Pi-hole + Unifi USG ... appears to resolving dns queries but not blocking ads?

Help
1

Expected Behaviour:

I have disabled the Unifi dhcp server via the settings panel:

image
image1060×86 7.44 KB

And I have enabled the dhcp server through the pi-hole admin panel. My understanding is that this means that pi-hole should be resolving DNS for all clients on my network.

Actual Behaviour:

My client (a mac) is still loading ads from domains that are in the blocklists loaded on my pi-hole. For example doubleclick still loads:

Even though my diagnostic file says that doubleclick is blocked:

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] track.leady.cz is 0.0.0.0 via localhost (127.0.0.1)
[✓] track.leady.cz is 0.0.0.0 via Pi-hole (192.168.1.131)
[✓] doubleclick.com is 216.58.194.174 via a remote, public DNS server (8.8.8.8)

Debug Token:

debug token: 1ntepdsrni

2

Please check whether you have IPv6 connectivity: http://www.test-ipv6.com/

It may be that your router is still handing out DHCP servers over IPv6.

3

I have IPv6 disabled in my Unifi network config. Here are the results from the test:

image
image974×608 93.6 KB

4

Did you clear the DNS cache on the Mac? This command will do it:

sudo killall -HUP mDNSResponder

5

Just tried it...still seeing ads load. I think I may have found another clue...i'm seeing a lot of queries from opendns

image
image1234×438 32.3 KB

do I need to disable that?

6

These are not "from" opendns, they are a request "for" that domain from the indicated client.

7

From the Mac terminal, what is the output of nslookup pi.hole

Also, please generate a debug log from Pi-Hole, upload it and post the token here.

8

image

debug token: 1ntepdsrni

9

This nslookup was run from the Mac terminal, and not the Pi terminal? I wouldn't expect to see the loopback address on the Mac for DNS resolver.

What DNS is shown for the Mac in System Preference > Network > Advanced > DNS?

image
image650×532 26.4 KB

10

Here's the screenshot of my DNS settings:

image
image1560×1350 173 KB

Yep, I ran the command from my Mac's terminal

11

Your debug log shows that Pi-Hole is working normally, except for the web admin interface.

What is the output of these commands from the Mac terminal:

nslookup cnn.com

nslookup flurry.com

12

image
image556×566 70 KB

image

I was having issues with the lighttpd service being able to start to I manually removed it and reinstalled it...so I am able to access the web admin UI now.

13

The second output shows that the expected reply of 0.0.0.0 (flurry.com is a domain that appears on the original blocklists) was not received. The Mac is getting DNS replies from a source other than Pi-Hole.

Are you absolutely certain that these nlsookups are from the Mac terminal only - and not a Mac terminal that is in a ssh session to your Pi? The Pi uses the loopback IP for DNS, but your Mac should not. Here is the output of the command from my Mac using Pi-Hole at xxx.155.

nslookup pi.hole

Server: 192.168.0.155
Address: 192.168.0.155#53

Name: pi.hole
Address: 192.168.0.155
14

Yep, 100% sure.

hmm...how can I tell what that source is

15

This command shows the true order of the nameservers your Mac is using.

scutil --dns

16 
DNS configuration

resolver #1
  search domain[0] : lan
  nameserver[0] : 127.0.0.1
  if_index : 8 (en0)
  flags    : Request A records, Request AAAA records
  reach    : 0x00030002 (Reachable,Local Address,Directly Reachable Address)

still getting 127.0.0.1..

17

what's also strange is that everything seems to be working fine on my ios device

18

other clients on my network appear to be working as well...so it's definitely isolated to just my primary machine.

19

Are you running any software on the Mac that might be controlling DNS settings? Which browsers are in use?

1 Like
20

wow...figured it out...did not realize that my work machine had opendns umbrella installed on it. i just disabled it and everything is working great now. thanks for all your help today @jfb :bowing_man: