Just a quick question regarding the recent iOS update. Until this current version (of IOS not pihole) the blocking of the domain for Apple's private relay has worked wonderfully so that I can still use it on other networks, but take advantage of blocking while at home.
Recently, however, I have been getting an error in Safari that says: "Safari can't connect to iCloud
Private Relay". Anyone else run into this issue?
Btw this is not a pihole issue at all, just a general question for users of Apple products. I apologize if this is posted in the wrong place, and will be willing to move it if need be.
Are you still seeing reference to the mask or mask-h2 icloud "special domain" from your iOS device blocked in the Query Log (or recently when checking long-term data)? If so, that indicates that the device is correctly receiving the signal that Private Relay is not available on your network.
The message you describe hints at the device not receiving that signal and so trying and failing to use Private Relay. Worth double-checking the behaviour on the mobile network and confirming that Private Relay works and is available and enabled on your iCloud+ account as a baseline.
Then, back on your wifi network, check for the "special domain" in Pi-hole and confirm that it is indeed blocked and observe any new device behaviour. If the blocked domain it is not appearing, do you have a VPN profile enabled perhaps that would be diverting it away from Pi-hole? If it is appeaing then iOS should know not to use Private Relay, so perhaps a recent iOS update has changed the logic, or has a bug, behind how this is handled.
I'm on an older iOS and don't sub to iCloud+ anyway so can't delve any further unfortunately but hopefully someone else can do.
