Please follow the below template, it will help us to help you!
Expected Behaviour:
when dns sec turned on and dns upstream set to opendns or cloudfare for families ui.com and subdomains should resolve. I should not have to whitelist.
Actual Behaviour:
All ui.com and subdomains dont resolve when the dns sec is turned on and I try to use either opendns or cloudfare for families. I even tried to whitelist the entire domain which didnt work. I know its the pihole as when I configure the ip manually on the client for dns resolution it works. If I uncheck "use dnssec" it also works. All other websites work.
Debug Token:
https://tricorder.pi-hole.net/LwwymPxi/
What do you see in the Query Log table?
What is the status when this domain is blocked?
FWIW, both ui.com, and community.ui.com work in my setup using Cloudflare/Quad9 with DNSSEC enabled, and no specific whitelist entry.
1 Like
Hello - I see this. I can repeat this behaviour reliably every time:
the red scribbled over part is the internal IP address of the client.
When I turn "use dnssec" off I get the following:
Notably in the second example - the red scribbled over part it doesnt show the ip address, it shows the hostname. Not sure if this is a clue. This is bizarre as no other websites are blocked. It also doesnt matter who the upstream dns resolver is (cisco family or cloudfare).
