Hi @GeorgeT and thanks for your input.
But the issue in this thread is that he Asus router also advertises its own DNS service to the clients alongside the DNS server configured in the DHCP DNS section on the router.
As the DNS service on the Asus router isn't Pi-holed, ads leak through.
You could configure the router's upstream WAN DNS setting to point to the Pi-hole IP address but this screws up the statistics on the Pi-hole web GUI as from Pi-hole point of view, some of the queries originate from the router instead of the clients.
What is output on your Pi-hole for below one (might need to install nmap ... see above) ?
sudo nmap -sU -p67 --script dhcp-discover <ASUS_ROUTER_IP_ADDRESS>
Example with 10.0.0.1 being my Asus router and 10.0.0.2 being Pi-hole:
pi@noads:~ $ sudo nmap -sU -p67 --script dhcp-discover 10.0.0.1
Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-23 12:53 CET
Nmap scan report for 10.0.0.1
Host is up (0.00053s latency).
PORT STATE SERVICE
67/udp open dhcps
| dhcp-discover:
| DHCP Message Type: DHCPACK
| Server Identifier: 10.0.0.1
| Subnet Mask: 255.255.255.0
| Broadcast Address: 10.0.0.255
| WPAD:
|
| NetBIOS Name Server: 10.0.0.1
| Domain Name: dehakkelaar.nl
| Domain Name Server: 10.0.0.2, 10.0.0.1
|_ Router: 10.0.0.1
MAC Address: 50:46:5D:6C:20:00 (Asustek Computer)
Nmap done: 1 IP address (1 host up) scanned in 3.90 seconds