Ping google.com fails, nslookup google.com times out, otherwise fine

Exile · January 4, 2024, 6:45pm

If I specify a DNS provider when I try nslookup (nslookup google.com 1.1.1.1) then it works fine.

I was trying to install Tailscale but wasn't able to because tailscale.com couldn't be resolved. Pihole seems to be working fine otherwise. I haven't noticed problems with web browsing, streaming, torrenting and other downloading. I thought it might have been my upstream provider which was OpenDNS so I changed it to Cloudflare but the problem remains.

Details about my system:
I have Pihole installed a Pi Zero W running Bullseye, PI-HOLE V5.17.1 FTL V5.23 WEB INTERFACE V5.20.1

What I have changed since installing Pi-hole:
I installed PiVPN with Wireguard a few months ago but only used it a few times. I was trying to install Tailscale because my IP occasionally changes which breaks PiVPN.

CallMeCurious · January 4, 2024, 8:29pm

Not sure if I can help with this or not but the 1st step is some specific info.

What do you get when you do just nslookup google.com?

Exile · January 4, 2024, 10:14pm

;; connection timed out; no servers could be reached

CallMeCurious · January 4, 2024, 10:31pm

Does this show anything?"

nmcli dev show |grep -i dns

Exile · January 4, 2024, 10:58pm

I don't have NetworkManager installed and when I try to install it I just get errors

  Temporary failure resolving 'archive.raspberrypi.org'
Err:2 http://raspbian.raspberrypi.org/raspbian bullseye/main armhf dnsmasq-base armhf 2.85-1
  Temporary failure resolving 'raspbian.raspberrypi.org'
Err:3 http://raspbian.raspberrypi.org/raspbian bullseye/main armhf libmbim-glib4 armhf 1.24.6-0.1```

CallMeCurious · January 4, 2024, 11:02pm

What about "ip r" ?

Also,what is the IP of your Pihile? Can you ping it?

Exile · January 4, 2024, 11:23pm

default via 192.168.1.1 dev eth0 src 192.168.1.165 metric 202
10.216.105.0/24 dev wg0 proto kernel scope link src 10.216.105.1
192.168.1.0/24 dev eth0 proto dhcp scope link src 192.168.1.165 metric 202

PING 192.168.1.165 (192.168.1.165) 56(84) bytes of data.
64 bytes from 192.168.1.165: icmp_seq=1 ttl=64 time=0.371 ms
64 bytes from 192.168.1.165: icmp_seq=2 ttl=64 time=0.307 ms
64 bytes from 192.168.1.165: icmp_seq=3 ttl=64 time=0.314 ms
64 bytes from 192.168.1.165: icmp_seq=4 ttl=64 time=0.322 ms
64 bytes from 192.168.1.165: icmp_seq=5 ttl=64 time=0.236 ms
64 bytes from 192.168.1.165: icmp_seq=6 ttl=64 time=0.317 ms
64 bytes from 192.168.1.165: icmp_seq=7 ttl=64 time=0.321 ms
64 bytes from 192.168.1.165: icmp_seq=8 ttl=64 time=0.320 ms
64 bytes from 192.168.1.165: icmp_seq=9 ttl=64 time=0.323 ms

For that last one though it just kept going. I closed the ssh window when it got to icmp_seq=150

CallMeCurious · January 4, 2024, 11:36pm

Exile:

default via 192.168.1.1 dev eth0 src 192.168.1.165 metric 202
10.216.105.0/24 dev wg0 proto kernel scope link src 10.216.105.1
192.168.1.0/24 dev eth0 proto dhcp scope link src 192.168.1.165 metric 202

Why is there a 10.216.105.0/24 network and also a 192.168.1.0/24 network? What is the wg0? After looking at comments I'm guessign wiregaurd.

What does "cat /etc/resolv.conf" show?

Exile · January 5, 2024, 12:27am

You're correct, 10.216.105.0 is used by pivpn. wg0 is the Pi's wireless interface which I don't use, I have the Pi connected via ethernet. I didn't notice that when I installed pivpn.

What does "cat /etc/resolv.conf" show?

# Generated by resolvconf
nameserver 2600:4040:219c:bd00::1

CallMeCurious · January 5, 2024, 12:50am

Interesting that its only showing ipv6. Is this by design?

Mine as an example:
domain net
search net
nameserver 192.168.0.8
nameserver 0.0.0.0

Where 192.168.0.8 is my pihole.

So, what do you get when you do these commands:

dig -t aaaa google.com
dig -t a google.com

Exile · January 5, 2024, 1:09am

I don't remember choosing that. If given the option, I think I would have chosen both ipv4 and 6 if possible or just 4.

dig -t aaaa google.com

; <<>> DiG 9.16.44-Raspbian <<>> -t aaaa google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

dig -t a google.com

; <<>> DiG 9.16.44-Raspbian <<>> -t a google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

I wonder if I should try just uninstalling pivpn.

CallMeCurious · January 5, 2024, 1:14am

its not going to hurt. Now I'm curious if you can log into the pihole ( admin page) and what the settings / dns tab looks like.

Exile · January 5, 2024, 1:37am

If you mean the web portal http://192.168.1.165/admin/settings.php?tab=dns I have Cloudflare selected as my upstream DNS server with 2 ticks under ipv4 and none under ipv6. I think everything else should be whatever the defaults are. Under Interface Settings I have the Recommended Setting selected. Nothing is active under Potentially Dangerous Options. Under Advanced DNS Settings, I have Never forward non-FQDN A and AAAA queries ticked as well as Never forward reverse lookups for private IP ranges. Rate-Limiting is set to block clients making more than 1000 queries within 60 sec. Neither Use DNSSEC or Conditional Forwarding are activated.

CallMeCurious · January 5, 2024, 1:48am

just for info, what does arp x.x.x.x show from a client machine where x.x.x.x is the piholes IP

also, what disto / version is the pihole running?

Exile · January 5, 2024, 1:54am

Sorry, can you tell me where I would find that info?

PI-HOLE V5.17.1

CallMeCurious · January 5, 2024, 2:04am

For the Pihole use this for the actual distro your using (not pihole version ).
cat /etc/os-release

for a client you can open a terminal and run "arp x.x.x.x" where the x.x.x.x is the piholes IP. If your clients are all windows machines I'm not sure if it will work or not. Its not a big deal, its just a little confirmation if it happened to resolve your pi.hole name. Its seems like its something with your resolve.conf so the PI's os-release is more important.

Exile · January 5, 2024, 2:09am

PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"

arp

192.168.1.165 (192.168.1.165) -- no entry

Only one of the clients is a windows machine. The rest are iphone, ipad, a couple of TVs and Roku.

CallMeCurious · January 5, 2024, 2:17am

Good.

Whats the output of this command from the pihole?
dig example.org | grep SERVER

Exile · January 5, 2024, 2:22am

There's no output.

pi@raspberrypi:~ $ dig example.org | grep SERVER
pi@raspberrypi:~ $

CallMeCurious · January 5, 2024, 2:36am

ok, so that's not resolving either. Lets change your resolv.conf. I suspect any changes will be overwritten on a reboot but lets try.

first back it up with:
sudo cp /etc/resolv.conf resolv.conf.bak

Then edit the original using:

sudo nano /etc/resolv.conf
use control+k to delete the lines ( repeat as needed ).

copy and paste the following and change the nameserver 192.168.0.8 to the ip of the pihole and save and exit (I'm gonna assume your familiar with nano and how to edit.)

domain net
search net
nameserver 192.168.0.8
nameserver 0.0.0.0

Give it a minute and try to do an nslookup to see it works.