Please follow the below template, it will help us to help you!
Expected Behaviour:
Pi-hole should be showing that it is blocking domains in the web interface, and sites should be failing to load if they are in blocklists/domain lists, but now everything is getting through. I recently installed a new router and everything was working as it had on the old router, but suddenly all blocking has just... stopped happening.
- Linux raspberrypi-pihole 6.6.62+rpt-rpi-v7 #1 SMP Raspbian 1:6.6.62-1+rpt1 (2024-11-25) armv7l
- Raspberry Pi Zero 2 wifi
- Router: RT-AX86U Pro
Actual Behaviour:
Pi-hole seems to be ignoring blocked domains and block lists. I have looked through several threads and tried a few things so far with no luck:
- ssh into Pi-hole and reloaddns and reloadlists
- ipconfig /flushdns, clearing DNS cache in Firefox (NB: this didn't seem to do anything)
- ipconfig on client shows DNS as the Pi-hole's IP address
- nslookup on the client and the Pi-hole: everything seems OK, DNS is listed as the Pi-hole's IP address, the Pi-hole's IP gives "dnsmasq-pi-hole-v2.92test13", 198.41.0.4 gives ATLAS, but anything on a blocklist or domain also resolves and gives an IP address
- rebooting the Pi-hole and the router
I have tried to use pihole -q but I get an error: "/opt/pihole/query.sh: 27: .: cannot open /utils.sh: No such file"
That seems odd.
The new router has an "AiProtection" option that might be implicated. Initially I had it turned off, and everything was working fine; then I did some reading and it sounded OK, so I tried turning it on. Then I noticed the next day that it didn't seem to do anything and that I was getting a lot of weird traffic, so I turned it off. However, it seems that while it was turned on, the Pi-hole stopped working. Unfortunately, turning the feature off doesn't seem to have let the Pi-hole start working again (I did reboot the router after turning the AiProtection feature off).
I've tried toggling various things off and on in the router's web interface to no effect. The Pi-hole is the only DNS server listed in the LAN settings of the router.
Update: chasing down some other threads, I have set both the LAN and WAN DNS servers on the router to the Pi-hole (I tried setting up the Pi-hole as DHCP but learned I need to learn some more to get that working properly), and set the "Advertise router's IP in addition to user-specified DNS" to "No" for good measure.
New wrinkle: the Pi-hole appears to work on my phone, which is connected via WiFi - when I try to access a site that's in my blocked domains, it fails and I see a blocked entry in the Pi-hole web interface for the phone's IP. However, when I use my computer, the queries all go through for the same site - I see an entry in the Pi-hole web interface letting the query through. My computer is connected via ethernet. I'm using Firefox, but I get the same behaviour if I use nslookup in CMD (query returns an IP address and I see an entry in the Pi-hole web interface).
Update: following another thread, I tried setting my computer to a static IP in the router to force a DHCP lease refresh, but that didn't work. I still see the same website being passed through the Pi-hole and returning an IP address when I use nslookup on the computer, but being blocked by regex filters when I try and access the same site on my phone. Everywhere I look my IPv4 DNS is shown as the Pi-hole; I have IPv6 disabled on both the Pi-hole and the router.
I did find a Reddit thread where someone disabled their antivirus, but I don't have an active antivirus (other than the default Windows thing and an inactive MalwaleBytes that I only use for manual scans) and that wasn't a problem before in any case; I haven't made any changes to antivirus things.
UPDATE: I may have resolved this issue, but I'll leave this here just in case something goes weird in the next 20 hours. I deleted all my clients and groups in the Pi-hole web interface and that seems to have fixed it. I'm not sure why or how, but nslookup now returns 0.0.0.0 for a site in my blocked domains and my web browser also can't find the site. If anyone understands why that might have caused a problem, I feel curious to understand it!
Debug Token:
Your debug token is: https://tricorder.pi-hole.net/s3My0Mvn/