PiHole not working on local network

Help Community Help
1

Expected Behaviour:

PiHole answering DNS queries on local netowrk

Raspberry Pi 3B+ ethernet wired to router Bbox 6 Bouygues (french ISP).
No DHCP configured (DNS manually specified on devices).
Wireguard installed.
Everything up to date.
PiHole/Raspberry local IP: 192.168.1.54.
Using Cloudflare's DNS.
PiHole listens on all interfaces.

Actual Behaviour:

No response from PiHole to DNS queries when using my local network, regardless of the device I'm using.
When looking on the query logs, PiHole doesn't seem to receive the DNS query. On wireshark, I clearly see my PC sending the request to my Raspberry's IP

However, it works when using PiHole as DNS for my Wireguard VPN (so I have a functional PiHole on the go).

Debug Token:

https://tricorder.pi-hole.net/alg2xvplo8
alg2xvplo8
I can provide any needed information for help.

Thank you very much in advance.

2

In the debug log, this test failed (and also failed for IPv6):

[✗] Failed to resolve serdex.cl via Pi-hole (192.168.1.54)

This indicates that port 53 traffic is not being routed to this IP. Check both your Pi and router for any firewall rules that may be blocking this traffic (and on the router, check for DNS rebind protection).

3

Oh, you're right.

I forgot to enable back this rule on my router.

Capture d’écran 2020-09-20 182953
Capture d’écran 2020-09-20 1829531193×455 10.8 KB

Is my router having some bugs ? I'm not aware of any DNS rebind protection on my router.

But it doesn't solve the issue.
I ran another pihole -d and PiHole still can't resolve when using 192.168.1.54
I can access 192.168.1.54 from any web browser.

How can I check if there's a firewall rule blocking traffic on the Pi ?
On /etc/iptables/rules.v4 here's what I have:

# Generated by xtables-save v1.8.2 on Mon Jul 13 17:51:19 2020
*filter
:INPUT ACCEPT [29563:40876340]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4692:378361]
COMMIT
# Completed on Mon Jul 13 17:51:19 2020
# Generated by xtables-save v1.8.2 on Mon Jul 13 17:51:19 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 10.6.0.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
COMMIT
# Completed on Mon Jul 13 17:51:19 2020

New PihHole -d:
https://tricorder.pi-hole.net/0q58hsjhiy
0q58hsjhiy

4

Your problem is with traffic on port 53 (DNS) and not with port 80 (http).

5

Alright, but why would port 80 or 22 for SSH be correctly redirected and not port 53 ?

I tried to modify ports on the filter but PiHole stills doesn't receive queries

# Generated by xtables-save v1.8.2 on Mon Jul 13 17:51:19 2020
*filter
:INPUT ACCEPT [**0**:40876340]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [**0**:378361]
COMMIT
# Completed on Mon Jul 13 17:51:19 2020
# Generated by xtables-save v1.8.2 on Mon Jul 13 17:51:19 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 10.6.0.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
COMMIT
# Completed on Mon Jul 13 17:51:19 2020
6

Problem solved by a complete reinstall of Raspbian, PiHole and Wireguard (via PiVPN).

7

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.