Router died, modem + pihole = slow?

Expected Behaviour:

The modem should be able to handle everyday traffic via pihole . Its not like I am asking it to query hundreds of millions of requests on massive files.

Actual Behaviour:

I have a ActionTec modem that has dual band wifi routing capabilities. I used to have an asuse r6400 but that thing literally fell over and died last week. So I just changed the modem from pass through mode to router, set the dns to point to my piHole @ 10.0.0.30 as static and let er rip. Yes I know 192.168.x.x is the norm but I vpn to a 192.168.x.x for work and this just makes things work at less of a hassle.

Instead of very quick internet like I did using the modem in passthrough, I am getting massive lag spokes and a very slow pihole update. Sometimes websites take a minute+ to load, other times its about 10 seconds (not terrible but it used to be seamless browsing). Updates for the ph used to take about 30 seconds, now I am lucky if it is complete in under 5 minutes. Yes I konw I am running a larger amount of domains to block (about 1.3m), it still didnt start slowing down my internet until I took the r6400 out of the picture.

Long story short I am pretty low on cash so I would prefer to not go out and buy another router, but I feel like this may be the case that somewhere somehow the modem just wont handle the pi.

Debug Token:

[✓] Your debug token is: ggggvm37yw

Do you experience the same when you remove Pi-hole from the equation ?

Blah I was in a rush this morning and forgot to add: once I disable pihole it speeds back up.

Can you try below solution and disable the DHCP server on the modem ?
It will make sure your modem is bypassed for any DNS queries from the clients.

Yup I just did it. Going to reset everything and give it a whirl. Ill report back in a little bit but I fail to see how this will do any good.

Just reloaded the pi and ran a quick update, its still taking forever to update the lists. Websites are still on the laggy side but I havent had time to run a game to see if I get the massive spikes or not. The rate at which its querying also seems slow.

The router/modem is no longer forwarding anything to my pi, I can't even ping it anymore

Alright this is the last update until somebody provides me with a new idea because I am all out.

The router/modem pos that I have right now wont allow a remote dhcp server unless its put into passthrough mode (I think). When I removed dhcp from the modem and applied it to pihole,everything worked as intended until I had to flush the cache of my machines. When I did that, the wifi refused to provide an ip address. If I statically assigned an IP, it worked kind of. It then refused to pass the DNS queries through to the pihole. I sniffed the traffic and saw zero dns traffic after the router/modem going to the pi even though from ifconfig on the pi gave me 10.0.0.30/27 and the static route for the router/modem was 10.0.0.30/32 for the.

Well in order to run the modem via passthrough mode I need another sort of firewall which I do not have right now. I dont trust my 2960 to do the job.

DHCP is separate from what the gateway (router) does. The gateway does not need to allow a DHCP server to exist or anything, it just exists and hands out IP addresses and network information. Try setting Pi-hole to only use external DNS servers and only use Pi-hole for DHCP. If the router works correctly, you should be able to have devices connect to the network using the DHCP server, resolve domains through Pi-hole, and connect to the internet through the gateway.

Yes I understand this and that's what I'm doing. Things just are crapping out in the middle somewhere.

What I did is this:
Setup my modem to use the 10.0.0.1 ip, router is .2. set the pihole to use the .1 as gateway and static to 10.0.0.30, disconnected all devices, disabled dhcp on the modern and set dns to .30, enabled dhcp on the pi, and connected to the network. No internet. Flush cache and same, no net.

The range of IPs I have set is 1-31, I only have it giving out 10-30

You haven't told us why you use two routers/modems ?
If its just for the Wifi capabilities of the ActionTec modem, you shouldn't configure the ActionTec IP (10.0.0.1) as default gateway for the clients but instead use the ISP provided router IP address (10.0.0.2) as a gateway for the clients (as it seems they are all on the same subnet 10.0.0.0/??? ).

And when activating Pi-hole's DHCP service, are you sure the DHCP server on the ISP provided modem and the ActionTec modem are disabled ?
You cant have multiple DHCP servers active on the same network segment.

Try reverting back to a working setup without Pi-hole and on one of your clients, manually configure the DNS server (not aquire through DHCP) for this client to be Pi-hole's IP address and dont configure a secondary DNS ?
You can test DNS name resolution and connectivity by running below one on the client PC (can be Linux, Windows or Mac client):

nslookup pi.hole <PIHOLE_IP_ADDRESS>

If on the client PC, the DNS server is configured correctly, below one should resemble above nslookup if leave out the "<PIHOLE_IP_ADDRESS>" bit:

nslookup pi.hole

Here an example on one of my clients with 10.0.0.2 being my Pi-hole IP:

C:\>nslookup pi.hole
Server:  noads.dehakkelaar.nl
Address:  10.0.0.2

Name:    pi.hole
Address:  10.0.0.2

Ok let's start over here, I'm even starting to get confused. I guess I am just more frustrated over everything breaking I cant even ask for help properly.

pihole = 10.0.0.30
r6400 (personal) 10.0.0.2 = router [DEAD]
t3200 (isp) 10.0.0.1 = modem

Yesterday I thought I fixed my router but thats not the case. Long story short I am stuck with the modem until I go out and buy a second router. Your question of why is because these things are not great. Their throughput is kind of on the lower side even though it claims to be 10/100/1000 I still notice a bottleneck. Streaming videos is much better / faster / less buffering when I take the wifi out of the picture from the modem and I used the router.

So back to the very first post... I have my devices all on a 10.0.0.x/27. The original modem ip was 192.168.0.1 but that is causing issues when I vpn into my work so I changed it. It is now going to be 10.0.0.1, I am going to block out 2-10 and 30 for static ips ( for my 2960s and other stuff I practice on and 31 is broadcast). My pihole has a static ip of 10.0.0.30.

Now to the issue as you suggested I move DHCP to the pihole, once I do that there is no way to get an ip via wifi unless I statically assign it. After I do that the modem refuses to send dns requests to the pi even though its statically set to .30 and my pi has a route to .1 as the gateway (I think its called the gateway in the gui). I have a blacklist of like 1.3m domains. I intentionally run websites that are on the list and they just hang, no screen comes up says its blocked it just times out. The counts for blocked sites also goes up very slowly. I think after letting it run all day it was blocking less than 1% of traffic (when it used to be in the ~50% range before my router went),

Your next couple of questions.
Yes ALL dhcp was disabled except the one on the pi.
Yes I ran nslookup.
Yes it displayed correctly but still wasnt forwarding the dns.

I probably missed something. Do you hang out on irc at all? I have now removed the pi from everything and the wifi no longer hangs but now I an no longer block (obviously).

Aha that bit confused me ... dont ever mention that r6400 router again !!!
RIP in silicon heaven

Have you tried reverting back to before without Pi-hole when you didnt had "massive lag spokes" and do the below:

See if "massive lag spokes" occur again ?
And just to be sure, what upstream DNS server(s) have you selected/configured in Pi-hole ?

I think youre referring to statically settings a DNS for each mahine? That is (for my network) assign it to 10.0.0.30 and allow the modem to stay as default? I can give that a shot if I understand correctly.

I have cloudflare set as my DNS. Always have, I think I may try setting my dns to that via my modem and let that go for a bit to see if that causes lag before I bring the pi back into the world =).

And yeah I know "massive lag spOkes" sounds crazy but when I played games my latency would go from 50-80 to 1k+ for a minute then come back down. The pi would take 5+ minutes to update, websites would load 1/2 way then pause for a bit... etc etc etc.

But back to my origional question deHakkelaar - is there any debug command on the pi to run to see whats going on and if theres any retires? To me it makes sense with the webpages and could lead to the correct resolution via rabbit holes.

For diagnosing first, apply on the client thats troubled the most.

Nothing wrong selecting different upstream for diagnosing.

Bit hard as not sure yet whats going on but there is always the Pi-hole logs:

pihole -t

I knew about pihole -t... Doesnt show me much to whats going on. I also checked out dmesg to see if its a sdcard issue with no useful information.

Moved the modem to 1.1.1.1 as primary dns, secondary dns is also cf at 1.0.0.1. So far no issues. I think I have got to the point where its narrowed down to the pi.

Hey,

Looks like in your modem should reserve an IP address for your rpi. Generally I would always reserve over statically assigning it on the device. Here is how I did that on the xfinity gateway.

pi_ipaddr_static715×473 17 KB

So now, assuming your starting fresh with a fresh install Rasbian, go ahead and install pihole. After that you just assign the dns to your devices. There are a couple ways to do that found here

You will start to run into problems acquiring the DNS server if you do not flush you devices DHCP cache properly. In windows I disable and turn back on the adapter in the adapter options for the network. But for any device just rebooting will give you the new DNS. Keep in mind there's nothing wrong with using your modems DHCP server. Unless there are features on the pihole DHCP you need, stick with your modems defaults!

After you get that running you can still use cloudflare's DNS before cascading to the pihole DNS.

pi_ipaddr1389×648 79 KB

Yup. Done all this. The issue is something within the pi....

I'm going to post another debug token when I get home. These suggestions really aren't doing anything unfortunately. Hopefully we can get this resolved.