PiHole handles requests but doesn't block anything

I've been trying to get a PiHole up and running in our organisation, but have run in to a couple of snags... Currently the PiHole acts as a DNS server for a couple of test clients and it looks like it answers the requests nicely, but it doesn't seem to block any ads.

The current setup is as following :
The PiHole has 2 DNS servers setup. I used our domain controllers because we have a lot of internal web interfaces and the're all listed in them. (Just to be clear, this problem was the same when I used Google or any other DNS servers, it was just really convenient to not have to create an entire hosts file for our organisation).
The client then uses a Proxy server (Squid proxy) on another server to exit the network (had to add the proxy to the hosts file because otherwise the PiHole wouldn't find it). I also added the PiHole to the DNS list of the proxy but I don't really know if that is even necessary since all traffic going through proxy should already have the correct address...

So I can do an NSLookup to whatever address I want and the PiHole nicely replies, I can also do NSLookup to a blocked domain and see that the PiHole's response is 127.0.0.1, but it seems to stop working when I start surfing...

I've created a debug log, but only looking at the queries some sites just don't have queries in there...I started the debug, opened 4 websites (3 of which I know are very ad-heavy) and for some reason only one of the domains of the explicit site show up... The others there is no trace (ads are also not blocked on any of the websites).

I've also had Wireshark run to see if the client may be using another DNS, but every DNS query is between the client and the PiHole, so I do not understand where it gets its DNS records...

The main testing clients IP is 172.17.10.107 and the PiHole's IP is 172.17.10.169.

Debug token : zx3h667xh0

Check this guide to see if it's Chrome's fault (QUIC):

It had nothing to do with Chrome, enabling a proxy server seems to override the DNS settings as it would still use the DNS provided by the Proxy when surfing (NSLookup however still goes through manual DNS...). Adding the pihole dns to the proxy would do nothing until reboot apparently, so clicking apply really didn't do anything in Squid.

I've given up on trying to make the PiHole work like this since it seems it does not handle any nonFQDM requests (not forwarding either unfortunately), and because our organisation is too big to just put all servers in the host file manually I'm now trying to put the PiHole as a DNS server on our DC. That's not going swimmingly also unfortunately...

That sounds like a configuration problem. You can have whatever handles your hostnames as Pi-hole's upstream server, and non-FQDM will go through as long as you haven't checked this option in the Pi-hole settings: never forward non-FQDNs (also review this option: never forward reverse lookups for private IP ranges).

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.