Pi-hole not receiving queries?


#4

Nothing looks odd there. Maybe your router just doesn’t accept local DNS servers?

Please try on one of the Linux boxes:

dig pi-hole.net
dig pi-hole.net @192.168.1.150

#5

Maybe your router just doesn’t accept local DNS servers?

I use DD-WRT on my router so it should not be an issue, it was working just fine until I updated my pi-hole box to Debian 9. On Debian 8 it worked fine. Very odd.


Pi-hole showing only local client, not filtering for remote clients
#6

Please try the commands I suggested and tell us what the response is. If it worked before and you haven’t changed anything on your router, then I agree that it shouldn’t be a router issue (but that wasn’t clear to me until now).


#7

So I’ve run the command, here are the results:

$ dig pi-hole.net

; <<>> DiG 9.11.2 <<>> pi-hole.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58366
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		299	IN	A	104.24.108.83
pi-hole.net.		299	IN	A	104.24.109.83

;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Dec 30 15:59:26 PST 2017
;; MSG SIZE  rcvd: 72

and

$ dig pi-hole.net @192.168.1.150

; <<>> DiG 9.11.2 <<>> pi-hole.net @192.168.1.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21592
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		300	IN	A	104.24.109.83
pi-hole.net.		300	IN	A	104.24.108.83

;; AUTHORITY SECTION:
pi-hole.net.		172800	IN	NS	dina.ns.cloudflare.com.
pi-hole.net.		172800	IN	NS	graham.ns.cloudflare.com.

;; Query time: 90 msec
;; SERVER: 192.168.1.150#53(192.168.1.150)
;; WHEN: Sat Dec 30 15:59:30 PST 2017
;; MSG SIZE  rcvd: 129

#8

From the above, to me it looks like it should be working… I normally have a backup DNS address (OpenDNS) set on my clients. Just now I set it on my Arch client so that my pi-hole IP is the only DNS server. As I expected from the good results above, I am still able to browse the net so DNS is working as it should as far as I can tell, and actually ads are NOT being blocked. and nothing shows up in the logs. Not allowed requests nor blocked requests.

The problem is not that the queries just aren’t being logged at all because there are a few queries from the NTP deamon on localhost that do get logged. I’m at wits end with this… Something must not be configured properly, but I have run pi-hole -r many times now with no change.

2017-12-30-160937_1600x900_scrot


#9

Results from the first dig tells that your client PC is not using Pi-hole for DNS resolution, but instead Google’s DNS server 8.8.8.8 is answering:

Either on the router you find a setting called “DHCP server --> DNS” or similar and set the Pi-hole IP address to be pushed to the clients as their DNS server.
Or if that setting doesnt exist, disable the DHCP server on the router and enable the DHCP server on Pi-hole as a replacement:

And whenever changing DHCP settings, these changes need to propagate by either waiting untill the DHCP lease expires on the clients, or disconnect & reconnect network on the clients or reboot them.
And dont use a backup or secondary DNS server on the clients as the clients will query that DNS server too causing ads to leak through!


#10

Results from the first dig tells that your client PC is not using Pi-hole for DNS resolution, but instead Google’s DNS server 8.8.8.8 is answering:

Sorry, my mistake, I had accidentally set my DNS on my client to 8.8.8.8 for testing purposes and forgot to change it back before running the command. I have set it back to my pihole IP (192.168.1.150) and re-run the command with expected results:

$ dig pi-hole.net

; <<>> DiG 9.11.2 <<>> pi-hole.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60727
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		165	IN	A	104.24.109.83
pi-hole.net.		165	IN	A	104.24.108.83

;; AUTHORITY SECTION:
pi-hole.net.		171411	IN	NS	dina.ns.cloudflare.com.
pi-hole.net.		171411	IN	NS	graham.ns.cloudflare.com.

;; Query time: 1 msec
;; SERVER: 192.168.1.150#53(192.168.1.150)
;; WHEN: Sat Dec 30 16:22:39 PST 2017
;; MSG SIZE  rcvd: 129

#11

Can you see that query now in the Pi-hole logs ?

EDIT: And this bit:


#12

No, I cannot see the query…

These are the results when I do a dig on a domain that is being “blocked” (ie random domain I pulled off one of the enabled block lists)

dig ads.nexage.com

; <<>> DiG 9.11.2 <<>> ads.nexage.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25882
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 10, ADDITIONAL: 6

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ads.nexage.com.			IN	A

;; ANSWER SECTION:
ads.nexage.com.		600	IN	CNAME	ads.nexage.akadns.net.
ads.nexage.akadns.net.	300	IN	CNAME	global.nexage.akadns.net.
global.nexage.akadns.net. 300	IN	A	158.85.32.58

;; AUTHORITY SECTION:
akadns.net.		171050	IN	NS	a13-130.akadns.org.
akadns.net.		171050	IN	NS	a9-128.akadns.net.
akadns.net.		171050	IN	NS	a18-128.akadns.org.
akadns.net.		171050	IN	NS	a3-129.akadns.net.
akadns.net.		171050	IN	NS	a11-129.akadns.net.
akadns.net.		171050	IN	NS	a1-128.akadns.net.
akadns.net.		171050	IN	NS	a7-131.akadns.net.
akadns.net.		171050	IN	NS	a5-130.akadns.org.
akadns.net.		171050	IN	NS	a28-129.akadns.org.
akadns.net.		171050	IN	NS	a12-131.akadns.org.

;; ADDITIONAL SECTION:
a1-128.akadns.net.	171050	IN	A	193.108.88.128
a3-129.akadns.net.	171050	IN	A	96.7.49.129
a7-131.akadns.net.	171050	IN	A	23.61.199.131
a9-128.akadns.net.	171050	IN	A	184.85.248.128
a11-129.akadns.net.	171050	IN	A	84.53.139.129

;; Query time: 150 msec
;; SERVER: 192.168.1.150#53(192.168.1.150)
;; WHEN: Sat Dec 30 16:28:51 PST 2017
;; MSG SIZE  rcvd: 420

#13

And dont use a backup or secondary DNS server on the clients as the clients will query that DNS server too causing ads to leak through!

As of a few posts ago (when I set back from 8.8.8.8), I have only set my pihole IP in the DNS settings for my client. No backup DNS address.


#14

And if you query the lists on Pi-hole ?

pihole -q ads.nexage.com


#15
$ pihole -q ads.nexage.com

grep: blacklist.txt: No such file or directory
 Match found in list.0.raw.githubusercontent.com.domains:
   ads.nexage.com
 Match found in list.6.hosts-file.net.domains:
   ads.nexage.com

#16

Its strange that you get proper dig reply from Pihole 192.168.1.150 as if it isnt blocked.
And strange the queries dont get logged.

Whats output from below ones ?

grep conf-dir /etc/dnsmasq.conf

grep addn-hosts /etc/dnsmasq.d/01-pihole.conf

grep ads.nexage.com /etc/pihole/gravity.list

#17

I just wanted to mention that I previously stated that ads are being blocked… this is not true. I had forgotten to disable uBlock Origin (sorry for the mix up, I’ve edited previous posts to reflect this). On my client, my pihole IP is set as the only DNS server, yet I can still browse the internet but for some reason ads are not being blocked.

$grep conf-dir /etc/dnsmasq.conf

conf-dir=/etc/dnsmasq.d
#conf-dir=/etc/dnsmasq.d,.bak
#conf-dir=/etc/dnsmasq.d/,*.conf

next,

$ grep addn-hosts /etc/dnsmasq.d/01-pihole.conf

addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list

finally,

$ grep ads.nexage.com /etc/pihole/gravity.list

192.168.1.150 ads.nexage.com

#18

And below one ?

dig ads.nexage.com @localhost 1> /dev/null; tail -2 /var/log/pihole.log


#19

That command returns no results. Also, I just noticed that the pihole log in /var/log/pihole.log is completely empty as well


#20

grep log-queries /etc/dnsmasq.d/01-pihole.conf


#21
$ grep log-queries /etc/dnsmasq.d/01-pihole.conf

log-queries

#22

Sorry forgot one:

grep "log-queries\|log-facility" /etc/dnsmasq.d/01-pihole.conf


#23

then I get an additional line

log-facility=/var/log/pihole.log