Pi-Hole not blocking ads

Please follow the below template, it will help us to help you!

This is my first raspberry pi project, I installed raspbian, then installed pi-hole, I have been able to get into the console on any pc. i have changed the dns number accordingly, updated whatever I needed to do. My router is a ASUS RT-N12D1, firmware is up to date.

I am very new to this so thank you in advanced as my knowledge is limited.

Expected Behaviour:

Once I got the pi-hole running, it will block ads network wide

Actual Behaviour:

It’s not blocking ads.

Debug Token:

4n2kuhkylr

This section of your debug log shows that the Pi-Hole is properly processing received DNS requests. This indicates the problem likely lies in the configuration of your router to use Pi-Hole.

I would start by configuring a single client to use Pi-Hole, then once you establish that a client can connect to it, then expand it to your network. With a single client, it’s easier to track the activity in the query log.

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] archanatraderspilathara.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] archanatraderspilathara.com is 0.0.0.0 via Pi-hole (192.168.1.252)
[✓] doubleclick.com is 172.217.6.46 via a remote, public DNS server (8.8.8.8)

As a first test, from a client that should be connected, try to communicate with the Pi-Hole with these commands:

nslookup pi.hole

nslookup pi.hole 192.168.1.252

I entered those commands to command prompt, here are the results:
C:\Windows\system32>nslookup pi.hole
Server: router.asus.com
Address: 192.168.1.1

Name: pi.hole
Address: 192.168.1.252

C:\Windows\system32>
C:\Windows\system32>nslookup pi.hole 192.168.1.252

The first command output indicates that your router is using Pi-Hole for DNS, since it routed the lookup to the Pi-Hole and the correct answer was returned to the client.

What ads are you seeing? URL’s, screen captures, log outputs would help us help you.

I have been using this site.

This is how new I am, I don’t quite understand that statement

The client asked it’s DNS server - “who is pi.hole.” The router answered by asking pi.hole. The transaction went from the client, to the router, to Pi-Hole, then back to the router and then to the client.

Since “pi.hole” is a name only known by the Pi-Hole itself, since the name was resolved to an IP address (the IP of the Pi-Hole), then the Pi-Hole answered the question.

In your nslookup output you see the following:

nslookup pi.hole - this is the request from the client to it’s assigned DNS server
Server: [router.asus.com] - this is the server than answereded
Address: 192.168.1.1 - this is the address of the server (the router)

Name: pi.hole - this is the answer that the router got back from the DNS server it is using, Pi-Hole
Address: 192.168.1.252 - this is the address of the Pi-Hole.

I have changed the dns number to the pi-hole under the the LAN tab,DHCP server under DNS and WINS server setting.
I have also changed the dns server under the WAN tab, DNS settings and changed those numbers.

I go pi-hole’s test page and it’s still showing those two ads.

Is there something else I need to do?

These tools are very helpful

Just a small update:
I just updated the pi hole.

I have been remotely controlling using teamviewer.

On the pi itself is blocking ads on the ad block test page provided by the pi-hole site. On all other devices, it does not block those ads. Ad is rcm-na.amazon-adsystem.com. I would like to know how I can block this ad without the brave browser’s blockers.

Something curious happened, I put youtube.com on the blacklist, this cause only one pc not to be able to go on youtube on any browser. All of the other devices connected either wifi, ethernet, or powerline adapter. This is including my laptop (wifi), pc (powerline) android devices (wifi) could get on youtube either app or on the site. It’s just that one pc that was connected vai ethernet. I got youtube.com off the black list and it worked again on that one pc.

I have in the DNS tab in the pi hole under Interface listening behavior, I have switched to (listen on all interfaces) that didn’t work.

I have decided why no to change the dns upstream servers to custom ones provided by opennic, cause why not?

I still cannot get this thing to block ads. I have changed the proper settings on my router and still it won’t block ads

As before, this indicates that your clients are not sending their DNS traffic through the Pi-Hole. Most likely, this is a router configuration problem.

I would manually assign one of the clients that is seeing ads to use the DNS of Pi-Hole. Then see if that client traffic is going through the Pi-Hole.

You can use nslookup commands from clients to detemine which DNS server is responding to their DNS request. An example appears below. The server that replied is the Pi-Hole, and it correctly returned its own address for the host name “pi.hole”.

nslookup pi.hole
Server: 192.168.0.155
Address: 192.168.0.155#53

Name: pi.hole
Address: 192.168.0.155

I used the commands and this is what I got:
nslookup pi.hole
Server: raspberrypi
Address: 192.168.1.252

Name: pi.hole
Address: 192.168.1.252

I just changed the DNS on windows:

Local%20DNS

I Still get the same result:

I have made changed to DNS numbers on my router in a couple of places.

Is there anything else I need to show? Like on the pi or somewhere else on the router?

I would look through all the settings on the router, particularly in the IPv6 area. If you don’t use IPv6, turn it off on the router. Also look for DNS settings in parental controls, anything labeled family friendly, etc.

I just checked, they’re both off.

Is there anything else I should look at?

I don’t have that model router, so I can’t be of more help.

The model of the router is ASUS RT-N12D1

Sounds like the Asus router is pushing two DNS servers to the clients via DHCP:

If want to know for sure, install nmap on Pi-hole:

sudo apt install nmap

And do a DHCP discovery targeting the “<ASUS_ROUTER_IP_ADDRESS>”:

sudo nmap -sU -p67 --script dhcp-discover <ASUS_ROUTER_IP_ADDRESS>

I get a syntax when I get to <ASUS_ROUTER_IP_ADDRESS>

Should I disable DCHP on the router?

Should I do anything with the pi-hole DCHP?