Pi-hole not working properly

@jfb

domains_being_blocked 114458
dns_queries_today 1416
ads_blocked_today 220
ads_percentage_today 15.536723
unique_domains 233
queries_forwarded 1011
queries_cached 185
clients_ever_seen 4
unique_clients 4
dns_queries_all_types 1416
reply_NODATA 13
reply_NXDOMAIN 5
reply_CNAME 0
reply_IP 67
privacy_level 0
status enabled
---EOM---

@Tesserax
For the first one

[✓] Creating user 'pihole'
  [✓] Installing scripts from /etc/.pihole

  [i] Installing configs from /etc/.pihole...
  [✓] No dnsmasq.conf found... restoring default dnsmasq.conf...
  [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

  [i] Installing blocking page...
  [✓] Creating directory for blocking page, and copying files
  [✗] Backing up index.lighttpd.html
      No default index.lighttpd.html file found... not backing up

  [✓] Installing sudoer file

  [✓] Installing latest Cron script

  [✓] Installing latest logrotate script
  [i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old

  [✓] Installing new IPTables firewall rulesets
  [✓] man pages installed and database updated

and for the second one

PIHOLE_INTERFACE=wlan0
IPV4_ADDRESS=192.168.178.46/24
IPV6_ADDRESS=2001:16b8:6f5a:2100:f904:8591:1a54:f229
QUERY_LOGGING=true
INSTALL_WEB_SERVER=false
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=false
WEBPASSWORD=0da8fd55201bf66e033f24f0df914d02e362666cf85b9a36442e55b01ff61cbc
BLOCKING_ENABLED=true
DNSMASQ_LISTENING=single
PIHOLE_DNS_1=8.8.8.8
PIHOLE_DNS_2=8.8.4.4
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
CONDITIONAL_FORWARDING=false

Your debug log shows that Pi-Hole is working properly and processing DNS queries. The problem likely lies in the router configuration.

From a client that you believe should be connected to the Pi-Hole for DNS, from the command prompt or terminal on that client (and not via ssh or Putty to the Pi), what is the output of

nslookup pi.hole 192.168.178.46

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.178.46

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

This is from my PC which should be connected.

What is the output of this command from the PC command prompt:

ipconfig /all

Windows-IP-Configuration

   Hostname  . . . . . . . . . . . . : DESKTOP-83V1AHB
   Primary DNS-Suffix . . . . . . . :
   Note type. . . . . . . . . . . . : Hybrid
   IP-Routing activated. . . . . . : No
   WINS-Proxy activated. . . . . . : No
   DNS-Suffixsearchlist.. . . . . . . : fritz.box

Ethernet-Adapter Ethernet:

   Connection specific DNS-Suffix: fritz.box
   Description. . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
   Physical address . . . . . . . . : 04-D4-C4-57-3C-E5
   DHCP activated. . . . . . . . . . : Yes
   Autoconfiguration activated. . . . : Yes
   IPv4-Address  . . . . . . . . . . : 192.168.178.30(Prefered)
   Subnet mask  . . . . . . . . . . : 255.255.255.0
   Lease received. . . . . . . . . . : Saturday, 11. January 2020 13:41:40
   Lease expires. . . . . . . . . . : Tuesday, 21. January 2020 16:44:56
   Standardgateway . . . . . . . . . : 192.168.178.1 (My router which uses the Raspberry as DNS)
   DHCP-Server . . . . . . . . . . . : 192.168.178.1
   DNS-Server  . . . . . . . . . . . : 192.168.178.1
   NetBIOS via TCP/IP . . . . . . . : Activated

(Had to translate the output. Hope it's all correct)

EDIT: Oh yeah i also wanna add, when i have Pi Hole installed, my /etc/rc.local won't run on reboot anymore. If i uninstall Pi Hole it starts working again.

It would recommend you revisit your FritzBox configuration.

There is definitively more than one way to correctly configure it.
Pi-Hole und FritzBox Setup Anleitung - #128 by Gert_Chlupaty has quite a few configuration examples, some of them even quite recent.

Also, it's in German, which might better suit you, as you run a FritzBox and mentioned translation :wink:


Ich würde empfehlen, Deine Fritzbox-Konfiguration noch einmal zu überdenken und ggf. anzupassen.

Es gibt hierfür sicherlich mehr als eine richtige Konfiguration.
Pi-Hole und FritzBox Setup Anleitung - #128 by Gert_Chlupaty enthält einige halbwegs aktuelle Konfigurationsbeispiele.

Das ist außerdem auf Deutsch, was Dir vielleicht entgegenkommt, wo Du doch eine FritzBox fährst und auch schon von Übersetzung geschrieben hast :wink:

I did everything according to the setup tutorial. It remains exactly the same as before. Ads not being blocked, and directly using the Pi Hole as DNS for my PC doesn't let me open any websites, because they don't exist.

Which tutorial?

On a Windows machine that is not blocking ads, what's the exact output of:

ipconfig /all | find /i "server"

and

nslookup flurry.com

The one you mentioned. Also I just had to undo every setting i made for Pi Hole inside my router settings, because my whole internet was gone and i couldn't even reach my router anymore. And no, I did not do anything wrong. I did the exact things that were mentioned in the tutorial.

As for the commands:

DHCP-Server . . . . . . . . . . . : 192.168.178.1
DNS-Server  . . . . . . . . . . . : 192.168.178.1

and

Server:  fritz.box
Address:  192.168.178.1

Non-authoritative response:
Name:    flurry.com
Addresses:  98.136.103.26
          212.82.100.153
          74.6.136.153

I'm pretty sure, for now the most important part is not that something's wrong with my router. The most important part is, that I can't even access any website if I try to use my Pi Hole directly as DNS Server for my PC. Without that working, I don't think it will even if the router is working as it should.

I didn't mention a tutorial.
I've provided a link to a post that contains a variety of possible configurations.

If you did use Gert_Chlupaty's settings, you quite likely haven't applied them correctly:

This shows you are using your FB as local DNS-Server.

This shows that your FritzBox has resolved flurry.com, which would have been blocked had you set up Pi-hole as your FB's upstream DNS server.

Gert_Chlupaty's settings do not require to set Pi-hole as upstream DNS server for your FB, but they rely on setting up Pi-hole als local DNS server correctly.

The output of your commands implies that currently your FB is not using Pi.hole at all.

If had to guess:
This might be caused by a missing or incorrect setting of your local DNS server under Heimnetz| Netzwerk | Netzwerkeinstellungen | IPv4-Adressen in your FB.

What IP address did you enter there?

Exactly. Because as I said, my whole Internet stopped working when i used my Pi Hole as DNS Server. That's why i had to reset everything...

I entered my Pi Hole address in the Local DNS-Server settings before. Which is 192.168.178.46

EDIT: Not that It's interesting. But if you want to know, i used the commands again with Pi Hole as DNS Server.

   DHCP-Server . . . . . . . . . . . : 192.168.178.1
   DNS-Server  . . . . . . . . . . . : 192.168.178.46
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.178.46

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Zeitüberschreitung bei Anforderung an UnKnown.

Your FritzBox should be always available via its IP, either 192.168.178.1 by default or its emergeny IP 169.254.1.1 in an otherwise completely unconfigured network, even if name resolution for fritz.box may fails.

That shows that 192.168.178.46 is not responding to DNS requests.
Is Pi-hole running? Is your Pi-hole machine residing at that address? Do you see the flurry.com DNS queries listed in Pi-hole's Query Log?

Yeah I had to use the emergency IP to reach it.

My Pi Hole is running and yes that's the IP of it. It also says in the Admin Interface "Pi-hole IPv4 address: 192.168.178.46/24". I can normally ping the IP aswell from my Computer. And I do not see the query listed.

That information may not be accurate, as it is populated from Pi-hole's default settings as defined during its installation (setupVars.conf). And ping just verifies that some device is residing at that address.

So we better verify this:
Does your FritzBox show your RPi using this .46 address?
Alternatively, if you run ip addr on your RPi, does that produce a matching address?

Also, when run from your Pi-hole machine, what's the output of:

pihole status

and

grep "server=" --include=\*.conf -rn /etc/dnsmasq.d/

And finally: Does your RPi provide both WLAN and Ethernet connectivity?

ip addr shows me the same IP and I've also checked in the router before and I'm running a webserver on it aswell.

inet 192.168.178.46/24
pi@raspberrypi:~ $ pihole status
  [✓] DNS service is running
  [✓] Pi-hole blocking is Enabled
pi@raspberrypi:~ $ grep "server=" --include=\*.conf -rn /etc/dnsmasq.d/
/etc/dnsmasq.d/01-pihole.conf:41:server=8.8.8.8
/etc/dnsmasq.d/01-pihole.conf:42:server=8.8.4.4
/etc/dnsmasq.d/01-pihole.conf:43:server=2001:4860:4860:0:0:0:0:8888
/etc/dnsmasq.d/01-pihole.conf:44:server=2001:4860:4860:0:0:0:0:8844
/etc/dnsmasq.d/01-pihole.conf:45:server=192.168.178.1#53
/etc/dnsmasq.d/01-pihole.conf:46:server=192.168.178.1#53
/etc/dnsmasq.d/01-pihole.conf:47:server=fd00:0000:0000:0000:9a9b:cbff:fe59:614a#53
/etc/dnsmasq.d/01-pihole.conf:48:server=fd00:0000:0000:0000:9a9b:cbff:fe59:614a#53

I have my Raspberry connected via WLAN. I can't use LAN for it at the current place.

Let's verify Pi-hole is configured for using its WLAN interface:

grep "interface" --include=\*.conf -rn /etc/dnsmasq.d/
pi@raspberrypi:~ $ grep "interface" --include=\*.conf -rn /etc/dnsmasq.d/
/etc/dnsmasq.d/01-pihole.conf:50:interface=wlan0

Good, let's check ports next:

sudo netstat -tulpn | grep :53
pi@raspberrypi:~ $ sudo netstat -tulpn | grep :53
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      5772/pihole-FTL
tcp6       0      0 :::53                   :::*                    LISTEN      5772/pihole-FTL
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           518/avahi-daemon: r
udp        0      0 0.0.0.0:53              0.0.0.0:*                           5772/pihole-FTL
udp6       0      0 :::5353                 :::*                                518/avahi-daemon: r
udp6       0      0 :::53                   :::*                                5772/pihole-FTL

I summarize what we have established so far:

Your Pi-hole is up and running at 192.168.178.46, it is correctly configured to listen on its wlan0 interface and showing no signs of port conflicts.

Your FB is set to distribute 192.168.178.46 as local DNS server to its DHCP clients via Heimnetz| Netzwerk | Netzwerkeinstellungen | IPv4-Adressen

Your FB is also configured set to use its default ISP-provided DNS servers as upstream DNS servers via Internet | Zugangsdaten | DNS-Server. Specifically, Pi-hole is not set anywhere under this settings.

Or isn't it? I am not entirely sure, based on your previous posts.