Yesterday I installed and configured my Pihole and so far it is blocking a lot of ads which is great. My mood changed, after I ran nslookup on a client which I thought is sending its request through my Pihole. It seems, that i made a mistake somewhere because instead of showing my pihole as server, the ouput is "Unknown".
Expected Behaviour:
I saw in another Draft, that the mod @Bucking_Horn recommended to try the command: nslookup flurry.com 192.168.0.xx
I replaced the ip adress with my piholes actual ip address before executing. The result shoud return 0.0.0.0.
Unfortunately that is not the case.
Hardware: Raspi Zero W
Router: Speedport Smart 4
I set the local dnsv4 to the ip address of my pihole and as local dnsv6 i used the link local ipv6 of my pihole (fe:xxx).
DHCP is disabled on my router and enabled on pihole.
As Upstream DNS I chose Cloudflare (all 4 dns server)
Actual Behaviour:
Response of nslookup flurry.com [pihole-ip address]
Those timeouts mean that your DNS requests do not reach your Pi-hole, most often caused by a firewall on the device hosting your Pi-hole, or by routing issues.
You should check your Pi-hole host machine's firewall settings to allow for Pi-hole's required ports.
Your debug log also shows an usual network interface.
*** [ DIAGNOSING ]: Network interfaces and addresses
3: ztcfwv2bor: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc pfifo_fast state UNKNOWN group default qlen 1000
inet 192.168.192.1/24 brd 192.168.192.255 scope global ztcfwv2bor
valid_lft forever preferred_lft forever
inet6 fe80::<redacted>44a/64 scope link
valid_lft forever preferred_lft forever
Is the client you ran that nslookup from perhaps connecting via that interface?
Hi @Bucking_Horn thanks for the quick response. I created an account on ZeroTier Central and created a network to access my pihole via vpn from outside my network. The ip 192.168.192.1 belongs also to pihole but is from zerotier.
Do you think, that this may cause problems?
The client I ran nslookup with is not connected via vpn.
Also thanks for the firewall hint, I'm going to have a look at it after work
Ok so I checked my raspberry pi. First of all there is no firewall, like ufw installed. Next, I logged into my router and opened the ports according to the link you pasted.
I also uninstalled zerotier so that this Ip address you you noticed is also gone. Unfortunately I still get the same result after running nslookup..
That may suggest that something on the Windows machine that you ran the nslookup from is interfering.
The default DNS server (at least, the one that was used for that lookup) of that Windows machine is reported as 103.86.96.100.
That seems to be one of NordVPN's DNS servers.
It's not uncommon for VPN software to intercept DNS and forward it to their own set of servers, in an attempt to prevent DNS leaks.
That said, there may be ways to have NordVPN use a local custom DNS like Pi-hole, but you'd have to inquire with NordVPN's support to find out if and how they would allow and support this.
Generally, yes.
It means your router is advertising its own IPv6 address as local DNS server, allowing clients to by-pass your Pi-hole at 192.168.2.198.
But at the same time, your router seems to be configured to use Pi-hole as its upstream, so any DNS requests it receives ultimately end up in Pi-hole as well (which is ok).
The one drawback is that you won't be able those DNS requests travelling via your router to individual clients, and thus you won't be able to apply client specific filtering successfully.
If your router supports it, it would be preferred you could stop it from advertising any IPv6 addresses at all, or perhaps advertise one of your Pi-hole instead.
Thats weird, I chose my piholes ipv4 and link local ipv6 address as dns server, but unfortunately it still isn't working as I expect:
We also have a fritz repeater 6000 to which i'm connected right now. Do you think, that it can interfere?
Thanks for the quick response. In that case I don't think that my speedport has an option where I can set the DNS Servers for my clients. Do I need to configure something in the dns tab of my admin interface?
As mentioned, with your current configuration of your router using Pi-hole as its upstream...
So that's a a valid configuration, and if you do not aspire to see DNS requests from individual clients, you could keep it.
If you'd want clients to talk directly to your Pi-hole for DNS, then you'd need to configure your router's DHCP server to hand out Pi-hole's IPv4 address as local DNS server, and in addition to not advertise its own IPv6 via NDP/RA/RDNSS for client's SLAAC. Commonly, those are DHCP/LAN type of options.
You'd have to consult your router's documentation and support channels for details on if and how those options would be supported by your router.
