PiHole refusing DNS queries

Pihole stopped serving DNS requests. I have no clue what is going on.
Edit: I have reverted PiHole to default values using pihole -r which helped, however, it puzzles me why pihole refused requests even with blocking disabled and no firewall.

pihole status
[�] DNS service is listening
[�] UDP (IPv4)
[�] TCP (IPv4)
[�] UDP (IPv6)
[�] TCP (IPv6)

[�] Pi-hole blocking is disabled

nslookup google.nl 1.1.1.1
Server: 1.1.1.1
Address: 1.1.1.1#53

Non-authoritative answer:
Name: google.nl
Address: 142.251.39.99
Name: google.nl
Address: 2a00:1450:400e:811::2003

nslookup google.nl localhost
Server: localhost
Address: ::1#53

** server can't find google.nl: REFUSED

sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

netstat -nlp | grep 53
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN -
tcp6 0 0 :::53 :::* LISTEN -
udp 0 0 0.0.0.0:53 0.0.0.0:* -
udp6 0 0 :::53 :::* -

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

I've discovered that this happens every time I change anything in Settings > DNS like e.g. uncheck * Never forward non-FQDN A and AAAA queries*. Checking the option back does not fix things, it stays as it was.

From reading some other threads, I understand that Refused is usually generated to prevent circular queries, but I have not investigated that.

Debug token

https://tricorder.pi-hole.net/UzLQpkkz/

I've just noticed that /etc/dnsmasq.d/01-pihole.conf gets changed, in particular, interface=eth0 is invalid since I'm using "predictable names".

Your Pi appears to have a network connectivity problem:

*** [ DIAGNOSING ]: Networking
[✗] No IPv4 address(es) found on the  interface.

[✗] No IPv6 address(es) found on the  interface.

[i] Default IPv4 gateway: 192.168.178.1
   * Pinging 192.168.178.1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] www.080644.com is 0.0.0.0 on lo (127.0.0.1)
[✗] Failed to resolve www.080644.com on enxb827eb5dd3fe (192.168.178.30)
[✗] Failed to resolve www.080644.com on wg0 (10.6.0.1)
[✓] doubleclick.com is 216.58.208.110 via a remote, public DNS server (8.8.8.8)

    PIHOLE_INTERFACE=enxb827eb5dd3fe
    IPV4_ADDRESS=192.168.178.30/24
    IPV6_ADDRESS=

Pi-hole is configured for the enxb... interface at that IP, but the interface does not appear to be connecting to the network. But, it has worked in the past 24 hours.

   [2021-11-25 18:16:56.319 9752M] Imported 11067 queries from the long-term database
   [2021-11-25 18:16:56.321 9752M]  -> Total DNS queries: 11067
   [2021-11-25 18:16:56.321 9752M]  -> Cached DNS queries: 2321
   [2021-11-25 18:16:56.321 9752M]  -> Forwarded DNS queries: 6408
   [2021-11-25 18:16:56.321 9752M]  -> Blocked DNS queries: 2257
   [2021-11-25 18:16:56.321 9752M]  -> Unknown DNS queries: 0
   [2021-11-25 18:16:56.322 9752M]  -> Unique domains: 1146
   [2021-11-25 18:16:56.322 9752M]  -> Unique clients: 6
   [2021-11-25 18:16:56.322 9752M]  -> Known forward destinations: 2

I'll check, but that is strange; it was the only interface through which I made those nslookup requests after all.

This is the diff I made before the changes via the web admin interface:

diff /etc/dnsmasq.d/01-pihole.conf{,.bak}
38c38,40
< interface=eth0
---
> server=1.1.1.1
> server=1.0.0.1
> interface=enxb827eb5dd3fe

So, the wrong interface name assigned by the web admin interface was the root cause.

Corrected the interface name and restarted pihole:

pihole restartdns
[✓] Restarting DNS server

pihole status
[✓] DNS service is listening
[✓] UDP (IPv4)
[✓] TCP (IPv4)
[✓] UDP (IPv6)
[✓] TCP (IPv6)

[✓] Pi-hole blocking is enabled

nslookup google.nl
Server: 62.179.104.196
Address: 62.179.104.196#53

Non-authoritative answer:
Name: google.nl
Address: 142.251.39.99
Name: google.nl
Address: 2a00:1450:400e:810::2003

nslookup google.nl ::1
Server: ::1
Address: ::1#53

Non-authoritative answer:
Name: google.nl
Address: 142.251.39.99
Name: google.nl
Address: 2a00:1450:400e:811::2003

I'm looking at the code right now and am trying to see where that "eth0" came from.

So, I have traced the requests going to the webpage.sh script and it looks like the culprit of the wrongly assigned interface is the /etc/pihole/setupVars.conf file, which is garbled:

WEBPASSWORD=(hashed-password)
CONDITIONAL_FORWARDING=false
DHCP_START=192.168.178.40
DHCP_END=192.168.178.254
DHCP_ROUTER=192.168.178.1
DHCP_LEASETIME=24
PIHOLE_DOMAIN=lan
DHCP_IPv6=true
DHCP_rapid_commit=true
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
DHCP_ACTIVE=false
ADMIN_EMAIL=
WEBUIBOXEDLAYOUT=boxed
WEBTHEME=default-light
BLOCKING_ENABLED=true
PIHOLE_INTERFACE=enxb827eb5dd3fe
IPV4_ADDRESS=192.168.178.30/24
IPV6_ADDRESS=
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
CACHE_SIZE=10000
DNSMASQ_LISTENING=single
PIHOLE_DNS_1=1.1.1.1
PIHOLE_DNS_2=1.0.0.1
PIHOLE_DNS_3=2606:4700:4700::1111
PIHOLE_DNS_4=2606:4700:4700::1001
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
REV_SERVER=false

This line in the middle causes the reading of the file to stop, which causes the interface to assume the default value (eth0).

Now the question is why the line appears in that file.

Maybe file system corruption? Did you have any power outages lately?

Not really, but I suspect that any corruption in that file will simply stay there indefinitely. So it might have appeared at one point and just stayed there.