Pihole not working correctly on mobile devices after ISP change

Hi there, I'm facing some issues with my pihole instance on my Orange Pi Zero device. I have also Unbound configured.

Expected Behaviour:

Pihole should be blocking the same ads both on desktop and mobile devices.

Actual Behaviour:

I recently made a change from ISP so they gave me a new router. From that moment Pi Hole started to work erratically, at least on my mobile devices (Android, with Private DNS already turned off anyway). Some ads are blocked, some are not. But those same ads are 100% blocked on my Windows device.

Also the DNS SEC test at https://dnssec.vs.uni-due.de/ fails, on every device for that matter, both mobile and desktop

DHCP is coming from the router, but I also tried with Pihole DHCP server, in both scenarios with the DNS setting on the router enabled (both DNS entries with the same Pihole IP address just in case). But anyway, this working okay before the ISP change.

I'm running out of ideas here so I can't think what could be wrong.

Debug Token:

https://tricorder.pi-hole.net/zGxvR2Ew/

Thank you very much.

Your router is handing out its own IP as DNS server alongside Pi-hole:

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 278 bytes from eth0:192.168.1.1
     Offered IP address: 192.168.1.59
     DHCP options:
      Message type: DHCPOFFER (2)
      router: 192.168.1.1
      dns-server: 192.168.1.17
      dns-server: 192.168.1.1

Pi-hole must be the sole DNS resolver for your network, or else your clients will by-pass Pi-hole, in your case via your router at 192.168.1.1.

Hey, thanks for the fast reply.

That's the setting that was showing when I had the DHCP server enabled on the router.
Now I've switched again to pihole as the DHCP server, and this is the new debug token: https://tricorder.pi-hole.net/PsW286Bk/

And these are my settings on the router:

pihole

Thank you

Hey guys, just checking if someone could have an idea on what to do with this issue?

I think I've found something weird regarding the new router. Even when I set the Primary DNS to 8.8.8.8 and Secondary DNS to 1.1.1.1, in Windows I get this (even then, windows and desktop devices seem to correctly block ads, issue is always with mobile)

dns

So this router is somehow adding itself as a DNS server, and a third one?

Anyone knows what could be happening and how to solve this?
For what I've seen, it might have something to do with ipv6 somehow? But not entirely sure.

Thank you again.

A bunch of Asus routers are bugged too with the same affliction:

Nice "recap" at near the bottom!

Right, in this case it's a ZTE router, so I guess this same issue happens here with the device automatically adding itself as a DNS server on the lan configuration, even when I configure otherwise.

So, nothing to do then I imagine unless I get my own router and ditch this one...

Thank you.

If you read that linked thread I posted above, you have the option to disable the DHCP service on the router and replace it with Pi-hole's own DHCP service.

EDIT:

Yes, but I had already tried with DHCP server from Pihole instead of the router. And that only seems to change who's assigning and distributing the IP addresses to the devices, it's not changing what's happening with the DNS blocking, since it fully works on desktop devices (wired or not), but it sometimes works and sometimes doesn't on mobile devices.

I can try from time to time with the mobile device to access http://pi.hole and sometimes it works, sometimes it doesn't, meaning the device is not using Pihole's DNS every single time.

So I guess this 192.168.1.1 as DNS server is still being used somehow, that's the only thing I can think of with this behavior.

Thanks

edit:

However, Windows is now reporting only the Pihole's IP as DNS, the way it should be:

dhcp2

But the problem remains on the mobile side. Quite weird...

Is that after switching DHCP to that of Pi-hole?
Because thats how it should look like with only one DNS server IP, the Pi-hole IP:

Mind though that cache is everywhere!
Reboot the devices if you suspect something is still being cached.

Correct, Windows now reports only one DNS server now, the pihole's, after disabling the router's DHCP server.

I guess it could be cache somewhere. I do see requests from this mobile device on pihole's query log, but it's mostly allowed queries, and mostly from Google. There are very few blocked queries, that's why I see ads sometimes being blocked and sometimes not.

I'll restart the router, pihole and the devices and see if that helps.

Thanks.

1 Like

This is I think the issue with mobiles. I downloaded another android app to check which DNS servers are being used on the phone, and got all this crap which I don't even know where it comes from. 3 other DNS servers!

192.168.1.2 is the Pihole IP.

Those are DNS servers most likely received via IPv6 router advertisement (RA) or a DHCPv6 instance.
Those are usually hard to get rid of.
Check your router user manual if you can change those IPv6 RA settings or if you see any presence of DHCPv6?
Or else you could try disable IPv6 entirely on the router for the LAN side only.
Your clients dont really mind and also IPv6 is only a bit useful if your ISP supports IPv6 upstream:

Yeah exactly. Unfortunately my new ISP provides this router with some modified firmware version so you can change as little as possible, and that includes not being able to disable ipv6.

I'll call them to ask if they can disable ipv6 remotely. Otherwise I might just get another decent low cost router to use instead of the ISP', something which has support for custom firmwares.

Thanks for the info.

1 Like