Pi-hole won’t work unless dns service is manually restarted after each boot

Please follow the below template, it will help us to help you!

Expected Behaviour:

pihole dns service should automatically start after reboot

Actual Behaviour:

pihole service is starting normally but i have to manually restart dns service every time the machine is booted for other devices to connect to internet

Debug Token:

lpc8hcdryy

Hi, i have been using pihole for about a week now and everything seems to work great except a minor problem. whenever the system is rebooted none of the other devices connected to my home network would connect to internet unless i ssh and manually run the command [pihole restartdns].
before the dns restart process i can ping to any ip address successfully from the orangepizero (ubuntu 16.04 LTS) machine which is running pihole. i have also configured a static ip for pihole from my router’s dhcp settings.

just to be sure dnsmasq service is starting correctly i added these two lines to /lib/systemd/system/dnsmasq.service as mentioned by other threads:
After=network-online.target
Wants=network-online.target

tried [sudo systemctl edit dnsmasq] and did the same thing but no result.

next i tried to edit the rc.local file to automatically restart dns service [pihole restartdns] after each boot but even this did not work.

here’s my pihole dns settings:

image1536×2048 271 KB

just fyi i am using a custom dns address provided by my isp and wifi is always switched off.

pihole debug log (before restarting dns):

*** [ INITIALIZING ]
[i] 2018-02-05:07:02:17 debug log has been initiated.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-ge602008

*** [ DIAGNOSING ]: Web version
[i] Web: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-g31dddd8

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v2.13.2

*** [ DIAGNOSING ]: dnsmasq version
[i] 2.75

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.35

*** [ DIAGNOSING ]: php version
[i] 7.0.22

*** [ DIAGNOSING ]: Operating system
[✓] Ubuntu 16.04.3 LTS

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
/opt/pihole/piholeDebug.sh: line 474: $'[\E[32m✓\E[0m] \E[32marmv7l\E[0m': command not found

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.1.6/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
fe80::42:a3ff:fe09:ece4 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.1.1

• Pinging 192.168.1.1...
  [✓] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
[139] is in use by smbd
[] is in use by
[22] is in use by sshd
[445] is in use by smbd
[80] is in use by lighttpd
[8200] is in use by minidlnad
[] is in use by
[4711] is in use by pihole-FTL
[53] is in use by dnsmasq

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] yeshhaod.com is 192.168.1.6 via localhost (127.0.0.1)
[✗] Failed to resolve yeshhaod.com via Pi-hole (192.168.1.6)
[✓] doubleclick.com is 172.217.166.78 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✓] dnsmasq daemon is active
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
DNSMASQ_LISTENING=single
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.1.6/24
IPV6_ADDRESS=
PIHOLE_DNS_1=218.248.112.193
PIHOLE_DNS_2=
QUERY_LOGGING=true
INSTALL_WEB=true
LIGHTTPD_ENABLED=1

*** [ DIAGNOSING ]: Dashboard and block page
[✓] X-Pi-hole: A black hole for Internet advertisements.
[✓] X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3723676 Feb 5 05:47 /etc/pihole/gravity.list
-----head of gravity.list------
192.168.1.6 0.0.0.0
192.168.1.6 0000mps.webpreview.dsl.net
192.168.1.6 0001.2waky.com
192.168.1.6 000dom.revenuedirect.com

-----tail of gravity.list------
192.168.1.6 zzsyw.com
192.168.1.6 zztxdown.com
192.168.1.6 zzz.clickbank.net
192.168.1.6 zz.zeroredirect1.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 pihole pihole 633 Jan 22 20:07 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt

-rw-r--r-- 1 pihole pihole 0 Jan 27 07:54 /etc/pihole/blacklist.txt

-rw-r--r-- 1 pihole pihole 45 Feb 5 05:47 /etc/pihole/local.list
192.168.1.6 orangepizero
192.168.1.6 pi.hole

-rw-r--r-- 1 pihole pihole 238 Feb 5 05:46 /etc/pihole/logrotate
/var/log/pihole.log {
su root syslog
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root syslog
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}

-rw-r--r-- 1 pihole pihole 131 Jan 31 03:27 /etc/pihole/whitelist.txt
raw.githubusercontent.com
sysctl.org
zeustracker.abuse.ch
hosts-file.net
s.youtube.com
mirror1.malwaredomains.com
s3.amazonaws.com

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1520 Feb 5 06:46 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=218.248.112.193
domain-needed
bogus-priv
interface=eth0

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3027 Feb 5 05:46 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include "%p"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {

   setenv.add-response-header = (
       "X-Pi-hole" => "The Pi-hole Web interface is working!",
       "X-Frame-Options" => "DENY"
   )
   $HTTP["url"] =~ ".ttf$" {
       
       setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
   }

}
$HTTP["url"] =~ "^/admin/.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1630 Feb 5 05:46 /etc/cron.d/pihole
29 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
35 17 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 436 Feb 5 07:01 /var/log/lighttpd/error.log
2018-02-05 06:25:06: (server.c.1242) logfiles cycled UID = 0 PID = 2391
2018-02-05 06:25:26: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 06:25:48: (log.c.164) server started
2018-02-05 06:38:36: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 06:38:58: (log.c.164) server started
2018-02-05 07:01:27: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 07:01:49: (log.c.164) server started

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 208026 Feb 5 07:01 /var/log/pihole-FTL.log
[2018-01-22 23:37:57.522] FATAL: FTL received SIGTERM from PID/UID 1/0, scheduled to exit gracefully
[2018-01-22 23:37:57.523] Shutting down...
[2018-01-22 23:37:57.527]
[2018-01-22 23:38:16.595]
[2018-01-22 23:38:16.595] FTL branch: v2.13.2
[2018-01-22 23:38:16.595] FTL version: v2.13.2
[2018-01-22 23:38:16.596] FTL commit: 1de2b99c8a812d4d2dbe6b1e4644e20a4b14bb1e
[2018-01-22 23:38:16.596] FTL date: 2018-01-07 17:34:24 -0800
[2018-01-22 23:38:16.596] FTL user: pihole
[2018-01-22 23:38:16.596] Notice: Found no readable FTL config file
[2018-01-22 23:38:16.596] Using default settings
[2018-01-22 23:38:16.596] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2018-01-22 23:38:16.596] SOCKET_LISTENING: only local
[2018-01-22 23:38:16.596] TIMEFRAME: Rolling 24h
[2018-01-22 23:38:16.596] QUERY_DISPLAY: Show queries
[2018-01-22 23:38:16.596] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2018-01-22 23:38:16.596] MAXDBDAYS: max age for stored queries is 365 days
[2018-01-22 23:38:16.596] RESOLVE_IPV6: Resolve IPv6 addresses
[2018-01-22 23:38:16.596] RESOLVE_IPV4: Resolve IPv4 addresses
[2018-01-22 23:38:16.597] DBINTERVAL: saving to DB file every minute
[2018-01-22 23:38:16.597] DBFILE: Using /etc/pihole/pihole-FTL.db
[2018-01-22 23:38:16.597] Finished config file parsing
[2018-01-22 23:38:16.604] Found no other running pihole-FTL process
[2018-01-22 23:38:16.609] PID of FTL process: 864
[2018-01-22 23:38:17.480] Gravity list entries: 109727

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 dnsmasq root 18523445 Feb 5 07:02 /var/log/pihole.log
-----head of pihole.log------
Jan 25 01:26:24 dnsmasq[5165]: started, version 2.75 cachesize 10000
Jan 25 01:26:24 dnsmasq[5165]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
Jan 25 01:26:24 dnsmasq[5165]: warning: ignoring resolv-file flag because no-resolv is set
Jan 25 01:26:24 dnsmasq[5165]: using nameserver 8.8.4.4#53
Jan 25 01:26:24 dnsmasq[5165]: using nameserver 8.8.8.8#53
Jan 25 01:26:24 dnsmasq[5165]: read /etc/hosts - 6 addresses
Jan 25 01:26:24 dnsmasq[5165]: read /etc/pihole/local.list - 2 addresses
Jan 25 01:26:24 dnsmasq[5165]: read /etc/pihole/black.list - 0 addresses
Jan 25 01:26:27 dnsmasq[5165]: read /etc/pihole/gravity.list - 109784 addresses
Jan 25 01:26:28 dnsmasq[5165]: query[A] googleads.g.doubleclick.net from 192.168.1.2
Jan 25 01:26:28 dnsmasq[5165]: /etc/pihole/gravity.list googleads.g.doubleclick.net is 192.168.1.6
Jan 25 01:26:28 dnsmasq[5165]: query[PTR] 2.1.168.192.in-addr.arpa from 127.0.0.1
Jan 25 01:26:28 dnsmasq[5165]: forwarded 2.1.168.192.in-addr.arpa to 8.8.4.4
Jan 25 01:26:28 dnsmasq[5165]: forwarded 2.1.168.192.in-addr.arpa to 8.8.8.8
Jan 25 01:26:36 dnsmasq[5165]: exiting on receipt of SIGTERM
Jan 25 01:26:48 dnsmasq[675]: started, version 2.75 cachesize 10000
Jan 25 01:26:48 dnsmasq[675]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
Jan 25 01:26:48 dnsmasq[675]: warning: ignoring resolv-file flag because no-resolv is set
Jan 25 01:26:48 dnsmasq[675]: using nameserver 8.8.4.4#53
Jan 25 01:26:48 dnsmasq[675]: using nameserver 8.8.8.8#53

[✓] ** FINISHED DEBUGGING! **

* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[?] Would you like to upload the log? [y/N] y
* Using openssl for transmission.

[✓] Your debug token is: lpc8hcdryy

• Provide the token above to the Pi-hole team for assistance at
• https://discourse.pi-hole.net
• Your log will self-destruct on our server after 48 hours.
• A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log*** [ INITIALIZING ]
  [i] 2018-02-05:07:02:17 debug log has been initiated.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-ge602008

*** [ DIAGNOSING ]: Web version
[i] Web: v3.2.1 (How do I update Pi-hole?)
[i] Branch: master
[i] Commit: v3.2.1-0-g31dddd8

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v2.13.2

*** [ DIAGNOSING ]: dnsmasq version
[i] 2.75

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.35

*** [ DIAGNOSING ]: php version
[i] 7.0.22

*** [ DIAGNOSING ]: Operating system
[✓] Ubuntu 16.04.3 LTS

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
/opt/pihole/piholeDebug.sh: line 474: $'[\E[32m✓\E[0m] \E[32marmv7l\E[0m': command not found

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.1.6/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
fe80::42:a3ff:fe09:ece4 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.1.1

• Pinging 192.168.1.1...
  [✓] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
[139] is in use by smbd
[] is in use by
[22] is in use by sshd
[445] is in use by smbd
[80] is in use by lighttpd
[8200] is in use by minidlnad
[] is in use by
[4711] is in use by pihole-FTL
[53] is in use by dnsmasq

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] yeshhaod.com is 192.168.1.6 via localhost (127.0.0.1)
[✗] Failed to resolve yeshhaod.com via Pi-hole (192.168.1.6)
[✓] doubleclick.com is 172.217.166.78 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✓] dnsmasq daemon is active
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
DNSMASQ_LISTENING=single
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.1.6/24
IPV6_ADDRESS=
PIHOLE_DNS_1=218.248.112.193
PIHOLE_DNS_2=
QUERY_LOGGING=true
INSTALL_WEB=true
LIGHTTPD_ENABLED=1

*** [ DIAGNOSING ]: Dashboard and block page
[✓] X-Pi-hole: A black hole for Internet advertisements.
[✓] X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3723676 Feb 5 05:47 /etc/pihole/gravity.list
-----head of gravity.list------
192.168.1.6 0.0.0.0
192.168.1.6 0000mps.webpreview.dsl.net
192.168.1.6 0001.2waky.com
192.168.1.6 000dom.revenuedirect.com

-----tail of gravity.list------
192.168.1.6 zzsyw.com
192.168.1.6 zztxdown.com
192.168.1.6 zzz.clickbank.net
192.168.1.6 zz.zeroredirect1.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 pihole pihole 633 Jan 22 20:07 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt

-rw-r--r-- 1 pihole pihole 0 Jan 27 07:54 /etc/pihole/blacklist.txt

-rw-r--r-- 1 pihole pihole 45 Feb 5 05:47 /etc/pihole/local.list
192.168.1.6 orangepizero
192.168.1.6 pi.hole

-rw-r--r-- 1 pihole pihole 238 Feb 5 05:46 /etc/pihole/logrotate
/var/log/pihole.log {
su root syslog
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root syslog
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}

-rw-r--r-- 1 pihole pihole 131 Jan 31 03:27 /etc/pihole/whitelist.txt
raw.githubusercontent.com
sysctl.org
zeustracker.abuse.ch
hosts-file.net
s.youtube.com
mirror1.malwaredomains.com
s3.amazonaws.com

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1520 Feb 5 06:46 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=218.248.112.193
domain-needed
bogus-priv
interface=eth0

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3027 Feb 5 05:46 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include "%p"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {

   setenv.add-response-header = (
       "X-Pi-hole" => "The Pi-hole Web interface is working!",
       "X-Frame-Options" => "DENY"
   )
   $HTTP["url"] =~ ".ttf$" {
       
       setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
   }

}
$HTTP["url"] =~ "^/admin/.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1630 Feb 5 05:46 /etc/cron.d/pihole
29 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
35 17 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 436 Feb 5 07:01 /var/log/lighttpd/error.log
2018-02-05 06:25:06: (server.c.1242) logfiles cycled UID = 0 PID = 2391
2018-02-05 06:25:26: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 06:25:48: (log.c.164) server started
2018-02-05 06:38:36: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 06:38:58: (log.c.164) server started
2018-02-05 07:01:27: (server.c.1558) server stopped by UID = 0 PID = 1
2018-02-05 07:01:49: (log.c.164) server started

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 208026 Feb 5 07:01 /var/log/pihole-FTL.log
[2018-01-22 23:37:57.522] FATAL: FTL received SIGTERM from PID/UID 1/0, scheduled to exit gracefully
[2018-01-22 23:37:57.523] Shutting down...
[2018-01-22 23:37:57.527]
[2018-01-22 23:38:16.595]
[2018-01-22 23:38:16.595] FTL branch: v2.13.2
[2018-01-22 23:38:16.595] FTL version: v2.13.2
[2018-01-22 23:38:16.596] FTL commit: 1de2b99c8a812d4d2dbe6b1e4644e20a4b14bb1e
[2018-01-22 23:38:16.596] FTL date: 2018-01-07 17:34:24 -0800
[2018-01-22 23:38:16.596] FTL user: pihole
[2018-01-22 23:38:16.596] Notice: Found no readable FTL config file
[2018-01-22 23:38:16.596] Using default settings
[2018-01-22 23:38:16.596] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2018-01-22 23:38:16.596] SOCKET_LISTENING: only local
[2018-01-22 23:38:16.596] TIMEFRAME: Rolling 24h
[2018-01-22 23:38:16.596] QUERY_DISPLAY: Show queries
[2018-01-22 23:38:16.596] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2018-01-22 23:38:16.596] MAXDBDAYS: max age for stored queries is 365 days
[2018-01-22 23:38:16.596] RESOLVE_IPV6: Resolve IPv6 addresses
[2018-01-22 23:38:16.596] RESOLVE_IPV4: Resolve IPv4 addresses
[2018-01-22 23:38:16.597] DBINTERVAL: saving to DB file every minute
[2018-01-22 23:38:16.597] DBFILE: Using /etc/pihole/pihole-FTL.db
[2018-01-22 23:38:16.597] Finished config file parsing
[2018-01-22 23:38:16.604] Found no other running pihole-FTL process
[2018-01-22 23:38:16.609] PID of FTL process: 864
[2018-01-22 23:38:17.480] Gravity list entries: 109727

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 dnsmasq root 18523445 Feb 5 07:02 /var/log/pihole.log
-----head of pihole.log------
Jan 25 01:26:24 dnsmasq[5165]: started, version 2.75 cachesize 10000
Jan 25 01:26:24 dnsmasq[5165]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
Jan 25 01:26:24 dnsmasq[5165]: warning: ignoring resolv-file flag because no-resolv is set
Jan 25 01:26:24 dnsmasq[5165]: using nameserver 8.8.4.4#53
Jan 25 01:26:24 dnsmasq[5165]: using nameserver 8.8.8.8#53
Jan 25 01:26:24 dnsmasq[5165]: read /etc/hosts - 6 addresses
Jan 25 01:26:24 dnsmasq[5165]: read /etc/pihole/local.list - 2 addresses
Jan 25 01:26:24 dnsmasq[5165]: read /etc/pihole/black.list - 0 addresses
Jan 25 01:26:27 dnsmasq[5165]: read /etc/pihole/gravity.list - 109784 addresses
Jan 25 01:26:28 dnsmasq[5165]: query[A] googleads.g.doubleclick.net from 192.168.1.2
Jan 25 01:26:28 dnsmasq[5165]: /etc/pihole/gravity.list googleads.g.doubleclick.net is 192.168.1.6
Jan 25 01:26:28 dnsmasq[5165]: query[PTR] 2.1.168.192.in-addr.arpa from 127.0.0.1
Jan 25 01:26:28 dnsmasq[5165]: forwarded 2.1.168.192.in-addr.arpa to 8.8.4.4
Jan 25 01:26:28 dnsmasq[5165]: forwarded 2.1.168.192.in-addr.arpa to 8.8.8.8
Jan 25 01:26:36 dnsmasq[5165]: exiting on receipt of SIGTERM
Jan 25 01:26:48 dnsmasq[675]: started, version 2.75 cachesize 10000
Jan 25 01:26:48 dnsmasq[675]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
Jan 25 01:26:48 dnsmasq[675]: warning: ignoring resolv-file flag because no-resolv is set
Jan 25 01:26:48 dnsmasq[675]: using nameserver 8.8.4.4#53
Jan 25 01:26:48 dnsmasq[675]: using nameserver 8.8.8.8#53

[✓] ** FINISHED DEBUGGING! **

* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[?] Would you like to upload the log? [y/N] y
* Using openssl for transmission.

[✓] Your debug token is: lpc8hcdryy

• Provide the token above to the Pi-hole team for assistance at
• https://discourse.pi-hole.net
• Your log will self-destruct on our server after 48 hours.
• A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log

any help is appreciated. thanks.

Close.
Below one will display status for the dnsmasq daemon:

sudo systemctl status dnsmasq -l

Note the one line that resembles below from the status output:

Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled)

If it mentions "disabled" instead of "enabled", you can enable dnsmasq to be started at boot with below one:

sudo systemctl enable dnsmasq

yes dnsmasq is active at boot up. i can even ping any ip. it’s just other devices won’t connect to internet unless i specifically run pihole restartdns or pihole enable.

"active" or "enabled" on that one line I pointed out ?

Could you reboot Pi-hole, login and first thing run below one and post the outcome here please ?

sudo systemctl status dnsmasq -l

From the debug output "*** [ DIAGNOSING ]: Pi-hole log" , it seems no new log lines were added after Jan 25.
Disk full maybe ? Could you post outcome from below one ?

df -h

Or maybe another DNS daemon active ? Whats outcome from below one ?

sudo netstat -nltup | grep "Proto\|:53 "

sudo systemctl status dnsmasq -l
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Drop-In: /run/systemd/generator/dnsmasq.service.d
└─50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf
/etc/systemd/system/dnsmasq.service.d
└─override.conf
Active: active (running) since Wed 2018-02-07 08:02:27 IST; 4min 15s ago
Process: 1198 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS)
Process: 1244 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
Process: 1236 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
Process: 1233 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 1243 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─1243 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /var/run/dnsmasq/resolv.

Feb 07 08:02:26 orangepizero systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Feb 07 08:02:26 orangepizero dnsmasq[1233]: dnsmasq: syntax check OK.
Feb 07 08:02:27 orangepizero systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Warning: dnsmasq.service changed on disk. Run 'systemctl daemon-reload' to reload units.
lines 1-19/19 (END)

df -h
Filesystem Size Used Avail Use% Mounted on
udev 212M 0 212M 0% /dev
tmpfs 50M 3.0M 47M 6% /run
/dev/mmcblk0p1 15G 1.6G 13G 11% /
tmpfs 247M 0 247M 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 247M 0 247M 0% /sys/fs/cgroup
tmpfs 247M 0 247M 0% /tmp
log2ram 50M 27M 24M 54% /var/log
tmpfs 50M 0 50M 0% /run/user/999
/dev/sda1 224G 152G 61G 72% /media/seagate
tmpfs 50M 0 50M 0% /run/user/1000

sudo netstat -nltup | grep "Proto|:53 "
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1243/dnsmasq
tcp6 0 0 ::1:53 :::* LISTEN 1243/dnsmasq
tcp6 0 0 fe80::42:a3ff:fe09:e:53 :::* LISTEN 1243/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 1243/dnsmasq
udp6 0 0 ::1:53 :::* 1243/dnsmasq
udp6 0 0 fe80::42:a3ff:fe09:e:53 :::* 1243/dnsmasq

*ran all commands after boot

You could also just add the dnsmasq restart command in rc.local

with a delay.
sleep 20 && sudo /etc/init.d/dnsmasq restart

This looks good except for that last warning line.
I believe this warning is displayed when unit/config files have changed and systemd needs to reconfigure the unit files to incorporate the changes.
Better run that one as sugested:

sudo systemctl daemon-reload

Nothing full by the looks and it seems your using log2ram for the logs.
For diagnosing, you could try disable log2ram (can enable later again).

This doesnt look good as dnsmasq is only listening on the loopback interface IP (127.0.0.1) and on the regular interface only to ipv6 queries and no ipv4.
Try running below one to reconfigure network, reboot and run the netstat command again ?

pihole -r

EDIT: I dont use ipv6 like you do but here is a working example of my Pi-hole setup:

pi@noads:~ $ sudo netstat -nltup | grep "Proto\|:53 "
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      632/dnsmasq
tcp6       0      0 :::53                   :::*                    LISTEN      632/dnsmasq
udp        0      0 0.0.0.0:53              0.0.0.0:*                           632/dnsmasq
udp6       0      0 :::53                   :::*                                632/dnsmasq

how do i make dnsmasq listen to ipv4 address only?

here’s my working config:
sudo netstat -nltup | grep "Proto|:53 "
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1776/dnsmasq
tcp 0 0 192.168.1.6:53 0.0.0.0:* LISTEN 1776/dnsmasq
tcp6 0 0 ::1:53 :::* LISTEN 1776/dnsmasq
tcp6 0 0 fe80::42:a3ff:fe09:e:53 :::* LISTEN 1776/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 1776/dnsmasq
udp 0 0 192.168.1.6:53 0.0.0.0:* 1776/dnsmasq
udp6 0 0 ::1:53 :::* 1776/dnsmasq
udp6 0 0 fe80::42:a3ff:fe09:e:53 :::* 1776/dnsmasq

shall i edit the dnsmasq conf file to listen to lan ip addresses?

thanks. this worked with only a delay of 4 sec but i am still trying to figure out what’s wrong with my dnsmasq settings.

Use listen-address

listen-address=<ipaddr>
    Listen on the given IP address(es). Both --interface and --listen-address
    options may be given, in which case the set of both interfaces and addresses
    is used. Note that if no --interface option is given, but --listen-address is,
    dnsmasq will not automatically listen on the loopback interface. To achieve
    this, its IP address, 127.0.0.1, must be explicitly given as a
    --listen-address option. 

but this might be misleading here, as IPv6 shouldn't be your problem. If @Jeroen1's answer helps you out then there is still a problem with your interfaces not getting ready fast enough on this machine. Not sure of there is a "proper" fix else than adding this sleep.

Below one should indicate the file(s) that have this "listen-address" directive in them:

grep "listen-address=" -R /etc/dnsmasq.*

If you leave it empty like so:

listen-address=

dnsmasq will listen on all ip addresses like in my case with "0.0.0.0:53" for ipv4 and ":::53" for ipv6.
This also means it wont break if an interface is reported a bit late for dnsmasq to bind to its IP.

EDIT: Sorry made mistake i think.
You should hash them out like so:

#listen-address=

Ohw ps. these two lines that appeared with the working config confirms dnsmasq started listening on ipv4:

that line is already hashed out in /etc/dnsmasq.conf
tried adding my pihole’s ip and local loopback id to listen-address. then changed the nameserver in /etc/resolv.conf to localhost.
netstat returned absolutely nothing.

i have done almost everything i can atm to resolve this but other than setting the delay option in rc.local nothing else seems to work.

Anything relevant in this file ?

/etc/default/dnsmasq

And whats output for below one ?

dnsmasq -v

Or try:

listen-address=0.0.0.0,::

Not sure if need two or three colons ":" for ipv6

dnsmasq -v
Dnsmasq version 2.75 Copyright (c) 2000-2015 Simon Kelley
Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify

This software comes with ABSOLUTELY NO WARRANTY.
Dnsmasq is free software, and you are welcome to redistribute it
under the terms of the GNU General Public License, version 2 or 3.

should i uncomment this line?
#IGNORE_RESOLVCONF=yes
after changing the nameserver in resolv.conf?

No use in changing namservers in resolv.conf as this file is populated by the network manager.
Next time you check, you'll see it reverted back to the original DNS servers.
Am interested if below one works bc I dont have to configure anything special to have dnsmasq listening to 0.0.0.0 / :::.

nope, didn’t work.
now netstat is returning blank.

You probably omitted the backslash "\" in the netstat command:

sudo netstat -nltup | grep "Proto\|:53 "

EDIT: And if still no results from netstat, check status again with:

sudo systemctl status dnsmasq -l

Hi,

Do not know the commands out of my head, but you could bind to an adapter instead of ip.
Not sure, but with the delay working... could it be you have wifi adapter enabled that is not getting ip fast enough.... If the ip needs to come from dnsmasq, it seems logical...?
wlan will configure after timeout to a "fake" ip and is then ready, making it possible for dnsmasq to start.

interface=eth0
except-interface=wlan0 (whatever it is called.)

Shot in the dark , but worth trying?