Pi-hole not blocking any ads, even though primary dns is pointing to pihole from router

elst · April 8, 2023, 9:48pm

Pi-hole not blocking any ads, even though primary dns is pointing to pihole, dashboard shows 2% of queries were blocked, but all the adsites are still showing ads including google ads, purple ads, etc.,

Please find more details about the issue, could you please help me to get the issue resolved? thanks.,

nslookup pi-hole.net
Server:  pi.hole
Address:  192.168.0.111

Non-authoritative answer:
Name:    pi-hole.net
Address:  3.18.136.52

nslookup ads.google.com
Server:  pi.hole
Address:  192.168.0.111

Non-authoritative answer:
Name:    ads.google.com
Addresses:  2607:f8b0:4006:80c::xxxx
          142.xxx.xx.xx

Below snapshot shows the wifi router configuration for DHCP server is using pihole as Primary DNS:

I am runniing pi-hole in a rasp pi with its WebUI enabled, version details below. It has around 400 domanis on its adlists, including https://blocklistproject.github.io/Lists/ads.txt and Gravity was updated and PiHole was also restarted.

Pi-hole v5.15.5
FTL v5.21
Web Interface v5.18.4

jfb · April 8, 2023, 10:40pm

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

elst · April 9, 2023, 1:08pm

Thanks for checking, here is the debug token url

Appreciate your assistance..

elst · April 9, 2023, 1:28pm

There was a RateLimit warning from the previous debug log, so extended it and generated again (if that matters for analysis) - updated debug token url

Bucking_Horn · April 9, 2023, 10:44pm

Your router's DHCP server distributes ist own IP address in addition to Pi-hole as local DNS server:

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 300 bytes from wlan0:192.168.0.1
     Offered IP address: 192.168.0.111
     DHCP options:
      Message type: DHCPOFFER (2)
      dns-server: 192.168.0.111
      dns-server: 192.168.0.1

This would allow clients to by-pass Pi-hole via 192.168.0.1 at their discretion.
Pi-hole has to be the sole DNS server for your clients.

elst · April 10, 2023, 4:18am

Thank you. After updating my routers DHCP to have the PiHole's DNS as both Primary & Secondary DNS, now I see the below from the debug log. Here is its token url for reference.,

Could you please review and let me know., Thank you.

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
Timeout: 10 seconds

Received 300 bytes from wlan0:192.168.0.1
Offered IP address: 192.168.0.111
Server IP address: 192.168.0.1
Relay-agent IP address: N/A
BOOTP server: (empty)
BOOTP file: (empty)
DHCP options:
Message type: DHCPOFFER (2)
server-identifier: 192.168.0.1
lease-time: Infinite
netmask: 255.255.255.0
broadcast: 192.168.0.255
dns-server: 192.168.0.111
** dns-server: 192.168.0.111**
router: 192.168.0.1
--- end of options ---

yubiuser · April 10, 2023, 7:38am

Do you still see ads on your clients?

yubiuser · April 10, 2023, 7:40am

You have configured a lot of clients, but they are not associated to any group. No filtering will happen for those clients .

elst · April 10, 2023, 3:57pm

Thank you so much for finding the problem. Looks like I have accidentally removed a group, and it was causing all the clients to not be part of any group (including default). Now after adding all the clients to Default group it is working correctly.

Thanks again!

system · May 1, 2023, 3:57pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.