Network Preferences to use (RPi3B+ eth) as the DNS server settings for ethernet connections. For wireless preferences, both and (the router) are listed, and both greyed out to prevent modification.

In the router settings, Advanced > Network > DHCP Server: (the RPi3B+ eth) is listed as the primary DNS server, with no secondary DNS server specified. However, in the tp-link interface Advanced > Network > Internet I see listed as Primary DNS and listed as the secondary DNS. I do not see a way to change these two values.

Please follow the below template, it will help us to help you!

Expected Behaviour:

When MacBook Pro is connected to LAN, either wirelessly or via ethernet, Pi-hole should block ads.

Actual Behaviour:

When MBP is connected via ethernet, Pi-hole works almost as well as it works with my Mac mini (where it works near flawlessly when working at all). It does let a few google ads through that get caught when navigating to the same pages on the mini. It does block all of the ads on the Pi-Hole.net test page, though.

However, when I connect the MBP to the network wirelessly (my default), Pi-Hole does not appear to be blocking ads. I do not see ads on my iPhone, though, which is also connected wirelessly.

Debug Token:

kuj2gm4ocu (more recent, see post 4 for details)

It appears that the router is providing an alternate DNS path around Pi-Hole, and the MBP is using that path.

If your router won't let you specify a local DNS, then you have a few other options:

  1. Manually configure clients to use the Pi-Hole and nothing else.
  2. Use Pi-Hole as your DHCP server. When clients get their IP address from the Pi-Hole DHCP, they will automatically be assigned Pi-Hole for DNS.

Other things worth trying (Even if it's just double checking):

+Be sure to Flush DNS caches, and Renew DHCP Leases - Rebooting devices is an easy way to do so

Thank you for the replies. Unfortunately, the problem remains unresolved. Here's the latest:

I reinstalled Stitch & pi-hole after an unknown configuration error on my part.

I was able to reproduce the same results described above: Mac mini over ethernet get ads blocked nearly perfectly. MBP over ethernet gets most ads blocked. MBP over wifi lets many ads through unblocked, including some ads on the pi-hole test page.

For both Ethernet and WiFi, the MBP has only (assigned to Raspberry Pi on which pi-hole runs) listed under DNS servers.

I disabled DHCP server on the router, then I immediately enabled DHCP server on pi-hole. I ran "sudo killall -HUP mDNSResponder; sleep 2;" in Terminal on MBP.

The problem persists: Mac mini over ethernet get ads blocked nearly perfectly. MBP over ethernet gets most ads blocked. MBP over wifi lets many ads through unblocked, including some ads on the pi-hole test page.

New debug token: kuj2gm4ocu

Your debug log shows no Pi-Hole problems. This appears to be a router configuration problem. There have been previous reports of routers not handling WiFi and wired clients equally.

Check your router configuration carefully.

I've checked the router's configuration against everything I know to check against. The specified DNS server is, i.e., the Rpi3B+ (eth0). DHCP service is disabled on the router. DHCP is enabled on pi-hole, via the web interface. It shows most of my active devices, and their IP addresses came from the range from which pi-hole draws, not the range from which the router draws.

Interestingly, pi-hole does not list the mini's eth0 IP address under DHCP leases, despite the mini's address clearly having been provided by pi-hole. Pi-hole does list the mini's WiFi IP address. PiHole is working well on the mini over ethernet.

On both the mini and the MBP, for ethernet and for WiFi, the specified DNS server in System Preferences > Network > Ethernet (Wifi) > DNS > DNS Servers is (pi-hole's IP address).

I don't know what else to check.


I reinstalled pi-hole, after an unknown config error. Once again, I am using my router as a DHCP server. In this configuration, I get ad-blocking almost everywhere, including my iOS devices, except on my MBP. I've seen a few ads get through on my iPhone, but haven't noticed anything on my iPad. (Note that I don't spend much time in iOS.) My MBP lets many ads through.

It occurred to me today on my MBP is the custom VPN software my employer requires. While the VPN is "disabled" while I'm at home, I cannot actually switch off the application without an uninstall. (A force quit is followed by an immediate restart.) I suspect it is forcing a DHCP server, bypassing Network Preferences. When I get a chance, I'll create a clean install on an external drive, boot into it while on my home network, and see if it's blocking ads.That should sufficiently test my hypothesis, without affecting my ability to use my work network.

Pi-hole seems to work near-perfectly on the machines and devices with no special employer-provided software installed, wired or wireless.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.