Expected Behaviour:
Block ads on all deviced connected to Wifi.
Actual Behaviour:
Blocked 3 ads within two hours despite using multiple test sites.
Maybe your requests (in a client) are going through a secondary IPV4 DNS ?
Or maybe IPV6 ?
What's the output of nslookup flurry.com on a connected client ?
Hi, thanks for the quick reply!
The output of that would be:
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: flurry.com
Address: 0.0.0.0
Name: flurry.com
Address: ::
That shows that the query went trough Pi-hole and it was blocked (working).
You should see the query now blocked on your admin interface.
Yes, it showed another two blocked queries in the admin interface, but it doesn't block any other ads and no new blocked queries show up if i visit sites on each of the devices connected to my wifi. The interface says it's connected etc., which is why i have no idea why it isn't blocking anything
This indicates that the DNS queries are not going to Pi-Hole. There is another DNS available to clients, and they are using that.
What is the ouput of this command from the Pi terminal:
sudo grep flurry.com /var/log/pihole.log
I changed both the usable DNS in my routers settings to the IP of the Pi, then changed the second one to 0.0.0.0 as advised by someone in the Pihole discord server, but the problem is the same in both cases. This is the output.
Sep 10 19:49:47 dnsmasq[8136]: query[AAAA] data. flurry .com from 192.168.2.101
Sep 10 19:49:47 dnsmasq[8136]: /etc/pihole/gravity.list data. flurry. com is 0.0.0.0
Sep 10 19:49:47 dnsmasq[8136]: query[A] data. flurry. com from 192.168.2.101
Sep 10 19:49:47 dnsmasq[8136]: /etc/pihole/gravity.list data. flurry. com is 0.0.0.0
Sep 10 19:52:22 dnsmasq[8136]: query[AAAA] data. flurry. com from 192.168.2.101
Sep 10 19:52:22 dnsmasq[8136]: /etc/pihole/gravity.list data. flurry .com is 0.0.0.0
Sep 10 19:52:22 dnsmasq[8136]: query[A] data. flurry.com from 192.168.2.101
Sep 10 19:52:22 dnsmasq[8136]: /etc/pihole/gravity.list data.flurry. com is 0.0.0.0
Sep 11 17:53:06 dnsmasq[520]: query[A] flurry.com from 127.0.0.1
Sep 11 17:53:06 dnsmasq[520]: /etc/pihole/gravity.list flurry. com is 0.0.0.0
Sep 11 17:53:06 dnsmasq[520]: query[AAAA] flurry. com from 127.0.0.1
Sep 11 17:53:06 dnsmasq[520]: /etc/pihole/gravity.list flurry. com is 0.0.0.0
(Added the spaces before the .com because the forum won't let me post that many links)
What client is at IP 101 and are you seeing ads on that client?
I can't find a client with the IP 101 in my network, my Macbook has 100. The only other clients are two phones with 145 and 146. No 101 anywhere, I'm super lost
Maybe it helps to add that it does block ads if I manually change the DNS on each device, however this doesn't work on all devices (my phone loses it's connection to the wifi if i do that for example), and it shows grey boxed where banner ads are blocked. Thank you again
That may be an old IP that has since changed - the output in your log shows that request 24 hours ago.
Let's look at which clients have connected to your Pi. What is the output of this command from the Pi terminal:
echo ">top-clients withzero (25)" | nc 127.0.0.1 4711
Then compare the list of clients with the clients on your router (typically shown in the DHCP tab) and see if any are missing.
This indicates a settings problem in the router - it may not be assigning DNS to Pi-Hole only. When you force the DNS to go through Pi-Hole, Pi-Hole processes the queries and blocks ads.
This is common. Pi-Hole blocks the content that would go in the box, and the browser does not have any code to replace the empty box with something else, so you see the empty boxes.
Is there any other way to force a client to use that DNS? On my TV even manually changing it doesnt seem to do anything but that might be cached ads. Changing it on the router doesnt seem to affect any device.
You have several choices:
- Use Pi-Hole as your DHCP server, and turn off the DHCP on the router (not all routers support this option):
-
Manually map clients to Pi-Hole (you can't do this on some clients like IOT devices).
-
Figure out the settings on your router, or even put your current router in bridge mode and put a different router on the network to run NAT and DHCP services.
Thank you for the help, I've put the project on pause for now and will try these once I pick it back up.
So I was having this issue. It turns out that I had a DNS proxy running locally.
Try running this:
sudo ps -ef |grep "127.0.0.1:53"
and see if that's happening. This will be a bigger problem unfortunately since many large companies are starting to encrypt all their DNS traffic.
I do see that pi-hole has instructions for using DNSCrypt for DNSEC traffic which is very good. That's a huge security feature. You can find that here: DNSCrypt 2.0 · pi-hole/pi-hole Wiki · GitHub
That should be installed as a default IMHO. Then just let the user check to use it or not from the menu.
How will this affect a Pi-Hole user? The requests for DNS resolution from Pi-Hole to an upstream resolver are not affected by how large companies manage their DNS traffic.
Isn't DNSCrypt an encrypted DNS (not a DNSSEC solution)? What security does DNSCrypt provide that DNSSEC does not?
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.