As far as I can see only Google ads come through on my Moto G4+ with Android 7. And I have the same with Adblock in Lede.
So it might be that Google implemented some kind of bypass for DNS based adblockers. Maybe a VPN for google ads only.
Wondering if this is still an issue for people. I've been struggling with this all day and cannot figure out how to defeat the oddball DNS entry. If you do a getprop net.dns1 it gives an external V6 address. If you do a getprop net.dns2 it goes to my pi-hole. Now, what I didn't see mentioned before was a getprop net.dns3 also returns the pi-hole address. I played around and in the phone, if you manually set your DNS server, dns2 is the first line, dns3 is the second line, and dns1 doesn't seem to be configurable anywhere. This is on a Galaxy S8 running Android 7.0. With this behavior, Android is pretty much useless with pi-hole and my Netgear router.
Still an issue for me. I have the same setup, GS8+, I'm getting Comcast's IPv6 DNS servers, they can't be turned off and even if you enable IPv6 DNS from the pi hole, the Comcast servers take priority.
I haven't been able to come up with a solution. You used to be able to backup, download, and restore Comcast configs, figured that might be worth looking into, but doesn't appear that the feature is available anymore.
Just download any DNS_CHANGER APP and enter the dns of your pi-hole in that app it'll work definitely
resurrection of an old thread!
Yes, this is a possibility, but kind of defeats the purpose of pi-hole....a network wide ad blocking solution, eliminating the need to set DNS on a per device basis.
I actually cant remember how I solved this....seem to think it was something to do with IPV6
Android phones and Google devices (i.e. Chromecast) have their own hardcoded DNS servers, so this issue has to be fixed at a router level. Using FreshTomato firmware (administration > Scripts > Firewall).
If you want a network wide solution, paste these iptables rules to your router. It forces all DNS requests to the pihole, regardless of individual device settings. It then uses masquerade to make the device think that it got the result from the original DNS server it was trying to query. 192.168.1.100 is my pihole's local IP.
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -I PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 192.168.1.100:53
iptables -t nat -I PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 192.168.1.100:53
iptables -t nat -I PREROUTING -i br0 -p tcp -s 192.168.1.100 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br0 -p udp -s 192.168.1.100 --dport 53 -j ACCEPTNot sure on this, but all I can say is I have added no such rules to my pi-hole install and ads are now blocked on my android devices without the use of any DNS changer app.
And I can say for definite that my pi-hole works 100% network wide, with no per device configuration required. at all.
Hi @Valiceemo , please, do you remember the process to fix this problem? I have same error in my devices Android but computers and others pi-hole 100% every time.
thanks very mach for help
regards
I think the key was to disable IPV6 on my router.
Android does unusual things with DNS, I have found blocking access to the Internet on port 53 from any device but my pi-hole forces my android stuff to use the pi-hole. Many topics on this, look for port 53 and you'll find them. Also on the pi-hole reddit.
I found a solution for our Pixel 2 phones that was related to Private DNS being enabled. Details here: https://www.reddit.com/r/pihole/comments/aco8iu/later_model_andriod_devices_not_working_with/
1 Like
I had this problem after upgrading to Android Pie. I documented the issue on my Github Project.
Google added a new feature in Chrome called "Async DNS resolver" that ignores your DNS settings and forwards queries to Google instead.This issue can be solved with the following Steps:
* Launch Chrome
* Enter the URL "chrome://flags"
* search for "dns"
* Set "Async DNS resolver" to "Disabled"
* Click on "RELAUNCH NOW" to restart your browser
2 Likes
@Videopac is right.
Here is one solution.
When you have set everything like it should you will notice that ads in Firefox are being blocked.
Ads in Chrome are not blocked.
It is an implementation that Android phone makers add to the setup of the phone. Guess that Google insists on doing so.
How to solve this
Use adb and delete com.android.partnerbrowsercustomizations.chromeHomepage
(or similar, I know it has a slightly different name on Nokia phones)
For a howto on adb goto Google, there is plenty of information.
Just don't use the complete install, use minimal adb and fastboot instead which you can find on XDA.
I'm not sure why you say this....I see no ads in Google chrome, on either desktop nor mobile.
As far as I am aware, Google do not hardcode DNS servers into their software, but they perhaps do hardcode DNS servers into hardware, such as the Chromecast and Google Home devices
The basic summary of this thread is in order to get Pi-Hole functioning on an android device, I had to disable IPV6...at least for my ISP anyway.
confirmed by a fellow Sky (UK ISP provider) here in another thread
adb uninstall --user 0 com.android.partnerbrowsercustomizations.chromeHomepage
If having this issue because selecting a DNS from Android device while on WiFi causes your ISP ip6 DNS to be used, install DNS CHANGER which uses local VPN (so you can't use it with other VPNs from your Android) but you can turn off IP6 in the app and mobile browsing will have ads blocked.
I needed to do this since I can't direct my router to a DNS, and my Pi isn't set up as a VPN.
Holy thread ressurection batman! 
This is one workaround yes. But kind of defeats the point of a network wide ad blocker.
Easiest and most efficient solution is to disable IPV6 on the router as discussed way back.
1 Like
My point was when that isn't an option, that people aren't left out of options. Googling about Android issues with this still comes here, and it was no help for me a month or so back, because I cannot configure my IPS provided modem + router, and then I found
this workaround which works until I can get a proper router. Answer provided for those in my same situation who land here like I did, Robin.
No offence meant chap, apologies if it came across that way.
Just thought it had been discussed further up the thread
I believe this topic is still alive because there's not a clear answer. For example, I can't disable IPv6 DNS from my router. Also, I have a solution and I have figured out what Chrome on Android is doing.
First, what Android Chrome is doing. When Android gets the DNS servers when it connects to Wi-Fi it gets two addresses. The first, is pi-hole (for example 192.168.0.200) and the second DNS is typically a backup in case pi-hole is down (something external like 1.1.1.1). Chrome does a DNS lookup for an ad domain and pi-hole blocks it properly. But, Chrome then tries the secondary DNS because the first one didn't return a result. So Chrome then gets the ip of the ad domain from 1.1.1.1 which then causes the ad to show.
I've been able to confirm this action by changing my second DNS server to the Wi-Fi port on my pi-hole (IP 192.168.0.201 in my case). Now, when Android tries both DNS 1 & 2 for an ad domain, they both fail because both are pointing to my pi-hole.
While this does create a situation where if the pi-hole fails no DNS works, that has yet to happen. But, it does pinpoint the source of the problem. Android Chrome is not doing DNS correctly, it's trying DNS 2 when we're on purpose causing the DNS 1 lookup to fail.
Good luck getting Google to "fix" this, as they probably see it as a "feature". But the short answer is to point both DNS 1 and DNS 2 to your pi-hole (Ethernet port and Wi-Fi). If you don't have both Ethernet and Wi-Fi on your pi-hole, just set DNS 2 to 127.0.0.1 which is your localhost.
Tim
1 Like