Pi-hole working with OpenVPN but not working without it

If have doubts about settings being pushed by router to clients, try install nmap on Pi-hole:

sudo apt install nmap

And do a dhcp-discovery against the router that does DHCP for your clients with below one:

sudo nmap -sU -p67 --script dhcp-discover <ROUTER_IP_ADDRESS>

Example with 10.0.0.2 doing DHCP for my network:

xbian@avr ~ $ sudo nmap -sU -p67 --script dhcp-discover 10.0.0.2

Starting Nmap 7.40 ( https://nmap.org ) at 2019-02-21 06:31 CET
Nmap scan report for noads.dehakkelaar.nl (10.0.0.2)
Host is up (0.00066s latency).
PORT   STATE SERVICE
67/udp open  dhcps
| dhcp-discover:
|   DHCP Message Type: DHCPACK
|   Server Identifier: 10.0.0.2
|   Subnet Mask: 255.255.255.0
|   Broadcast Address: 10.0.0.255
|   Domain Name Server: 10.0.0.2
|   Domain Name: dehakkelaar.nl
|   Hostname: avr
|_  Router: 10.0.0.1
MAC Address: B8:27:EB:EE:1B:BD (Raspberry Pi Foundation)

Nmap done: 1 IP address (1 host up) scanned in 4.20 seconds

I have a question that probably could fix my problem. What if I change the Gateway address, during pi-hole configuration, and instead of setting 192.168.1.254 (my ISP router) I set 192.168.1.1 (the router I have into my house)? Then I can enable into my router the DHCP. But then how reacts the ISP router with DHCPs? I can't turn it off there because my mom and brother use that router to their home. Also I tried yesterday to turn it off, using only Pi-hole as DHCP, but none of my devices wroked, it looks like the ISP router has to have DHCP on otherwise nothing works.

Senza%20titolo719×370 4.86 KB

I have no idea how your network topology looks like ... but
both the Technicolor and TP-link routers allow you to configure the DNS server(s) to be pushed via DHCP to the clients:

image991×425 102 KB

And you have to make sure when you change any DHCP settings, you'll have to reboot the client PC used for testing, or renew DHCP lease in other way, for these changes to become effective on the client.

I did a dhcp-discovery against my both routers and these are the results

sudo nmap -sU -p67 --script dhcp-discover 192.168.1.254

Starting Nmap 7.40 ( https://nmap.org ) at 2019-04-07 00:53 CEST
Nmap scan report for 192.168.1.254
Host is up (0.0062s latency).
PORT   STATE         SERVICE
67/udp open|filtered dhcps
MAC Address: XX:XX:XX:XX:XX:XX (Technicolor)

Nmap done: 1 IP address (1 host up) scanned in 6.94 seconds

sudo nmap -sU -p67 --script dhcp-discover 192.168.1.1

Starting Nmap 7.40 ( https://nmap.org ) at 2019-04-07 00:54 CEST
Nmap scan report for 192.168.1.1
Host is up (0.00023s latency).
PORT   STATE  SERVICE
67/udp closed dhcps
MAC Address: XX:XX:XX:XX:XX:XX (Tp-link Technologies)

Nmap done: 1 IP address (1 host up) scanned in 1.96 seconds

And this is the test with DNS properly set

nslookup flurry.com
Server:  dsldevice.lan
Address:  192.168.1.254

Risposta da un server non autorevole:
Nome:    flurry.com
Addresses:  98.136.103.26
          74.6.136.153
          212.82.100.153

So today I decided to set DNS to Technicolor router (ISP router), I had troubles because every time I changed DNS all the IP's given by that router were resetted after the reboot of itself. So it was hard to set the right DNS with the same IP of Pi-hole, but in the end I had success. I changed also DNS to my TP-Link router and the result is that Pi-hole doesn't work: or at least that's what this page tells me, but from the Pi-hole's web page I can see that it blocks queries. So as you can see from the tests above it seems that there are still problems (for sure related by my ISP and its router, one of the worst router ever) but from the Pi-hole's web page seems that somenthing works. While, if I change DNS into my PC's Wi-Fi card, everything works, even DNSSEC test. I still don't understand what's going on here

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.