Pihole isnt working correctly and i have no idea why

Help
1

The issue I am facing: I have recently setup a pihole and i am facing issues such as not having any received queries even after setting up my router to specifically use the dns and having the dns request refused when trying to receive a request from outside the network (;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 12350). One other issue i had is the sql database in which i dont really know why its spitting out errors on the log.

What I have changed since installing Pi-hole: nothing other than installing unbound

Debug token: https://tricorder.pi-hole.net/wBOHo4lx/

2

Your debug log indicates otherwise:

 gravity_count         7976983

You have removed the default adlist and inserted 169 lists into your Pi-hole.

You are also trying to insert a list of regex entries as a single regex entry in Pi-hole. This won't work:

*** [ DIAGNOSING ]: Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)
   id     type  enabled  group_ids     domain                                                                                                date_added           date_modified        comment                                           
   -----  ----  -------  ------------  ----------------------------------------------------------------------------------------------------  -------------------  -------------------  --------------------------------------------------
   15        3        1  0             https://github.com/mmotti/pihole-regex/raw/master/regex.list                                          2022-09-06 05:49:45  2023-10-24 16:20:56

Your gravity database alone is taking up almost 1GB of disk space:

*** [ DIAGNOSING ]: Gravity Database
-rw-rw-r-- 1 pihole pihole 977M Oct 30 14:45 /etc/pihole/gravity.db
...

You have also changed the default rate limit:

-rw-rw-r-- 1 pihole root 146 Oct 30 17:46 /etc/pihole/pihole-FTL.conf
   PRIVACYLEVEL=0
   RATE_LIMIT=1000/10

Your DHCP server (the router) is distributing its own IP for DNS, not the IP of Pi-hole. Your Pi-hole is at 192.168.1.3.

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   
   * Received 326 bytes from enp3s0:192.168.1.1
     Offered IP address: 192.168.1.3
     Server IP address: 192.168.1.1
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.1.1
      lease-time: 86400 ( 1d )
      renewal-time: 43200 ( 12h )
      rebinding-time: 75600 ( 21h )
      netmask: 255.255.255.0
      broadcast: 192.168.1.255
      router: 192.168.1.1
      dns-server: 192.168.1.1
      domain-name: "home"
      hostname: "ovh-HP-Compaq-Pro-6305-SFF"
      --- end of options ---
   
   DHCP packets received on interface enp3s0: 1

Your Pi-hole should not be receiving DNS queries from outside the network. It is intended to be run on your LAN, hidden from the internet.

What are the outputs of the following commands from the Pi terminal:

echo ">stats >quit" | nc localhost 4711

echo ">top-clients >quit" | nc localhost 4711

echo ">top-domains >quit" | nc localhost 4711

echo ">top-ads >quit" | nc localhost 4711
4 
echo ">stats >quit" | nc localhost 4711
domains_being_blocked 7976983
dns_queries_today 399
ads_blocked_today 74
ads_percentage_today 18.546366
unique_domains 110
queries_forwarded 312
queries_cached 13
clients_ever_seen 7
unique_clients 7
dns_queries_all_types 399
reply_UNKNOWN 84
reply_NODATA 20
reply_NXDOMAIN 1
reply_CNAME 89
reply_IP 168
reply_DOMAIN 5
reply_RRNAME 4
reply_SERVFAIL 0
reply_REFUSED 0
reply_NOTIMP 0
reply_OTHER 0
reply_DNSSEC 26
reply_NONE 0
reply_BLOB 2
dns_queries_all_replies 399
privacy_level 0
status enabled

echo ">top-clients >quit" | nc localhost 4711
0 331 192.168.1.1 speedport.ip
1 45 :: pi.hole
2 11 127.0.0.1 localhost
3 3 192.168.1.3 pi.hole
4 3 ::1 ip6-localhost
5 3 2a02:587:4e0b:d300:145d:5914:d052:bb4 pi.hole
6 3 2a02:587:4e0b:d300:998b:94a8:d259:6b85 pi.hole

echo ">top-domains >quit" | nc localhost 4711
0 69 connectivity-check.ubuntu.com
1 29 ccp-lh.googleusercontent.com
2 28 clients4.google.com
3 12 android.googleapis.com
4 12 gr.lgtvsdp.com
5 11 nrdp.prod.cloud.netflix.com
6 10 nrdp-ipv6.prod.ftl.netflix.com
7 10 clients3.google.com
8 8 connectivitycheck.gstatic.com
9 7 api.strem.io

echo ">top-ads >quit" | nc localhost 4711
0 25 customerevents.netflix.com
1 13 ichnaea.netflix.com
2 8 nrdp.nccp.netflix.com
3 4 connectivity-check.ubuntu.com
4 3 annafromukraine.blogspot.co.il
5 3 4kstarhd.club
6 3 bafybeid54epswahvmjorz4nlyearvuaqi3hycjdu3iwq3oztuogi2qz2lq.ipfs.infura-ipfs.io
7 3 star.smart-tv-data.com
8 2 pomozbudowac.pl
9 2 app-measurement.com
5

Also the pihole has a static IP (192.168.1.3) and I have already set this as the routers DNS resolver. By setting 192.168.1.1 on devices I've observed that the pihole replies and not anything on the router

6

All the queries are from the router or from Pi-hole itself.

Note that this may not be unusual, but you are also reporting that you are not receiving queries.

From a client that you believe should be connected to the Pi-Hole for DNS, from the command prompt or terminal on that client (and not via ssh or Putty to the Pi), what is the output of

nslookup pi.hole

nslookup flurry.com

nslookup flurry.com 192.168.1.3

7 

nslookup pi.hole
Server:         192.168.1.1
Address:        192.168.1.1#53
Name:   pi.hole
Address: 192.168.1.3
Name:   pi.hole
Address: 2a02:587:4e0b:d300:998b:94a8:d259:6b85

nslookup flurry.com
Server:         192.168.1.1
Address:        192.168.1.1#53
Name:   flurry.com
Address: 0.0.0.0
Name:   flurry.com
Address: ::

nslookup flurry.com 192.168.1.3
Server:         192.168.1.3
Address:        192.168.1.3#53
Name:   flurry.com
Address: 0.0.0.0
Name:   flurry.com
Address: ::

This is from another Linux computer

8

Also just for the record

I am connected to my wifi from my phone and looking at the pihole. There should be way more requests

Maybe a router issue I'm guessing ?

9

IMG_20231030_192724
IMG_20231030_1927241080×2174 144 KB

Here's the DNS setting on my router.

10

At least from the client you checked, that client is using Pi-hole for DNS (via the router). The answers to the queries are correct. This would indicate that Pi-hole is working correctly, and clients that are getting DHCP from the router are using Pi-hole (at least this client is).

This would lead to the conclusion that it may be a client issue.

Try this to see if your phone is using Pi-hole:

Tail the pihole log with pihole -t from the Pi terminal.

Launch an app on your phone, and you should see a quick blast of requests to Pi-hole as shown in the log tail.

11

Yeah it doesn't do that that's the thing. There isn't any blast and id know since I had a functional pihole before I reinstalled haha

12

I'm starting to think that this is a router issue since my old one worked perfectly. Setting 192.168.1.1 on any device would result in using the pihole due to the DNS setting on the router.

14

Okay good news I fixed the issue. It was my router

It didn't like that I put the same IP as secondary but now I discovered another issue :confused:

15

IMG_20231030_200504
IMG_20231030_2005041080×1820 174 KB

May have to do with permissions in the database or something

17

Run these commands to move the existing query database to a new file name and create a fresh query database.

sudo service pihole-FTL stop

sudo mv /etc/pihole/pihole-FTL.db /etc/pihole/pihole-FTL-old.db

sudo service pihole-FTL start
18

It worked thanks :+1:

19

Update: it worked for a solid 10 mins then magically stopped receiving requests.

My router is a Speedport Plus 2 if that helps

20

I can't help you with your router. Please visit the forums for your router.

21

Yeah I understand, thanks anyways though you were really helpful

22

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.