Pi-Hole Not Working (not resolving DNS)

#1

Please follow the below template, it will help us to help you!

Expected Behaviour:

Pi Hole should get the response back from DNS server (google/OpenDNS) . So that I can access the Internet from other devices

Actual Behaviour:

Pi Hole is NOT processing the response back from DNS server (google/OpenDNS) . as per logs its able to Forward the request , but no response is shown up in pihole.log file SO its not able to resolve

Debug Token:shkaj88tmt

_Link to DEBUG file: https://drive.google.com/open?id=1EENqNrL3fnaEQrm8Tzzhb5c-C0CY_ZzX

I spent lot of time to figure out the problem. But no luck.

I have OpenVPN and Pihole on same Pi. It works fine if I reconfigure Router DNS back to Pi , but it will stop wokring after some time, like an one Hr or so. Please let me know if you need any further details.

I followed instructions @ https://itchy.nl/raspberry-pi-3-with-openvpn-pihole-dnscrypt
to install OpenVPN and PiHole… I did not install dnscrypt.

0 Likes

#2

Below is the log from pihole.log file : I cant open google.com as well. We can see pihole forwarded to openDNS server…but no response …

Jan 13 09:03:35 dnsmasq[504]: forwarded google.com to 208.67.220.220
Jan 13 09:03:35 dnsmasq[504]: query[A] clients4.google.com from 192.168.1.1
Jan 13 09:03:35 dnsmasq[504]: forwarded clients4.google.com to 208.67.220.220
Jan 13 09:03:35 dnsmasq[504]: query[A] server18209.teamviewer.com from 192.168.1.1
Jan 13 09:03:35 dnsmasq[504]: forwarded server18209.teamviewer.com to 208.67.220.220
Jan 13 09:03:35 dnsmasq[504]: query[A] 0.client-channel.google.com from 192.168.1.1
Jan 13 09:03:35 dnsmasq[504]: forwarded 0.client-channel.google.com to 208.67.220.220

AFTER I remove the pihole as DNS server config in router , then internet works. But Request dint go through pihole.

THen after a min, I just put back the DNS server as pihole ( 192.168.1.xxx) in my Router , IT works for some time. See below log, it got reply…

Jan 13 09:14:19 dnsmasq[1778]: query[A] fonts.gstatic.com from 192.168.1.1
Jan 13 09:14:19 dnsmasq[1778]: forwarded fonts.gstatic.com to 208.67.220.220
Jan 13 09:14:19 dnsmasq[1778]: forwarded fonts.gstatic.com to 208.67.222.222
Jan 13 09:14:19 dnsmasq[1778]: reply fonts.gstatic.com is
Jan 13 09:14:19 dnsmasq[1778]: reply gstaticadssl.l.google.com is 172.217.10.131
Jan 13 09:14:19 dnsmasq[1778]: query[A] gstaticadssl.l.google.com from 192.168.1.1
Jan 13 09:14:19 dnsmasq[1778]: cached gstaticadssl.l.google.com is 172.217.10.131

AFTER Some time… I can’t access internet from any device and then I have to change my router to not us pi hole as DNS server , then again it wrks with out pihole…

PLS HELP

0 Likes

#3

In the web settings set Pi-hole to reply to all local queries.

0 Likes

#4

Thank you so much for response . I logged into pihole admin screen and went to settings…went through all tabs …but not able to find the reply to all local queries option .

Can you help where can I find that setting ?

0 Likes

#5

In the DNS tab, under “Interface listening behavior”

0 Likes

#6

It says “Listen on all interfaces
Allows only queries from devices that are at most one hop away (local devices)”

It does’t say reply to all local queries. I believe you mean by above setting. I enabled it now … and will test and let you know.

Thank you so much

0 Likes

#7

NO Luck… IT happend again ,… Its not able to capture response from OpenDNS…
I have to setup router to not use Pihole as DNS to access internet …

Pls help

BELOW Is the latest Debug Log:
This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2018-01-13:13:04:19 debug log has been initiated.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf…

*** [ DIAGNOSING ]: Core version
[i] Core: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-ge602008

*** [ DIAGNOSING ]: Web version
[i] Web: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-g31dddd8

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v2.13.2 (How do I update Pi-hole?)

*** [ DIAGNOSING ]: dnsmasq version
[i] 2.76

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45

*** [ DIAGNOSING ]: php version
[i] 7.0.19

*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 9 (stretch)

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the tun0 interface:
10.8.0.1/24 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

[✓] IPv6 address(es) bound to the tun0 interface:
fe80::f4e2:e22b:cf1b:4c49 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.1.1

*** [ DIAGNOSING ]: Ports in use
[22] is in use by sshd
[53] is in use by dnsmasq
[80] is in use by lighttpd
[4711] is in use by pihole-FTL

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] uvy3.pl is 192.168.1.153 via localhost (127.0.0.1)
[✓] uvy3.pl is 192.168.1.153 via Pi-hole (192.168.1.153)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✓] dnsmasq daemon is active
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=tun0
IPV4_ADDRESS=192.168.1.153/24
IPV6_ADDRESS=
QUERY_LOGGING=true
INSTALL_WEB=true
LIGHTTPD_ENABLED=1
DNSMASQ_LISTENING=local
PIHOLE_DNS_1=208.67.222.222
PIHOLE_DNS_2=208.67.220.220
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false

*** [ DIAGNOSING ]: Dashboard and block page
[✓] X-Pi-hole: A black hole for Internet advertisements.
[✓] X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r–r-- 1 root root 3949902 Jan 6 23:18 /etc/pihole/gravity.list
-----head of gravity.list------
192.168.1.153 0.0.0.0
192.168.1.153 0000mps.webpreview.dsl.net
192.168.1.153 0001.2waky.com
192.168.1.153 000dom.revenuedirect.com

-----tail of gravity.list------
192.168.1.153 zzsyw.com
192.168.1.153 zztxdown.com
192.168.1.153 zzz.clickbank.net
192.168.1.153 zz.zeroredirect1.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r–r-- 1 root root 633 Jan 5 06:20 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt

-rw-r–r-- 1 root root 0 Jan 11 16:39 /etc/pihole/blacklist.txt

-rw-r–r-- 1 root root 48 Jan 6 23:18 /etc/pihole/local.list
192.168.1.153 raspberrypi
192.168.1.153 pi.hole

-rw-r–r-- 1 root root 234 Jan 5 06:20 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}

-rw-r–r-- 1 root root 117 Jan 5 06:20 /etc/pihole/whitelist.txt
raw.githubusercontent.com
mirror1.malwaredomains.com
sysctl.org
zeustracker.abuse.ch
s3.amazonaws.com
hosts-file.net

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r–r-- 1 root root 1540 Jan 13 12:17 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=208.67.222.222
server=208.67.220.220
domain-needed
bogus-priv
local-service

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r–r-- 1 root root 3027 Jan 5 06:20 /etc/lighttpd/lighttpd.conf
server.modules = (
“mod_access”,
“mod_accesslog”,
“mod_auth”,
“mod_expire”,
“mod_compress”,
“mod_redirect”,
“mod_setenv”,
“mod_rewrite”
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( “/var/cache/lighttpd/uploads” )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( “index.php”, “index.html”, “index.lighttpd.html” )
url.access-deny = ( “~”, “.inc”, “.md”, “.yml”, “.ini” )
static-file.exclude-extensions = ( “.php”, “.pl”, “.fcgi” )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( “application/javascript”, “text/css”, “text/html”, “text/plain” )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell “find /etc/lighttpd/conf-enabled -name ‘*.conf’ -a ! -name ‘letsencrypt.conf’ -printf ‘include “%p”
’ 2>/dev/null”
$HTTP[“url”] =~ “^/admin/” {

   setenv.add-response-header = (
       "X-Pi-hole" => "The Pi-hole Web interface is working!",
       "X-Frame-Options" => "DENY"
   )
   $HTTP["url"] =~ ".ttf$" {
       
       setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
   }

}
$HTTP[“url”] =~ “^/admin/.(.*)” {
url.access-deny = ("")
}
include_shell “cat external.conf 2>/dev/null”

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r–r-- 1 root root 1628 Jan 12 23:54 /etc/cron.d/pihole
18 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
30 2 * * * root PATH="$PATH:/usr/local/bin/" pihole updatePihole
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
8 14 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r–r-- 1 www-data www-data 4228 Jan 13 08:17 /var/log/lighttpd/error.log
2018-01-07 06:25:02: (server.c.1534) logfiles cycled UID = 0 PID = 29154
2018-01-08 01:17:07: (log.c.217) server started
2018-01-08 01:17:07: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-09 13:17:07: (log.c.217) server started
2018-01-09 13:17:07: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-11 12:48:24: (log.c.217) server started
2018-01-11 12:48:24: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-11 21:39:05: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: preg_split(): Delimiter must not be alphanumeric or backslash in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 122
2018-01-11 21:39:05: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: Invalid argument supplied for foreach() in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 123
2018-01-11 21:39:07: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: preg_split(): Delimiter must not be alphanumeric or backslash in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 122
2018-01-11 21:39:07: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: Invalid argument supplied for foreach() in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 123
2018-01-11 21:39:08: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: preg_split(): Delimiter must not be alphanumeric or backslash in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 122
2018-01-11 21:39:08: (mod_fastcgi.c.2543) FastCGI-stderr: PHP Warning: Invalid argument supplied for foreach() in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 123
2018-01-12 15:26:10: (log.c.217) server started
2018-01-12 15:26:10: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-12 20:39:00: (log.c.217) server started
2018-01-12 20:39:00: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-12 23:17:06: (log.c.217) server started
2018-01-12 23:17:06: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-13 01:08:51: (server.c.1828) server stopped by UID = 0 PID = 1
2018-01-13 01:09:14: (log.c.217) server started
2018-01-13 01:09:14: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)
2018-01-13 01:57:39: (server.c.1828) server stopped by UID = 0 PID = 1
2018-01-13 01:57:47: (log.c.217) server started
2018-01-13 01:57:47: (server.c.1295) WARNING: unknown config-key: alias.url (ignored)

*** [ DIAGNOSING ]: contents of /var/log

-rw-r–r-- 1 pihole pihole 14662 Jan 13 12:17 /var/log/pihole-FTL.log
[2018-01-13 00:00:02.671] NOTICE: pihole.log has been flushed
[2018-01-13 00:00:02.671] Resetting internal data structure
[2018-01-13 00:00:02.671] Queries in memory before flushing: 24504
[2018-01-13 00:00:02.949] Gravity list entries: 107232
[2018-01-13 00:00:02.949] No blacklist present
[2018-01-13 00:00:02.949] No wildcard blocking list present
[2018-01-13 00:00:02.949] Reading from /var/log/pihole.log.1 (rw-r–r--)
[2018-01-13 00:00:02.950] Notice: Increasing queries struct size from 0 to 10000 (320.25 KB)
[2018-01-13 00:00:02.950] Notice: Increasing overTime struct size from 0 to 100 (324.25 KB)
[2018-01-13 00:00:02.950] Notice: Increasing forwarded struct size from 0 to 4 (324.33 KB)
[2018-01-13 00:00:02.953] New forward server: 8.8.8.8 google-public-dns-a.google.com (0/4)
[2018-01-13 00:00:02.953] Notice: Increasing domains struct size from 0 to 1000 (344.37 KB)
[2018-01-13 00:00:02.954] Notice: Increasing clients struct size from 0 to 10 (344.55 KB)
[2018-01-13 00:00:02.978] New client: 192.168.1.1 (0/10)
[2018-01-13 00:00:02.982] New forward server: 8.8.4.4 google-public-dns-b.google.com (1/4)
[2018-01-13 00:00:02.982] New client: 127.0.0.1 localhost (1/10)
[2018-01-13 00:00:03.010] New client: 10.8.0.2 (2/10)
[2018-01-13 00:00:04.002] Notice: Increasing queries struct size from 10000 to 20000 (673.02 KB)
[2018-01-13 00:00:04.498] New client: 192.168.1.153 raspberrypi (3/10)
[2018-01-13 00:00:04.535] Reading from /var/log/pihole.log (rw-r–r--)
[2018-01-13 00:06:23.537] NOTICE: Received signal SIGHUP - re-reading gravity files
[2018-01-13 00:06:23.803] Gravity list entries: 107232
[2018-01-13 00:06:23.803] No blacklist present
[2018-01-13 00:06:23.803] No wildcard blocking list present
[2018-01-13 00:06:35.288] New forward server: 208.67.220.220 (2/4)

*** [ DIAGNOSING ]: Pi-hole log
-rw-r–r-- 1 dnsmasq root 7720839 Jan 13 13:07 /var/log/pihole.log
-----head of pihole.log------
Jan 13 00:00:02 dnsmasq[559]: query[PTR] 8.8.8.8.in-addr.arpa from 127.0.0.1
Jan 13 00:00:02 dnsmasq[559]: cached 8.8.8.8 is google-public-dns-a.google.com
Jan 13 00:00:02 dnsmasq[559]: query[PTR] 1.1.168.192.in-addr.arpa from 127.0.0.1
Jan 13 00:00:02 dnsmasq[559]: forwarded 1.1.168.192.in-addr.arpa to 8.8.4.4
Jan 13 00:00:02 dnsmasq[559]: forwarded 1.1.168.192.in-addr.arpa to 8.8.8.8
Jan 13 00:00:02 dnsmasq[559]: query[PTR] 4.4.8.8.in-addr.arpa from 127.0.0.1
Jan 13 00:00:02 dnsmasq[559]: cached 8.8.4.4 is google-public-dns-b.google.com
Jan 13 00:00:02 dnsmasq[559]: query[PTR] 2.0.8.10.in-addr.arpa from 127.0.0.1
Jan 13 00:00:02 dnsmasq[559]: forwarded 2.0.8.10.in-addr.arpa to 8.8.8.8
Jan 13 00:00:04 dnsmasq[559]: query[PTR] 153.1.168.192.in-addr.arpa from 127.0.0.1
Jan 13 00:00:04 dnsmasq[559]: /etc/pihole/local.list 192.168.1.153 is raspberrypi
Jan 13 00:00:04 dnsmasq[559]: query[PTR] 1.1.168.192.in-addr.arpa from 127.0.0.1
Jan 13 00:00:04 dnsmasq[559]: forwarded 1.1.168.192.in-addr.arpa to 8.8.8.8
Jan 13 00:00:04 dnsmasq[559]: query[PTR] 2.0.8.10.in-addr.arpa from 127.0.0.1
Jan 13 00:00:04 dnsmasq[559]: forwarded 2.0.8.10.in-addr.arpa to 8.8.8.8
Jan 13 00:00:04 dnsmasq[559]: query[PTR] 153.1.168.192.in-addr.arpa from 127.0.0.1
Jan 13 00:00:04 dnsmasq[559]: /etc/pihole/local.list 192.168.1.153 is raspberrypi
Jan 13 00:00:56 dnsmasq[559]: query[AAAA] clients.l.google.com from 192.168.1.1
Jan 13 00:00:56 dnsmasq[559]: forwarded clients.l.google.com to 8.8.4.4
Jan 13 00:00:56 dnsmasq[559]: forwarded clients.l.google.com to 8.8.8.8



[✓] ** FINISHED DEBUGGING! **

* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[i] Debug script running in automated mode
* Using openssl for transmission.
[✗] There was an error uploading your debug log.

  • Please try again or contact the Pi-hole team for assistance.
  • A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log
0 Likes

#8

Can you provide a screenshot of your router’s Web interface of where you are setting Pi-hole as your DNS server.

0 Likes

#9

Please check attached

0 Likes

#10

Its very frustrating that … It works for some time and then suddenly cuts off all devices from internet … Every time I have to go and setup router to not use pihole … Not able to find root cause.

Ant help is greatly appreciated!

0 Likes

#11

This is very weird. From what I can tell right now it doesn’t seem to be a direct Pi-hole issue but rather that your Raspberry Pi is not able to either

  • reach the Internet at all, or
  • reach only the upstream DNS servers.

Please configure it again such that is will stop working after a short while. Please try the command

dig pi-hole.net @208.67.222.222

once before it fails and once after there is no DNS resolution possible.

0 Likes

#12

Thank you so much for all your help. YES, Unfortunately Verizon box had issues at the same time I installed pi hole. And Verizon tech confirmed that their box is dropping IP and not able to provide internet connection. They replaced with a new Box and its all working good so far.

Its Solved!!

0 Likes

#13

I have what appears to be the exact same problem. Same symptoms at least.

Is it still working now? Did a replacement router fix it entirely?

I get for example this:
; <<>> DiG 9.10.3-P4-Raspbian <<>> pi-hole.net @208.67.222.222
;; global options: +cmd
;; connection timed out; no servers could be reached

But the router is currently only working because I set that OpenDNS (208.67.222.222) as the back-up, so the router can access the address, and get DNS. My computers and all can access the router and get DNS service, but if I leave the rpi (rpi v3B, running DietPi v6.7 and pihole v3.3.1) to answer the DNS then it won’t do it … strange thing is it worked fine for the last 24 hours.

The failure coincided with a single client requesting >1500 resolutions (vs ~500 as previous maximum).

Maybe my rpi is sick?

0 Likes

split this topic #14

A post was split to a new topic: Pi-Hole and unbound not working

0 Likes

#15

Hi,

I have the same problem and I dont have verizon and I am using pihole’s DHCP too.

For me, as soon as I setup openvpn using the guide in pihole docs, I start seeing tremendous amount of queries on pihole and then no internet anywhere… pinging google on rpi with pihole also fails with resolution failures. To abate this, I then have to switch to using my router’s dhcp and then remove openVpn. Any ideas what is going on?pihole_debug-sanitized.txt (28.2 KB)

0 Likes