The issue I am facing:
I set my Google Wifi primary DNS to my PiHole address, and no secondary dns is specified, I thought this should force all traffic through my pi but for some reason I can still access pornhub and redtube on my Mac (but not on Windows):
If I point MacBook's primary dns to my pi address with no secondary dns, pornhub/redtube are blocked.
If I point MacBook's primary dns to pi and secondary to 1.1.1.1, pornhub/redtube are accessible.
I understand that the 1.1.1.1 above is a loophole, but I thought that pointing the router's only dns to the PiHole will block that loophole for as long as the Pi is active but that doesn't seem to be the case (I need that loophole for when my pi goes down)
Also, this seem to be a problem only on my Mac, my windows machine and IOS seem to block redtube/porhub ok
If I point hp laptop primary dns to pi and secondary to 1.1.1.1, pornhub/redtube are blocked.
Any advice will be appreciated on what's happening with the Macbook.
Thanks
Details about my system:
Primary DNS set on Router = PiHole address, no secondary dns specified (Google Wifi)
PiHole Upstream DNS are 1.1.1.3 and 1.0.0.3
What I have changed since installing Pi-hole:
Nothing,
You have provided two DNS servers to the Mac, and it is free to use either one. Eliminate the 1.1.1.1 and the Mac will have no other DNS server than Pi-hole, and all the DNS traffic from that client will go to Pi-hole.
You shouldn't need this. Set up your Pi so it is reliable, and then it won't go down. Good power supply, good quality SD card, don't fiddle with it, etc.
Another option is to run a second instance of Pi-hole on a different device (VM, another Pi, etc.). Then assign as DNS servers both the Pi-holes, and if either fails, the other picks up the DNS load.