Please follow the below template, it will help us to help you!
I have been successful in installing pi-hole. Kudos to the developers for doing a great job. My only concern is that my router (Netgear C7100) requires that I specify 3 different DNS servers, and none of them can be 0.0.0.0.
I have disabled the DHCP server on my router and have enabled it on my raspberry pi.
While I could create three different pi-hole servers, I’d rather use my raspberry pi’s for something else.
Expected Behaviour:
I need a solution for what to do when my router requires that I specify multiple DNS servers.
Actual Behaviour:
Ads are not getting blocked because I can’t specify only my raspberry pi as the DNS server.
Can you enter the same IP just three times? If not, take a look at virtual interfaces. You can add an arbitrary number of IP addresses to your Pi-hole!
Check out
Did you know that you can assign more that one IP address to a single physical network interface? This technique is quite useful, for example when working with Apache and virtual hosts, as it allows you to access same Apache server by using two different IP addresses. https://linuxconfig.org/configuring-virtual-network-interfaces-in-linux
When Pi-hole is acting as your DHCP server, it will distribute itself as local DNS server via DHCP, so there would commonly be no need to configure your router to use Pi-hole as upstream DNS server at all.
As soon as a client picks up a DHCP lease through Pi-hole, it will start using Pi-hole for DNS.
Clients manually configured with a static IPv4 address on device have to be configured to use Pi-hole for DNS also manually.
If you take care of the above, your router could use its default DNS servers as provided by your ISP.
Thanks @Bucking_Horn I was hoping this would be the case. Unfortunately, I am still getting ads on all my devices even when pi-hole is the DHCP server.
For example: my iPad has an IP address from pi-hole. I can check the DNS settings for my iPad for my home network and I can see that the DNS server is my pi-hole. However, when I go to cnn.com, I see an ad right at the top of the screen. I've set up four different ad lists (I don't think four are excessive) and one to block porn. It seems that my devices are not using the pi-hole as the DNS server or the pi-hole is not working properly.
Thanks @Coro That might be what I need to do, create virtual interfaces so I can fill in all three DNS entries. I cannot use the same IP address three times; the router won't let me.
Good, so it has renewed its lease with Pi-hole and is using it for DNS.
The client device OS as well as certain software as browsers may employ their own DNS caches, which could have them hold on to already known IP addresses from previous DNS lookups until the TTL for a domain expires.
Try if clearing those caches would change your observation. If unsure how to do this for a specific device or software, a restart of a device should take care of this.
If the issue still persists after clearing caches, try to find out which domains are serving the ads:
Note that Pi-hole as a DNS blocker can only block domains.
If a website would serve some of the ads from the same domain as its content, Pi-hole wouldn't be able to block it, unless you were willing to also forfeit the content.
So I’ve tried a number of different things—with some success.
I was able to create a few virtual network interfaces so that several IP addresses point to the same device (the Raspberry Pi with pi-hole installed). Using these IP addresses, I’ve configured my router.
I seem to have removed ads from my iPad, but not my Mac or my iPhone. I’ve checked to see if the iPhone and Mac have the correct DNS entries and they seem to have it correct. I’ve reset the cache and rebooted, but ads keep showing up. I’m baffled why this would work for one device and not another.
PS. The sites I use to test whether or not ads are getting blocked is either cnn.com or wunderground.com.
Since you've now verified that all your devices have acquired a DHCP lease through Pi-hole and DNS caches are flushed, your devices could by-pass Pi-hole via IPv6.
Check if nameserver IPv6 addresses returned by
scutil --dns
on your Mac would match your Pi-hole's IPv6 addresses.
You may find out about those by running the following command on your Pi-hole machine:
If IPv6 addresses don't match, it's likely your router still advertises its own IPv6 address as DNS server. In that case, you have to configure your router to stop it form doing so.
You'd have to consult your router's documentation on how to achieve this.
If your router doesn't support that, you could consider to disable IPv6 entirely on your router.
If that's also not possible, your clients will always be able to by-pass Pi-hole via IPv6.