Pihole failing for DNS response

rdx · August 9, 2020, 9:19am

I have installed it in ubuntu 20 minimal. below is tcpdump and i don't see any response going back to querying system. I have tried pihole -r repair as well as reinstall.

tcpdump -i any -c20 -nn host 10.0.0.4
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
02:13:10.613262 IP 10.0.0.4.43385 > 10.0.0.9.53: 25663+ A? mail.com. (26)
02:13:10.613303 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 62
02:13:15.611368 IP 10.0.0.4.43385 > 10.0.0.9.53: 25663+ A? mail.com. (26)
02:13:15.611406 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 62
02:13:15.674580 ARP, Request who-has 10.0.0.4 tell 10.0.0.9, length 28
02:13:15.675052 ARP, Reply 10.0.0.4 is-at 02:00:17:00:1a:e9, length 42
02:13:20.611488 IP 10.0.0.4.43385 > 10.0.0.9.53: 25663+ A? mail.com. (26)
02:13:20.611527 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 62
02:13:30.108053 IP 10.0.0.4.35595 > 10.0.0.9.53: 48535+ A? yahoo.com. (27)
02:13:30.108095 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 63
02:13:35.108063 IP 10.0.0.4.35595 > 10.0.0.9.53: 48535+ A? yahoo.com. (27)
02:13:35.108108 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 63
02:13:40.108210 IP 10.0.0.4.35595 > 10.0.0.9.53: 48535+ A? yahoo.com. (27)
02:13:40.108251 IP 10.0.0.9 > 10.0.0.4: ICMP host 10.0.0.9 unreachable - admin prohibited, length 63

ufw status verbose
Status: active
Logging: on (low)
Default: allow (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From

80/tcp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
53/udp ALLOW IN Anywhere
53/tcp ALLOW IN Anywhere
80/tcp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
53/udp (v6) ALLOW IN Anywhere (v6)
53/tcp (v6) ALLOW IN Anywhere (v6)

nmap 10.0.0.9

Starting Nmap 6.40 ( http://nmap.org ) at 2020-08-09 01:42 PDT
Nmap scan report for (10.0.0.9)
Host is up (0.00028s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
MAC Address: 01:01:17:00:C0:BC (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 5.87 seconds

[✓] Your debug token is: https://tricorder.pi-hole.net/ody60s9iaf

Bucking_Horn · August 9, 2020, 9:23am

You are blocking some of Pi-hole's required ports.
You may want to verify your firewall settings.

rdx · August 9, 2020, 10:02am

@Bucking_Horn I have pasted ufw status earlier and all ports are open. Do i need to open iptables/Firewalld as well

Bucking_Horn · August 9, 2020, 10:28am

No, your ports are not open.
You're missing at least port 53 (as demonstrated by nmap), which is vital for DNS.

Please read through our docs, I've provided the relevant links for you above. They include configuration suggestions for ufw as well.

rdx · August 9, 2020, 5:37pm

@Bucking_Horn I don't know much about linux firewalls but i had to add iptables rule to make it work. Thanks.