Pi-hole's host machine can't resolve local domains

Help Community Help
1

I am about to despair about this topic. I read dozens of articles, saw some videos on youtube and finally read this article here. Still, it just doesn't work for me.

When I finally do an nslookup on my Raspberry Pi that runs Pi-hole, I end up getting this:

pi@raspberrypi4:~ $ nslookup fritz.box
Server:         9.9.9.9
Address:        9.9.9.9#53

** server can't find fritz.box: NXDOMAIN

I set up a second Raspi with a fresh installation of everything and found out that it correctly resolves my router when not having Pi-hole yet installed.

Just after installation (with of course configuring the conditional forwarding) I get that error message.

chrome_20210703_184013
chrome_20210703_184013698×127 4 KB

I have no idea what else to do. I tried to install Pi-hole in a Docker container but I struggle over this insane IPv6 setup in a macvlan.

Anybody with some tipps how I can at least find out what's going wrong?

2

Have you also tested box as local domain name?

3

Adding to above, if you run below one on Pi-hole you should be able to see the Local domain name/DNS suffix/search domain that your FB is advertising to the network clients:

pi@ph5a:~ $ pihole-FTL dhcp-discover
[..]
   domain-name: "home.dehakkelaar.nl"
[..]

EDIT: Plus when run nslookup, try to supply the DNS server IP (could be the Pi-hole or router IP) that you want to query eg:

nslookup fritz.box <DNS_SERVER_IP>

4 
pi@raspberrypi4:~ $ pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers
Timeout: 10 seconds

WARN: Could not sendto() in send_dhcp_discover() (/root/project/src/dhcp-discover.c:223): Network is unreachable
* Received 548 bytes from eth0:192.168.178.1
  Offered IP address: 192.168.178.5
  Server IP address: 192.168.178.1
  Relay-agent IP address: N/A
  BOOTP server: (empty)
  BOOTP file: (empty)
  DHCP options:
   Message type: DHCPOFFER (2)
   server-identifier: 192.168.178.1
   lease-time: 864000 ( 10d )
   renewal-time: 432000 ( 5d )
   rebinding-time: 756000 ( 8d 18h )
   netmask: 255.255.255.0
   router: 192.168.178.1
   dns-server: 192.168.178.9
   domain-name: "fritz.box"
   broadcast: 192.168.178.255
   ntp-server: 192.168.178.1
   Port Control Protocol (PCP) server: 192.168.178.1

DHCP packets received on interface lo: 0
DHCP packets received on interface docker0: 0
DHCP packets received on interface vethafc5361: 0
DHCP packets received on interface veth46333ce: 0DHCP packets received on interface vethb3c0982: 0
DHCP packets received on interface eth0: 1
DHCP packets received on interface wlan0: 0

and

pi@raspberrypi4:~ $ nslookup fritz.box 192.168.178.5
Server:         192.168.178.5
Address:        192.168.178.5#53

Name:   fritz.box
Address: 192.168.178.1
Name:   fritz.box
Address: fd00::9a9b:cbff:feb6:5d61
Name:   fritz.box
Address: 2a04:xxx:xxx:xxx:xxx:xxx:xxx:xxx
5

I dont know which IP is what?
192.168.178.1 --> FB
192.168.178.5 --> ?
192.168.178.9 --> ?

And could you rephrase what your expecting pls?
If you mean the nslookup in your OP resolving to a NXDOMAIN (non existing domain), your querying the Quad9 public DNS server at 9.9.9.9, configured in your OS/network manager DNS settings, for a domain that only exists in your private LAN:

This 9.9.9.9 IP is most likely configured at the bottom of below file which you can edit (if change any, reboot to apply):

cat /etc/dhcpcd.conf

You should try run this exact same nslookup on one of your clients (Windows/MacOS or Linux) in a command prompt.
Looking at that Pi-hole settings screenshot, you configured Pi-hole correctly for conditional forwarding.

6

I need to have the local hostnames on the Pi where I am running Pi-hole.

It works flawlessly on all my other machines, but not on the Pi with the Pi-hole. As far as I understood it, this is "normal" unless you enable conditional forwarding in Pi-hole. Which perfectly makes sense to me. The Pi-hole should pass local hostnames to be resolved in my router.

192.168.178.1 --> FB

My router, the FritzBox

192.168.178.5 --> ?

IP of the Pi-Hole

192.168.178.9 --> ?

IP of another Pi-Hole in a docker container in a macvlan network (just testing this currently as a possible workaround, the problems I have were exactly the same without this additional Pi-hole).

Have you also tested box as local domain name?

Yes, but fritz.box is correct. It's the FritzBox's local domain name.

7

Then the only thing you need to do is edit the domain_name_servers line in the dhcpcd.conf file at the bottom:

sudo nano /etc/dhcpcd.conf

Change 9.9.9.9 into 127.0.0.1 (the localhost IP where pihole-FTL is also listening) and restart dhcpcd or maybe even reboot:

sudo service dhcpcd restart

Test by running the nslookup from your OP.

1 Like
8

Well... almost...

This made it:

static domain_name_servers=192.168.178.1

THANKS A LOT FOR YOUR HELP!!!! :grinning: :+1:

1 Like
9

If correctly installed, 127.0.0.1 should also work:

pi@ph5a:~ $ nslookup pi-hole.net 127.0.0.1
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   pi-hole.net
Address: 178.128.134.214

Because pihole-FTL should be listening on all IP's 0.0.0.0:

pi@ph5a:~ $ sudo netstat -nltup | grep ':53 '
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      6202/pihole-FTL
tcp6       0      0 :::53                   :::*                    LISTEN      6202/pihole-FTL
udp        0      0 0.0.0.0:53              0.0.0.0:*                           6202/pihole-FTL
udp6       0      0 :::53                   :::*                                6202/pihole-FTL

Advantages of using the 127.0.0.1 IP on the loopback adapter named lo is that nothing gets broadcasted over the eth0/wlan0 interface;
Also the loopback is way faster as ethernet or WiFi;
And loopback is not dependent on a physical connection like for example when the eth0 cable is unplugged

10

Unfortunately the solution with 127.0.0.1 only works if I ping or nslookup the router:

pi@raspberrypi4:~ $ nslookup fritz.box
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   fritz.box
Address: 192.168.178.1
Name:   fritz.box
Address: fd00::9a9b:cbff:feb6:5d61
Name:   fritz.box
Address: 2a04:xxxx:xxxx:xxxx:xxxx:cbff:feb6:5d61

Whenever I ping/nslookup anything else, I get this:

pi@raspberrypi4:~ $ nslookup Philips-Hue-Br2
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
*** Can't find Philips-Hue-Br2: No answer

This is how it is in /etc/dhcpd.conf:

interface eth0
        static ip_address=192.168.178.5/24
        static routers=192.168.178.1
        static domain_name_servers=127.0.0.1

If correctly installed, 127.0.0.1 should also work:

Yep... if... but since I did a fresh install, just Raspberry Pi OS and Pi-hole I do not understand why it just doesn't work out of the box. :frowning:

11

Pi-hole won't touch the DNS settings of its host machine, as that doesn't affect Pi-hole's operation.

You are free to configure your RPi's DNS resolution in any way you see fit (e.g. your RPi would have picked up Pi-hole as DNS from your FritzBox DHCP if you had configured your RPi to stick with DHCP (and configured a fixed IP address for it in your FB)).

It can be advantageous to provide a public DNS server in addition to or instead of Pi-hole.
That way, your RPi would still be able to resolve DNS and allowing you to reinstall or reconfigure Pi-hole or to update other OS packages even in case Pi-hole itself would be down, misconfigured or otherwise unavailable.

fritz.box is a fully qualified domain name (FQDN), whereas philips-hue-br2 isn't.

You may have to untick Never forward non-FQDNs under Advanced DNS settings from Settings| DNS.
If your router isn't your Pi-hole's only upstream, you may have to define respective Local DNS records for your plain hostnames instead.

1 Like
12

Try add a static domain_name=fritz.box line (the order/position of the line is important I believe!):

pi@ph5a:~ $ cat /etc/dhcpcd.conf
[..]
interface eth0
  static ip_address=10.0.0.2/24
  static routers=10.0.0.1
  static domain_name=home.dehakkelaar.nl
  static domain_name_servers=127.0.0.1

And compare the Pi-hole logs before and after you made the change when run the nslookup:

pihole -t

EDIT: Ow and I still have " Never forward non-FQDN" enabled as the queries going out will be a FQDN when the DNS suffix/domain_name is added:

image

13

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.