Expected Behaviour:
PiHole will block ads when connected via Ethernet to Virgin Router. Steve is the name given to the Virgin router model.
Pi has been set up, PiHole is installed and available. FIxed IP has been assigned by both the Pi and the Router.
Actual Behaviour:
Ads are not blocked. It would appear that Steve cannot use an internal PI for a DNS server. To test this, I set the primary DNS on the router as PiHole, and the secondary as Google DNS. I could browse the internet via a client but ads were not blocked, suggesting the primary DNS was failing or not working.
I then removed the secondary DNS entry (Google) and left only PiHole as the DNS for the router. I could not longer browse the Internet on my client.
I then reset the router to use Google DNS and manually set my client DNS to use PiHole, ads were now blocked on my client.
Hence, my assumption is that "Steve" routers from Virgin cannot use internal IPs for DNS.
Update
Steve is connected to a TP-Link Deco Mesh. I changed the Deco's from Access Point to Router mode, and told them to use PiHole as their DNS. Deco is, therefore, the DCHP server and all clients get an IP like this:
192.168.68.XX
The PiHole is connected to Steve and has the fixed IP:
192.168.2.192
When a client connects to the Deco network, there is no DNS resolution so it seems like Steve blocks DNS traffic within its local IP range.
Debug Token:
https://tricorder.pi-hole.net/ulfzkhpaxs
Surely your router is dodgy somehow, but allow me to doubt your latter conclusion - if it was right, your former observation would not be possible.
From that former observation, I'd conclude that your clients can use Pi-hole as DNS server, and Pi-hole is also successfully resolving DNS requests via one of its upstream DNS servers (whatever you did configure for that).
It is more likely that your TP-Link DHCP setup didn't work because you put its clients on a different subnet (192.168.68.0/24 vs. your router's 192.168.2.0/24). And unless you define proper routing rules, your router, your Pi-hole and your clients need to be on the same subnet.
It's also unclear if you did disable your router's DHCP when enabling DHCP on your TP-Link.
So let's start another attempt:
Disable your router's DHCP server and enable Pi-hole's. Make sure you define an IP range that falls into your router's network.
Be sure to dis- and reconnect or power-cycle your clients in order to make them request a new DHCP lease from your Pi-hole (instead of holding on to Steve's lease). Pick one client to start with for testing before you do so for the whole lot.
On a Windows client, the following command should then show your Pi-hole's IP address as DHCP server::
ipconfig /all | find /i "dhcp"
You could also run the following commands on a client:
nslookup flurry.com
nslookup flurry.com 80.241.218.68
Both commands should return 0.0.0.0.
Thanks Bucking_Horn, I ran a few more tests:
Case A
Connected PiHole directly to "Steve" via Ethernet. Set Steve to use PiHole for DNS. Rebooted Steve and my client connection. Unable to resolve any addresses e.g. Google.com from the client. Internet browsing isn't possible.
Case B
Changed Steve to use Google DNS. Manually set / force DNS on my client to use PiHole. Rebooted Steve and my client connection. This works, Ads are blocked and browsing the internet is possible. DNS in the client is reported as using PiHole.
Case C
Set Steve to use Google DNS. In this scenario, Steve will act as modem.
Changed TP Link Deco's to router mode (So they act as DCHP server) as opposed to their usual config as Access Points. Connected the TP Link system to Steve via Ethernet (For Internet access) Connect PiHole directly to the TP-Link ethernet.
TP Link network is 192.168.68.X. PiHole has a fixed IP on this network. Steve is the gateway and it's range is 192.168.2.X
TP Link network is set to use PiHole as it's DNS and it's gateway for internet access is 'Steve'
This configuration works as when connected to the TP Link system, Ads are blocked and browsing the internet is possible.
Therefore, unless I'm missing something, it would appear that "Steve" will not run DNS queries against a server in its own IP pool.