Pi-Hole server only reachable by IP

pihole_coyote · March 6, 2024, 6:29am

Hello,

I'm not very experienced in Linux and Pi-Hole, but I did manage to set up a Raspberry Pi 4 running a Logitech Media Server, ioBroker, a Tomcat and Pi-Hole. That Raspi hadt to be rebuild last weekend and I used Teleporter to move the configurations. But since I installed Pi-Hole on the new system (with the same hostname and same static IP, the old system was removed), the sole PC which uses Pi-Hole can do everything just fine, except accessing the Raspi by its hostname like by using ssh@myraspi or surfing to http://myraspi. Any other local network device like my router can be accessed, and other devices that don't have Pi-Hole as DNS server have no issue resolving "myraspi".

The Raspi is accessible by using the IP address. etc/hosts on my PC has no entries.

So please tell my if anyone knows, what do I need to do to make Pi-Hole also accessible by using its host name?

pihole_coyote · March 6, 2024, 8:29am

I'm sorry, I just noticed there's also a "Help" section on this board. Maybe someone can move this thread.

pihole_coyote · March 7, 2024, 7:19am

Just did a "tracert myraspi", as nslookup does find myraspi. It leaves the local network. Why!?

 1    <1 ms     1 ms     1 ms  192-168-178-1 [192.168.178.1]
  2    15 ms    13 ms    11 ms  ip4d3bfc.dynamic.kabel-deutschland.de [...]
  3    14 ms    18 ms    17 ms  ip53a9a.static.kabel-deutschland.de [...]
  4    15 ms    16 ms    16 ms  145.254.1.86
  5    20 ms    24 ms    17 ms  145.254.4.195
  6    20 ms    18 ms    25 ms  ae102.fra-fr5-pb1-ptx.de.eu [...]
  7     *        *

Bucking_Horn · March 7, 2024, 7:26am

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

Also, please share the results of the following command as run from a client (not the Pi-hole machine):

nslookup pi.hole

pihole_coyote · March 7, 2024, 8:00am

Thanks! For clarification I need to add that the hostname "myraspi" was modified in my description and is really "s01rp4".

Token-URL: https://tricorder.pi-hole.net/pCNvkXTd/
(What a handy mechansim.)

PS C:\Users\MyUser> nslookup pi.hole
Server:  s01rp4
Address:  192.168.178.33

Nicht autorisierende Antwort:
Name:    pi.hole.fritz.box
Addresses:  2607:5300:60:408a::96
          54.39.222.96

Sorry for the German. "Non-authorizing response", it says.

Bucking_Horn · March 7, 2024, 8:44am

German ist überhaupt kein Problem.

As for your issue:
Your Pi-hole is the only DNS server in your network that knows how to resolve pi.hole, but it isn't queried in your case, as your router is distributing itself as DNS server:

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 548 bytes from eth0:192.168.178.1
     Offered IP address: 192.168.178.33
     DHCP options:
      Message type: DHCPOFFER (2)
      router: 192.168.178.1
      dns-server: 192.168.178.1

As your router does not know pi.hole, a client will also consider resolution by appending the local search domain, which FritzBox routers set to fritz.box.
As your router does neither know pi.hole.fritz.box, it has forwarded the requests to a public upstream DNS server, and that public DNS server has supplied the answers:

$ nslookup pi.hole.fritz.box 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	pi.hole.fritz.box
Address: 54.39.222.96
Name:	pi.hole.fritz.box
Address: 2607:5300:60:408a::96

Until recently, that would have resulted in NXDOMAIN, but someone acquired the fritz.box domain in January 2024, see Verwirrend: Internet-Domain fritz.box zeigt NFT-Galerie statt Router-Verwaltung | heise online.

That domain is now disputed, probably FritzBox manufacturer AVM, with that illegitimate fritz.box's web server being taken down - but it seems that its corresponding authoritative DNS server is still active, delivering those false results.

As the webserver is down, this cannot be currently misused by that fritz.box website mimicking Pi-hole's UI, but its web server would still receive your HTTP request.

To address this, you need to configure your router to Make your network take advantage of Pi-hole.

FritzBox routers do support distributing Pi-hole as local DNS server, so you should configure yours to do so, see e.g. Pi-hole als DNS Server via DHCP an Clients verteilen (LAN Seite).

Once your Pi-hole is receiving DNS requests as local resolver, it will provide your local IP addresses.

pihole_coyote · March 7, 2024, 10:58am

Thanks for that elaborate reply even I can understand. I'll read into it - I'm a bit hesitant to set up the pi-hole for the entire network traffic, since it proved to be somehow unstable in the past, making my family angry. But I will give it another try.

Bucking_Horn · March 7, 2024, 12:19pm

Taking a second look at your nslookup, its output suggests that is has already been handled by your Pi-hole at 192.168.178.33, which contradicts your debug log information, showing your router to distribute itself for DNS.

Did you manually configure that client to use Pi-hole for DNS?

As Pi-hole would have answered that request with its private range address, I suspect that something is interfering with DNS on that Windows client, and those DNS requests never made it to Pi-hole.

You should be able to confirm that by monitoring Tools| Tail pihole.log when executing that nslookup from your Windows client.

If it is not showing up, then something is diverting DNS requests on that cllient.
The usual suspects for that case would be anti-virus related DNS features like AVAST RealSite or AVG SecureDNS. Those features need to be disabled when running Pi-hole, or else Pi-hole will be by-passed.

pihole_coyote · March 12, 2024, 5:52am

Yes, I did configure my PC's ethernet connection (not yet the Wifi one) to use pi-hole as primary and the router as secondary DNS. The reason for that is, as I mentioned, the old pi-hole installation proved to be unstable so I didn't want the whole network to run through it. The devices using it are the smart TV and my PC. I suppose I did that in a wrong way?

Thanks for coming back to that topic, I'll have another look.

pihole_coyote · March 12, 2024, 7:23am

I have no clue what's happening here. I removed ...33 as primary DNS for the time being and for your test, I set it again. I clicked the Tools-Link you provided. pi.hole wasn't resolved, so I replaced it with s01rp4 without thinking about it. And it worked. I probably ought to restart the PC or one of the switches (I have three Fritz!Boxes, two running as mere network switches/mesh repeaters and one also as a router) to recreate the error situation. Even "fritz.box" as local domain name to access the router works now. oO

system · March 19, 2024, 7:23am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.