Pi-Hole Questions

clwmdm · December 30, 2017, 5:34pm

Please follow the below template, it will help us to help you!

Expected Behaviour:

PiHole to actively filter ads when using store-bought router

Actual Behaviour:

Only works when using Pi-Hole DHCP

Debug Token:

ucnzu2pm3j

Sorry for the very generic Topic name. I know I'm not the first to encounter challenges and I have been scouring the internet for days trying setting up PiHole.

The below topic has a few additional questions, but to spare everyone's time (and I greatly appreciate the help) my main question is this: From the above Debug Token is it possible to understand why I must use Pi-Hole DHCP and not that of the router? While Pi-Hole seems to now be working for me, there are some features on my router (namely blocking sites and more importantly, scheduling service availability for my kids) that I like. I have NOT yet dug into the Pi-Hole capabilities to see if it offers similar.

In other words, should I upgrade my modem to more capable firmware (such as DD-WRT or Tomato) or is this more an issue with my ISP, Google Fiber, and in order for Pi-Hole to work my ONLY option going forward it to use the Pi-Hole for DHCP?

Note this is not a complaint - Pi-Hole is a wonderful solution. Thank you for your help to my above (and if you have time, the below) questions.

My setup is as follows:
Desktop running Windows 7
ISP: Google Fiber
Router: Netgear WNR2000 v3 running Genie v.1.1.2.14
Raspberry Pi 3 Model B running Raspian Stretch. Has a static IP of 10.0.0.253

My apologies for opening this new topic as I really have tried everything and lots of research. Please note that while I have a tech background, it's not in networking. It's my weakest tech skill.

I have the Pi up and running. I can easily access it via VNC, and I can also easily access and log into Pi-Hole.

On my Netgear router, DNS settings are placed under the WPS Wizard>Setup>Internet Setup section. This page does NOT contain the DHCP settings.

DNS has always been set to "Get Automatically from ISP". When I change this to use Pi-Hole at 10.0.0.253 (and nothing else) I lose all internet connectivity. I can open Windows CMD and ping 10.0.0.253 no problem.

I chose the static address for RaspberryPi/PiHole as my online research told me to do so outside of the typically used address range.

With the above not working, on my router I re-enable DNS to "Get Automatically from ISP" and I then get all internet connectivity working again (but no ad blocking).

I then try to use Pi-Hole as my DHCP server. On my NetGear Genie I go to WPS Wizard>Setup>LAN Setup and disabled DHCP. My router WAS proving IP address is a range of 10.0.0.2 to 10.0.0.50.

I go to Pi-Hole, and when I set it up as DHCP, it does not let me choose the same range or anywhere close to it. Since I have the Pi set as 10.0.0.253, I set the IP range of 10.0.0.201 thru .220. It's not really the range I want, but it works. Why will Pi-Hole DHCP not let me select a lower IP address range?

I suppose it might have something to do with when I run Advanced IP scanner and see that most, but not all devices are still using the old range of IP addresses from my router. When I disabled DHCP on my router, I assume it is still keeping the previous IP addresses due to the IP Address Lease time? What I find odd is that I restarted some devices (tablets, phones) and SOME will get an IP address from PiHole (at the higher address range and the ad filtering works) and other devices, no matter how much I reset them, continue to use their current, Router-provided IP address.

Mcat12 · December 30, 2017, 6:22pm

Thanks for detailing your situation (we've helped people with less networking knowledge than you ).

It sounds like for your first issue, with the DNS settings, you were putting it in the WAN settings. That section is what the router uses when resolving DNS names, not usually what it hands out to clients. You should look for the LAN or DHCP DNS settings and set it there (remember, only set the Pi-hole with no secondary because clients don't care about the primary/secondary distinction).

For the issue with DHCP ranges, I was able to set a range of .2 to .50 without any obvious trouble. What happens when you try to set that range? Usually it only takes a restart for a device to use the new DHCP server, but I guess some devices might either be caching their DHCP or have a static IP address set (they do not use DHCP).

clwmdm · December 30, 2017, 7:32pm

Thank you for your response Mcat. On the first issue with the DNS settings, my NetGear router and Genie interface has this under Advanced Tab>WPS Wizard>Setup>Internet Setup. This WPS Wizard section also has Guest Network, WAN Setup, LAN Setup, and QoS Setup, but all DNS settings are under the Internet Setup section. DNS also is summarized on Advanced Home page in the router under "Internet Port".

The LAN Setup section per the above is where the LAN TCP/IP Setup and "Use Router as DHCP Server" menu is located - separate from any DNS settings, which are on the Internet Setup page.

I really, really should dump the Genie firmware and go with DD-WRT but when I am working in an area that is not my expertise I try to keep all variables to a minimum. Upgrading to DD-WRT could be a project for another day.

Regarding the DHCP range, I found what I was doing wrong: Since my router is 10.0.0.1 I was entering 10.0.0.002. Pi-Hole said the range was invalid. When I entered 10.0.0.2 the Pi-Hole took the new range. My bad.

Here's where things get strange: my Desktop (hardwire ethernet) and a Lumia 950 Phone (wifi) all working with the Pi-Hole. I simply restart the Lumia, it got a new lower IP-range address from the Pi-Hole, and from the Pi-Hole dashboard I can see it ad filter working.

None of my family's iOS or Android devices are yet getting ad filtering. We've reset the them, like the Lumia, but unlike the Lumia, no ad-filtering is working yet.

I know DNS takes time to propogate, and DHCP has leases, that on my Router I cannot control their expiry. So do I just wait this out 24hrs for the other devices?

Mcat12 · December 30, 2017, 7:43pm

Take a screenshot of the relevant sections of the router interface and I'll see if I see anything.

Try experimenting with the mobile devices to see if you can set settings manually, or if changing around the wifi causes it to look for DHCP again.

clwmdm · December 30, 2017, 7:54pm

Here's the summary page:

Here's the internet setup page:

WAN setup:

LAN Setup

Not sure these images are getting pasted....

DL6ER · December 30, 2017, 8:06pm

From looking at your screenshots, I'd say you cannot hand out the Pi-hole as DNS server through DHCP using your router. However, there shouldn't be any issue with just using the Pi-hole DHCP server as the features you mentioned (block specific sites for specific clients or set service availability) are things you set up independently on your router. They won't be affected by the DHCP leases being handed out by the Pi-hole.

DHCP leases can take forever* to expire. It is unclear if your clients will renew their addresses themselves without some encouragement (e.g. by restarting them or at least their networking interfaces).

*) forever = leases can be set to never expire at all

clwmdm · December 30, 2017, 9:42pm

On the DHCP leases, I'll experiment with the wifi devices over the holidays to see if I can get them to re-direct to Pi-Hole DHCP IP address.

As for fully blocking access to certain domains/websites (Facebook) my router used to handle that. In fact, I had found extensive lists online to add to the Router to block advertising. This was how I previously filtered ads until I starting testing Pi-Hole.

But with the Router configured to not support DHCP, it seems like it does little of anything anymore. I can now easily access Facebook despite it being in my router list (as seen below). So since my router is no longer blocking sites, I assume it is also no longer managing schedule access, etc.

I think what I really want is to have my router point to Pi-Hole for DNS, and leave the router doing the rest of what it used to. Thus I think I need to replace my old NetGear router with a new one with more capabilities.

My only unknown is if even a NEW router will allow me to point DNS to the Pi-Hole. I worry I will go through all of the effort of purchasing and installing a new router, only to learn that Google will not allow this.

Any recommendations on a solid router that works well with PiHole?

Thanks

deHakkelaar · December 30, 2017, 10:02pm

Do it the other way around.
Point Pi-hole's upstream DNS to the IP of your router.
And default your router WAN DNS settings to pointing to the DNS servers provided by your ISP "Get automaticly from ISP".
That way DNS resolving goes through both devices and can use features from both.

DL6ER · December 30, 2017, 10:11pm

You can do it as @deHakkelaar suggested:

Disable DHCP on your router
Enable DHCP on the Pi-hole
Go to Pi-hole's settings page and untick all Upstream DNS Servers (see the DNS tab) and put in the IP of your router under "Custom 1 (IPv4)" and click Save

clwmdm · December 31, 2017, 4:40pm

I loathe to ask this question because it makes me look like a total newbie

How do I do this? Not that deHakkelarr or DL6ER did not try to help - I just can't figure out how to enter the IP address of my router in this section on Pi-Hole.

My router address is 10.0.0.1 as per below

But Pi-Hole, under the DNS tab, in the "Custom 1 (IPv4)" box requires 3 digits each, not the one or two characters displayed above or whenever I use ipconfig, etc.

Unlike the problem I had previously, this will not let me enter a two-digit '10' or anything. Each field must be three digits. And it rejects 010.000.000.001

Thanks everyone for their patience on helping me with something so basic!

DL6ER · December 31, 2017, 5:33pm

Please try 10.0.0.1 without the leading zeroes.

clwmdm · December 31, 2017, 5:53pm

I got it - I was trying to TAB over to the groups of 3 digits. I also tried clicking on the 3-digits sections with my mouse - that also would not work. Finally, if I just typed 10.0.0.1 what I get is 100.001.---.---

What DID work was using the SPACE bar.

DL6ER · January 1, 2018, 10:47am

Yeah, we've heard varying success with this library in the past. You got the wrong impression that there were groups, because in fact there is only one text field which is filled with the word "..."

For me, fullstop works fine, but I'm glad you found a way on your system.

clwmdm · January 1, 2018, 5:34pm

I just want to point out a couple of things:
-Despite having a tech background I made some rookie mistakes, mostly on the networking side, and the support from folks on this thread was fabulous. Especially since this was during the holidays.
-This support also helped me gain confidence to do more stuff with Raspberry Pi. BrewPi and RetroPie are next.

But most important is how well Pi-Hole works. As mentioned before, I was blocking ad server domains via my router, which does not accept list uploads or anything easy. I had to manually enter each of hundreds of domains for it to block.

This is a great, great system - a donation is forthcoming

Thanks again