My Setup
I’m running an Eero 6 router with Pi-hole v6 on a bridge network, hosted via Docker on a local NAS.
The Issue
I’m still getting ads on my OnePlus 13 Android phone, both in mobile apps and browsers.
Interestingly, Pi-hole blocks ads perfectly on all other devices (including Apple phones), but it doesn’t seem to be affecting my OnePlus at all.
What I've already tried:
Disabled Private DNS on my phone.
Assigned a static IP to the phone through my Eero 6 router.
Turned Off mobile data, removed WiFi connection and reconnected
Cleared browser cache and removed and re-installed mobile apps in questions
But the issue persists.
Has anyone experienced something similar or have suggestions on what could be causing this?
I’d really appreciate any insights or troubleshooting tips!
Thanks in advance!
The OPPO and OnePlus OS builds are known to add Google's DNS to the configured DNS servers. This means that the phone always has a way to bypass any blocking from Pi-hole and use Google to resolve the domain. See this post.
The easiest way to solve this is to block DNS traffic (UDP port 53) leaving your router from all devices except your router and pihole.This way, clients are forced to use the pihole to resolve any DNS traffic. You can accomplish this by editing your router's firewall.
For context: I do not own an eero. After some googling, it seems you can't edit IPv4 firewall settings in eero OS. That is absolutely crazy to me that one of the most important functions of a router is inaccessible.
The only way to reliably block DNS traffic is through a firewall, and because eero does not let you edit the firewall, you realistically have two options for blocking DNS -
Buy a new router/firewall that allows firewall editing
Get a device that can act as a firewall and put that in front of the eero, where you can then adjust your firewall accordingly.
Realistically, I'd choose the first option as the second option complicates your network.
Edit: On second thought: is your network exclusively IPv6? You mentioned that it does come with an IPv6 firewall editor.
No its not just to IPv6, I can setup everything IPv4 in it. Only thing I dont see IPv4 firewall option
But I have an option to disable IPv6 all together in Eero 6
It's possible by using the Link-Local IPv6 Address of your Pi-Hole in your DHCPv6 and SLAAC Settings on the Router as DNS Server IP
Another suggestion is to not setup any IPv6 DNS Server and let the Clients use IPv4 for DNS even for their IPv6 traffic but I think it's a bit weird to be honest...
You could also consider running something else instead of Android on your OnePlus phone like I do on my OnePlus 7 Pro
I am using UBPorts Ubuntu Touch on it and am 100% Google Free for about 1 year now!
I am using UBPorts Ubuntu Touch on it and am 100% Google Free for about 1 year now!
I love FOSS for reasons like this.
Wondering if its possible to setup IPv6 in pihole, so phone can go via pihole IPv6 DNS if it decides that route
I would personally just stay as an IPv4-exclusive network. IP translation support works well enough to access IPv6 services, and IPv4 networks are generally more mature & secure over IPv6 since they have been out for much longer.
The only reason for IPv6 adoption is because we are running out of public IPs. If you've still got a public IPv4 address through your ISP, there's really no reason to jump to IPv6 in the near future.
If you'd like to edit a firewall though, that's going to need a new device.
