Pi-hole suddenly stopped replying with DNS responses. DHCP Server also stopped working

Expected Behaviour:

Pi-hole running on my raspberry pi 3 running raspbian suddenly stopped sending DNS responses in the middle of the night.
It should hand out IP addresses, forward DNS requests and send DNS responses as usual, it worked without any major problems for over a year. I tried updating pi-hole, checking the ports (all required ports are open), restarting my pi and pi-hole, making sure the time is right but nothing has seemed to work.

Actual Behaviour:

Pi-hole does not hand out any IP addresses and doesn't respond to any dns requests. The dashboard is running fine though.

Debug Token:

https://tricorder.pi-hole.net/pwuojp2dug

You seem to be running an older development branch of pihole-FTL:

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 62427 Jun  6 23:25 /var/log/pihole-FTL.log
   -----head of pihole-FTL.log------
   [2021-06-06 21:36:33.447 17816M] ########## FTL started! ##########
   [2021-06-06 21:36:33.447 17816M] FTL branch: fix/hourly_PTR_requests
   [2021-06-06 21:36:33.447 17816M] FTL version: vDev-b833b73
   [2021-06-06 21:36:33.447 17816M] FTL commit: b833b73
   [2021-06-06 21:36:33.447 17816M] FTL date: 2020-12-01 14:18:44 +0100

If that is not by intention, you should consider reverting back to the master branch.

In addition, your debug log shows someone has altered Pi-hole's web server code:

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 2932 Jun  6 23:26 /var/log/lighttpd/error.log
   -----head of error.log------
   2021-06-06 00:00:10: (server.c.1759) logfiles cycled UID = 0 PID = 10691 
   2021-06-06 07:21:43: (mod_fastcgi.c.421) FastCGI-stderr: PHP Notice:  Undefined index: cameras in /var/www/html/index.php on line 83

Pi-hole's own /var/www/html/index.php does not contain any reference to cameras, not in line 83 nor anywhere at all.

If you are you running any custom scripts for Pi-hole, you'd probably have to consult their respective maintainers on how to revert those.

As for your observation, your debug log confirms your Pi-hole is not responding to DNS requests arriving through its local IP nor to DHCP broadcasts while pihole-FTL is reported as active:

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] ns2.srix.ru is 0.0.0.0 via localhost (127.0.0.1)
[✗] Failed to resolve ns2.srix.ru via Pi-hole (192.168.0.5)
[✓] doubleclick.com is 172.217.23.78 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   DHCP packets received on interface lo: 0
   DHCP packets received on interface eth0: 0
*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

As both DNS and DHCP are affected, this would make a firewall issue likely, yet you already checked that ports are open.

But your debug log also shows:

*** [ DIAGNOSING ]: Operating system
[✓] Distro:  Raspbian
[✓] Version: 10

*** [ DIAGNOSING ]: SELinux
[✓] Default SELinux: permissive
[✓] Current SELinux: Disabled

That is an unusual combination.
I wasn't aware SELinux is available on Raspberry Pi OS kernels.
Did you compile your own kernel to get this running?

I've reverted to the master branch but it didn't fix anything.

I have another site running on lighttpd, and that error is coming from that one. It used to display images my security cameras took over the course of the day.

I've checked the ports again with nmap and port 53 and 80 are open, but now 67 and 547 for the dhcp server are closed. That explains why it won't hand out any new addresses. I've allowed both port 67 and 547 via IPtables but they still show up as closed in nmap.

As for SELinux, I've installed a regular image of raspbian from the official website.

Here's the new debug log after I changed to the master branch: https://tricorder.pi-hole.net/rsebrw1x49

You have something blocking port 53 traffic. None of these tests should fail.


*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] smoke.bitcoinlimos.com is 0.0.0.0 via localhost (127.0.0.1)
[✗] Failed to resolve smoke.bitcoinlimos.com via Pi-hole (192.168.0.5)
[✓] doubleclick.com is 172.217.23.78 via a remote, public DNS server (8.8.8.8)


*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] msnlivefavorites.112.2o7.net is :: via localhost (::1)
[✗] Failed to resolve msnlivefavorites.112.2o7.net via Pi-hole (fd7c:942a:852a:2400:3830:2d1d:2895:d35a)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

And, your DHCP server (which appears to be your router) is passing out its own IP for DNS rather than the IP of Pi-hole.

** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   
   * Received 548 bytes from eth0:192.168.0.1
     Offered IP address: 192.168.0.118
     Server IP address: N/A
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.0.1
      lease-time: 86400 ( 1d )
      netmask: 255.255.255.0
      router: 192.168.0.1
      dns-server: 192.168.0.1
      --- end of options ---
    
   DHCP packets received on interface lo: 0
   DHCP packets received on interface eth0: 1

I'm using my router as a DHCP server because the DHCP server of pi-hole isn't handing out any IPs. I've manually set the pi-hole as DNS server when I was testing it.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.