Pi-hole's host machine can't resolve local domains

I am about to despair about this topic. I read dozens of articles, saw some videos on youtube and finally read this article here. Still, it just doesn't work for me.

When I finally do an nslookup on my Raspberry Pi that runs Pi-hole, I end up getting this:

pi@raspberrypi4:~ $ nslookup fritz.box
Server:         9.9.9.9
Address:        9.9.9.9#53

** server can't find fritz.box: NXDOMAIN

I set up a second Raspi with a fresh installation of everything and found out that it correctly resolves my router when not having Pi-hole yet installed.

Just after installation (with of course configuring the conditional forwarding) I get that error message.

I have no idea what else to do. I tried to install Pi-hole in a Docker container but I struggle over this insane IPv6 setup in a macvlan.

Anybody with some tipps how I can at least find out what's going wrong?

Have you also tested box as local domain name?

Adding to above, if you run below one on Pi-hole you should be able to see the Local domain name/DNS suffix/search domain that your FB is advertising to the network clients:

pi@ph5a:~ $ pihole-FTL dhcp-discover
[..]
   domain-name: "home.dehakkelaar.nl"
[..]

EDIT: Plus when run nslookup, try to supply the DNS server IP (could be the Pi-hole or router IP) that you want to query eg:

nslookup fritz.box <DNS_SERVER_IP>

pi@raspberrypi4:~ $ pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
Timeout: 10 seconds

WARN: Could not sendto() in send_dhcp_discover() (/root/project/src/dhcp-discover.c:223): Network is unreachable
* Received 548 bytes from eth0:192.168.178.1
  Offered IP address: 192.168.178.5
  Server IP address: 192.168.178.1
  Relay-agent IP address: N/A
  BOOTP server: (empty)
  BOOTP file: (empty)
  DHCP options:
   Message type: DHCPOFFER (2)
   server-identifier: 192.168.178.1
   lease-time: 864000 ( 10d )
   renewal-time: 432000 ( 5d )
   rebinding-time: 756000 ( 8d 18h )
   netmask: 255.255.255.0
   router: 192.168.178.1
   dns-server: 192.168.178.9
   domain-name: "fritz.box"
   broadcast: 192.168.178.255
   ntp-server: 192.168.178.1
   Port Control Protocol (PCP) server: 192.168.178.1

DHCP packets received on interface lo: 0
DHCP packets received on interface docker0: 0
DHCP packets received on interface vethafc5361: 0
DHCP packets received on interface veth46333ce: 0DHCP packets received on interface vethb3c0982: 0
DHCP packets received on interface eth0: 1
DHCP packets received on interface wlan0: 0

and

pi@raspberrypi4:~ $ nslookup fritz.box 192.168.178.5
Server:         192.168.178.5
Address:        192.168.178.5#53

Name:   fritz.box
Address: 192.168.178.1
Name:   fritz.box
Address: fd00::9a9b:cbff:feb6:5d61
Name:   fritz.box
Address: 2a04:xxx:xxx:xxx:xxx:xxx:xxx:xxx

I dont know which IP is what?
192.168.178.1 --> FB
192.168.178.5 --> ?
192.168.178.9 --> ?

And could you rephrase what your expecting pls?
If you mean the nslookup in your OP resolving to a NXDOMAIN (non existing domain), your querying the Quad9 public DNS server at 9.9.9.9, configured in your OS/network manager DNS settings, for a domain that only exists in your private LAN:

This 9.9.9.9 IP is most likely configured at the bottom of below file which you can edit (if change any, reboot to apply):

cat /etc/dhcpcd.conf

You should try run this exact same nslookup on one of your clients (Windows/MacOS or Linux) in a command prompt.
Looking at that Pi-hole settings screenshot, you configured Pi-hole correctly for conditional forwarding.

I need to have the local hostnames on the Pi where I am running Pi-hole.

It works flawlessly on all my other machines, but not on the Pi with the Pi-hole. As far as I understood it, this is "normal" unless you enable conditional forwarding in Pi-hole. Which perfectly makes sense to me. The Pi-hole should pass local hostnames to be resolved in my router.

192.168.178.1 --> FB

My router, the FritzBox

192.168.178.5 --> ?

IP of the Pi-Hole

192.168.178.9 --> ?

IP of another Pi-Hole in a docker container in a macvlan network (just testing this currently as a possible workaround, the problems I have were exactly the same without this additional Pi-hole).

Have you also tested box as local domain name?

Yes, but fritz.box is correct. It's the FritzBox's local domain name.

Then the only thing you need to do is edit the domain_name_servers line in the dhcpcd.conf file at the bottom:

sudo nano /etc/dhcpcd.conf

Change 9.9.9.9 into 127.0.0.1 (the localhost IP where pihole-FTL is also listening) and restart dhcpcd or maybe even reboot:

sudo service dhcpcd restart

Test by running the nslookup from your OP.

Well... almost...

This made it:

static domain_name_servers=192.168.178.1

THANKS A LOT FOR YOUR HELP!!!! :grinning: :+1:

1 Like

If correctly installed, 127.0.0.1 should also work:

pi@ph5a:~ $ nslookup pi-hole.net 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   pi-hole.net
Address: 178.128.134.214

Because pihole-FTL should be listening on all IP's 0.0.0.0:

pi@ph5a:~ $ sudo netstat -nltup | grep ':53 '
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      6202/pihole-FTL
tcp6       0      0 :::53                   :::*                    LISTEN      6202/pihole-FTL
udp        0      0 0.0.0.0:53              0.0.0.0:*                           6202/pihole-FTL
udp6       0      0 :::53                   :::*                                6202/pihole-FTL

Advantages of using the 127.0.0.1 IP on the loopback adapter named lo is that nothing gets broadcasted over the eth0/wlan0 interface;
Also the loopback is way faster as ethernet or WiFi;
And loopback is not dependent on a physical connection like for example when the eth0 cable is unplugged

Unfortunately the solution with 127.0.0.1 only works if I ping or nslookup the router:

pi@raspberrypi4:~ $ nslookup fritz.box
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   fritz.box
Address: 192.168.178.1
Name:   fritz.box
Address: fd00::9a9b:cbff:feb6:5d61
Name:   fritz.box
Address: 2a04:xxxx:xxxx:xxxx:xxxx:cbff:feb6:5d61

Whenever I ping/nslookup anything else, I get this:

pi@raspberrypi4:~ $ nslookup Philips-Hue-Br2
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
*** Can't find Philips-Hue-Br2: No answer

This is how it is in /etc/dhcpd.conf:

interface eth0
        static ip_address=192.168.178.5/24
        static routers=192.168.178.1
        static domain_name_servers=127.0.0.1

If correctly installed, 127.0.0.1 should also work:

Yep... if... but since I did a fresh install, just Raspberry Pi OS and Pi-hole I do not understand why it just doesn't work out of the box. :frowning:

Pi-hole won't touch the DNS settings of its host machine, as that doesn't affect Pi-hole's operation.

You are free to configure your RPi's DNS resolution in any way you see fit (e.g. your RPi would have picked up Pi-hole as DNS from your FritzBox DHCP if you had configured your RPi to stick with DHCP (and configured a fixed IP address for it in your FB)).

It can be advantageous to provide a public DNS server in addition to or instead of Pi-hole.
That way, your RPi would still be able to resolve DNS and allowing you to reinstall or reconfigure Pi-hole or to update other OS packages even in case Pi-hole itself would be down, misconfigured or otherwise unavailable.

fritz.box is a fully qualified domain name (FQDN), whereas philips-hue-br2 isn't.

You may have to untick Never forward non-FQDNs under Advanced DNS settings from Settings| DNS.
If your router isn't your Pi-hole's only upstream, you may have to define respective Local DNS records for your plain hostnames instead.

1 Like

Try add a static domain_name=fritz.box line (the order/position of the line is important I believe!):

pi@ph5a:~ $ cat /etc/dhcpcd.conf
[..]
interface eth0
  static ip_address=10.0.0.2/24
  static routers=10.0.0.1
  static domain_name=home.dehakkelaar.nl
  static domain_name_servers=127.0.0.1

And compare the Pi-hole logs before and after you made the change when run the nslookup:

pihole -t

EDIT: Ow and I still have " Never forward non-FQDN" enabled as the queries going out will be a FQDN when the DNS suffix/domain_name is added:

image

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.