Pi-Hole not blocking ads

#13

Is there anything else I need to show? Like on the pi or somewhere else on the router?

0 Likes

#14

I would look through all the settings on the router, particularly in the IPv6 area. If you don’t use IPv6, turn it off on the router. Also look for DNS settings in parental controls, anything labeled family friendly, etc.

0 Likes

#15

I just checked, they’re both off.

Is there anything else I should look at?

0 Likes

#16

I don’t have that model router, so I can’t be of more help.

0 Likes

#17

The model of the router is ASUS RT-N12D1

0 Likes

#18

Sounds like the Asus router is pushing two DNS servers to the clients via DHCP:

If want to know for sure, install nmap on Pi-hole:

sudo apt install nmap

And do a DHCP discovery targeting the “<ASUS_ROUTER_IP_ADDRESS>”:

sudo nmap -sU -p67 --script dhcp-discover <ASUS_ROUTER_IP_ADDRESS>

0 Likes

Asus AC68
Asus AC68
Pi.hole cannot be found
#19

I get a syntax when I get to <ASUS_ROUTER_IP_ADDRESS>

0 Likes

#20

Should I disable DCHP on the router?

Should I do anything with the pi-hole DCHP?

0 Likes

#21

You should put your routers IP address in that spot “<ASUS_ROUTER_IP_ADDRESS>” when running the nmap command.
It will show you the DNS server(s) pushed via DHCP.

Depends if your router dishes out two DNS servers to its clients.
This will cause ads to leak through like mentioned in the other thread.

0 Likes

#22

Local%20DNS
try putting 192.168.1.252 into both fields i.e. in alternative as well as the preferred server

0 Likes

#23

You should put your routers IP address in that spot “ <ASUS_ROUTER_IP_ADDRESS> ” when running the nmap command.> Blockquote

I have entered it like:
<192.168.1.252>
<ASUS_ROUTER_IP_ADDRESS>
<ASUS_ROUTER_192.168.1.252>
<192.168.1.1>
<ASUS_ROUTER_192.168.1.1>

I have disabled the DCHP on the router, doesn’t work.

0 Likes

#24

Example with 10.0.0.2 doing DHCP on my network:

xbian@avr ~ $ sudo nmap -sU -p67 --script dhcp-discover 10.0.0.2

Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-21 06:31 CET
Nmap scan report for noads.dehakkelaar.nl (10.0.0.2)
Host is up (0.00066s latency).
PORT   STATE SERVICE
67/udp open  dhcps
| dhcp-discover:
|   DHCP Message Type: DHCPACK
|   Server Identifier: 10.0.0.2
|   Subnet Mask: 255.255.255.0
|   Broadcast Address: 10.0.0.255
|   Domain Name Server: 10.0.0.2
|   Domain Name: dehakkelaar.nl
|   Hostname: avr
|_  Router: 10.0.0.1
MAC Address: B8:27:EB:EE:1B:BD (Raspberry Pi Foundation)

Nmap done: 1 IP address (1 host up) scanned in 4.20 seconds
0 Likes

#25

Am I even doing this right?

0 Likes

#26

Is 192.168.1.1 your Asus router ?
If so, try below:

sudo nmap -sU -p67 --script dhcp-discover 192.168.1.1

0 Likes

#27

It worked!
Basically I have two DNS’s. I don’t remember putting my router ip as my dns in either the pi or the router.

0 Likes

#28

If a client gets two or more DNS servers assigned that are not Pi-holed, you can imagine this breaking the ad blocking when the clients query the other DNS occasionally.
Me and the user from the other thread were not able to get ride of that second DNS IP coming from the Asus router.
Thats why we disabled the DHCP service on the router and activated Pi-hole’s own DHCP service as a replacement:

EDIT: Dont forget to renew DHCP leases on the clients when switching DHCP!
Leases get renewed when disconnecting and reconnecting clients from network or reboot them.
Might also want to clear browser cache and if know how, clear OS DNS cache too.
Your screenshot looks like a Windows PC.
To clear OS DNS cache from a Windows command prompt:

ipconfig /flushdns

0 Likes

#29

I switched the DCHP from the router to the pi-hole via, turning off the router’s dchp and activating the pi-hole’s dchp. I then cleared cache (ccleaner and going into brave and clearing stuff there) and flushed the dns. I later rebooted the router (I did this in the router 192.168.1.1).

I have noticed that the dchp renew on the router is set to about 3.6 years (I am still learning new stuff here) vs the pi-hole is set to 1 day. I didn’t touch anything there.

Is there anything I missed or something else I need to do next, https://beta.speedtest.net/ still shows ads when brave ad blocker is turned off.

0 Likes

#30

I dont spot a single ad on that site.
What DNS server(s) are displayed when running below one in a command prompt on that Windows client ?

ipconfig /all

And whats outcome from below one on the Windows client:

nslookup pi.hole

And below one on Pi-hole:

echo '>stats' | nc localhost 4711

0 Likes

#31

Did you try having 192.168.1.252 in both “preferred” as well as “alternative” dns server fields?

0 Likes

#32

My Asus firmware only allows to enter one external DNS server.
So thats no go.

0 Likes