Suddenly Some Ads Not Being Blocked (GoogleAdServices)

Seemingly overnight my default web page via Safari on MacOS is showing ads as if PiHole does not exist. I can see that PiHole (v5.11.4) (FTL V5.16.1) has an explicit blacklist entry for GoogleAdServices.com but the ad gets though anyway. This Mac directly references the pihole on it's IP address for DNS.

Pi_OS: Raspbian GNU/Linux 9.4 (stretch)
Pi-hole version is v5.11.4 (Latest: v5.15.5)
AdminLTE version is v5.13 (Latest: v5.18.4)
FTL version is v5.16.1 (Latest: v5.21)

Okay, I probably need to update the Raspian version.... but I wonder why this stopped working when the settings seem to be proper.

Thanks,

R

Have you enabled iCloud Private Relay? If so, this will result in Safari using a DNS server other than Pi-hole.

But, first let's check the DNS servers actually in use by your Mac. From the Mac terminal (and not via a ssh session to the Pi-hole host platform), what is the output of the following command?

scutil --dns | grep nameserver

And also from the MacOS terminal, what is the output of the following:

nslookup GoogleAdServices.com

Stretch has not been supported by either Debian/Raspbian or Pi-hole for quite a while now.

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

scutil --dns | grep nameserver
  nameserver[0] : 8.8.8.8
  nameserver[0] : 8.8.8.8
  nameserver[0] : 192.168.21.137
  nameserver[0] : 192.168.21.137
  nameserver[0] : 8.8.8.8
nslookup GoogleAdServices.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	GoogleAdServices.com
Address: 142.250.68.130

In System Preferences it shows "Private Relay (Beta) as unchecked.

Wow, you're so smart! :slight_smile:

I see the 8.8.8.8 of Google in play... that's unexpected. How do I force "192.168.21.137" only?

Thanks,

R

The Mac is not using Pi-hole alone. Check your DNS settings in the MacOS settings (or system preferences in older versions).

The Google DNS is likely being provided by your DHCP server. See my edit to my previous comment - please provide a debug token.

Here is the debug token:
https://tricorder.pi-hole.net/naXqRyKc/

Just found the culprit! I was connected to a VPN (used for remote admin of another network). After disconnecting I re-ran these commands:

scutil --dns | grep nameserver
nameserver[0] : 192.168.21.137
nameserver[0] : 192.168.21.137
nameserver[0] : 192.168.21.137

nslookup GoogleAdServices.com
Server: 192.168.21.137
Address: 192.168.21.137#53

Name: GoogleAdServices.com
Address: 0.0.0.0

I wonder how this leaked like this.....

R

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.