I'm using pihole on a Raspberry Pi 3 Model B with Arch installed. I'm using my Router (Fritz!Box) as my IPv4 upstream DNS Resolver in the pihole settings. I haven't specified an other upstream DNS resolver.
I'm testing pihole with a windows client and set there manually the ipv4 and ipv6 of my local Raspberry Pi as the only DNS resolver and having the following issues. I read about the problems but I'm not able to fix them.
Pi-hole version is 3.2.1 (Latest: v3.2.1)
AdminLTE version is 3.2.1 (Latest: v3.2.1)
FTL version is v2.13.2 (Latest: v2.13.2)
"DNS resolutions is not available" if I'm using pihole -g or the web ui. I read about the bug so here is my resolv.conf
//# This file is managed by man:systemd-resolved(8). Do not edit.
//#
//# This is a dynamic resolv.conf file for connecting local clients directly to
//# all known uplink DNS servers. This file lists all configured search domains.
//#
//# Third party programs must not access this file directly, but only through the
//# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
//# replace this symlink by a static file or a different symlink.
//#
//# See man:systemd-resolved.service(8) for details about the supported modes of
//# operation for /etc/resolv.conf.
Yesterday I could fix the problem with adding nameserver 127.0.0.1 but today it's not working.
I'm having slow loading times on pages like heise.de. Other users had the same problem but i was not able to try their solutions because i couldn't use pihole -g. I was mostly connected with IPv6 or https issues. Therefore i updated the IPv6 global address in /etc/pihole/setVars.conf which was outdated and checked iptables. I also disabled ip(6)tables but this didn't resolve the problem. My current firewall settings are:
I'm new to iptables and pihole so please be patient if i have done something wrong slight_smile:
I tried to create a debug token or debug log but pihole -d doesn't exists.
Check if the "nameserver 127.0.0.1" is still there.
This "resolv.conf" file is often managed by other software that can overwrite these settings.
I dont know about "Arch" but with Raspbian/Debian, the "resolv.conf" file is being populated through dhcpcd5, the "static domain_name_servers=" bit:
Yes nameserver 127.0.0.1 is still the only entry in resolv.conf.
pihole -g doesn't work because the DNS Problem => so depends on Problem #1
Error is:
[✗] DNS resolution is currently unavailable
[✗] DNS resolution is not available
@Mcat12 is there a option to debug pihole on arch linux or is there a log file that contains information about the issues?
i got pihole -g working again. The issue seems still to be the nameserver entries but i comment them wrong.
I uses in hurry #nameserver 192.168.10.1 but it seems to be that there must be a blank after the '#' or at leat the nameserver 127.0.0.1 at the top of the file.
I asked again about a debug option because i though of a log file that contains valuable information about such issues.
Anyway here is the output of the commands:
pi@raspberry~> timeout 1 getent hosts pi.hole
pi@raspberry~> timeout 1 getent hosts raw.githubusercontent.com
151.101.112.133 github.map.fastly.net
pi@raspberry~> timeout 1 dig +short pi.hole
192.168.10.10
pi@raspberry~> timeout 1 dig +short raw.githubusercontent.com github.map.fastly.net.
151.101.112.133
pi@raspberry~>
After getting pihole -g i tried this possible solution:
SSH into the Pi Hole server
Run ifconfig to get the IPv6 address (global, not local)
sudo nano /etc/pihole/setupVars.conf
Change IPV6_ADDRESS to the address from step 2
Run pihole -g
Log into routers settings
Update the IPv6 DNS server to the new address
Restart the Pi Hole server
Restart the router
Joy
I was clearly to tired yesterday evening. I wanted to point out that havn't configured a IPv6 DNS Resolver. IPv4 Upstream Resolver is my router. So i wannted to ask if the missing IPv6 Resolver is a problem.
I would like to set my router as IPv6 Upstream Resolver too but I'm not sure which ipv6 address the router dns has because the default gatway ipv6 address is different from the dns server ipv6 address provided by in or by routers dhcp settings (default value)
If you have IPv6 internet access, then you should configure the router with Pi-hole's IPv6 address (and make sure Pi-hole is using IPv6). As for finding the IPv6 address of the router, Google will help you .
Finding the IPv6 isn't the issue. My router has nothing to do with which device will get pihole. I'm setting the dns v4 & v6 resolvers manually on each device. The thing is / was the Upstream DNS from pihole to the router: Is there a IPv6 resolver needed/essentiell? My router seems to habe two ipv6 adresses one as default gateway and one for the dns server. That was the issue why i havn't just used one. I wasn't sure which on was the right one.
But anyway: Sites like heise or youtube ads are now loading faster but still not as fast as without pihole. In Firefox the site loads around 10 to 15 seconds but displays the actual content after 1-2 seconds. In Edge loading is done after 2 seconds. Chrome is much worse. I get the first content after 15 seconds. So there is still an issue.
If i change IPv4 and IPv6 in SetupVars.conf to 0.0.0.0 and 0:0:... Firefox loading times are equal to Edge and only take 1-2 seconds. (I habe disabled all addons in FF) But is redirecting the queries to "null" intended?
Since DNS can go over IPv4 or IPv6 for any request, it does not matter if you have an IPv6 upstream or not. You can use the "null" option if you want (that is what is set when the web interface is not installed), but you might get warnings in place of ads on the page. You can try benchmarking the DNS to see if it's a DNS issue or perhaps an issue with your router/network.
I analyzed the long loading times today with wireshark. It's not an issue with IPv4 or IPv6 and even normal DNS lookup requests from windows with nslookup are fast.
The issues are https request to the raspberry pi (192.168.10.10) which are getting rejected with TCP rest as recommended at another topic if you use the pi-hole ip as the black hole. On pages like heise.de there a a lot of them. Below is a image of the wireshark capture. If i use the "null" service there are of course no such requests and therefore no such long loading times.
That is expected and also correct. The browser is immediately informed that the connection cannot succeed and stops trying to load that specific content. It looks exactly the same for me but then I see no long loading times. How about a screenshot from the Networkings tab from your Developer Tools of your browser? It should show which domain is still expected to arrive and you can have a look if this particular connection was reset.
@Mcat12 It has one, but a positive one: immediate closing of the connection instead of eventual timeout
Hi,
here is a screenshot of google chrome network tab after loading heise.de.
The long loading domains are pi-holed domains like https://script.ioam.de/iam.js.
Here is another screenshot of the network tab. For this one i changed the IPv4 and IPv6 of SetupVars.conf to "null" again. As you can see the same long loading request are now the fastest ones.
I had similair issues in the past with pihole -g
Added nameserver 8.8.8.8 above nameserver 127.0.0.1 in resolve.conf helped.
It will be overwritten later, but pihole -g works at least 1 time.
Your fritzbox: native ip6 ?....Does if have ipv6 dhcp enabled? What ipv6 DNS server is it telling the clients?