Temporary failure in name resolution


#1

Please follow the below template, it will help us to help you!

Expected Behaviour:

ping google.com should work

Actual Behaviour:

ping google.com ping: google.com: Temporary failure in name resolution

Debug Token:

Couldn’t upload to tricorder, so no token. Will post log in next message.

Details;
Raspberry Pi 2b, Raspbian stretch lite. Base install… pi-hole on top of latest stretch lite image (no apt-get upgrade… it kills the pi right now)

Observed behaviour: Switching the router (Tomato USB) to use the pi-hole as DNS kills the internet in the whole house…Makes sense when you know that the pi-hole can’t resolve domain names!


#2
This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations.  This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected.  Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2018-09-17:08:58:38 debug log has been initialized.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gddbdb51

*** [ DIAGNOSING ]: Web version
[i] Web: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gaf8c926

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)

*** [ DIAGNOSING ]: dnsmasq version
[i] 340:

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45

*** [ DIAGNOSING ]: php version
[i] 7.0.30

*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 9 (stretch)

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
[✓] armv7l

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
   192.168.9.5/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
   fe80::1157:4c17:bef6:ec79 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)

   ^ Please note that you may have more than one IP address listed.
   As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.9.1
   * Pinging 192.168.9.1...
[✓] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
*:22 sshd (IPv4)
*:22 sshd (IPv6)
*:80 lighttpd (IPv4)
*:80 lighttpd (IPv6)

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✗] Failed to resolve zhongtongbus.lk via localhost (127.0.0.1)
[✗] Failed to resolve zhongtongbus.lk via Pi-hole (192.168.9.5)
[✓] doubleclick.com is 172.217.14.206 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is inactive
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=192.168.9.5/24
    IPV6_ADDRESS=
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true
    DNSMASQ_LISTENING=single
    PIHOLE_DNS_1=8.8.8.8#53
    PIHOLE_DNS_2=8.8.4.4#53
    DNS_FQDN_REQUIRED=true
    DNS_BOGUS_PRIV=true
    DNSSEC=false
    CONDITIONAL_FORWARDING=false

*** [ DIAGNOSING ]: Dashboard and block page
[✓] Block page X-Header: X-Pi-hole: A black hole for Internet advertisements.
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3032506 Sep 16 03:43 /etc/pihole/gravity.list
   -----head of gravity.list------
   0.0.0.0
   0.r.msn.com
   0.start.bz
   000.0x1f4b0.com

   -----tail of gravity.list------
   zzz.clickbank.net
   zzzezeroe.fr
   zzzpooeaz-france.com
   zzzrtrcm2.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 root root 381 Sep 15 20:52 /etc/pihole/adlists.list
   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
   https://mirror1.malwaredomains.com/files/justdomains
   http://sysctl.org/cameleon/hosts
   https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
   https://hosts-file.net/ad_servers.txt

-rw-r--r-- 1 root root 40 Sep 16 03:43 /etc/pihole/local.list
   192.168.9.5 pi-hole
   192.168.9.5 pi.hole

-rw-r--r-- 1 root root 234 Sep 15 21:10 /etc/pihole/logrotate
   /var/log/pihole.log {
   	su root root
   	daily
   	copytruncate
   	rotate 5
   	compress
   	delaycompress
   	notifempty
   	nomail
   }
   /var/log/pihole-FTL.log {
   	su root root
   	weekly
   	copytruncate
   	rotate 3
   	compress
   	delaycompress
   	notifempty
   	nomail
   }

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1539 Sep 17 08:27 /etc/dnsmasq.d/01-pihole.conf
   addn-hosts=/etc/pihole/gravity.list
   addn-hosts=/etc/pihole/black.list
   addn-hosts=/etc/pihole/local.list
   localise-queries
   no-resolv
   cache-size=10000
   log-queries=extra
   log-facility=/var/log/pihole.log
   local-ttl=2
   log-async
   server=8.8.8.8
   server=8.8.4.4
   domain-needed
   bogus-priv
   interface=eth0

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3027 Sep 15 21:09 /etc/lighttpd/lighttpd.conf
   server.modules = (
   	"mod_access",
   	"mod_accesslog",
   	"mod_auth",
   	"mod_expire",
   	"mod_compress",
   	"mod_redirect",
   	"mod_setenv",
   	"mod_rewrite"
   )
   server.document-root        = "/var/www/html"
   server.error-handler-404    = "pihole/index.php"
   server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
   server.errorlog             = "/var/log/lighttpd/error.log"
   server.pid-file             = "/var/run/lighttpd.pid"
   server.username             = "www-data"
   server.groupname            = "www-data"
   server.port                 = 80
   accesslog.filename          = "/var/log/lighttpd/access.log"
   accesslog.format            = "%{%s}t|%V|%r|%s|%b"
   index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
   url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
   static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
   compress.cache-dir          = "/var/cache/lighttpd/compress/"
   compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
   include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
   include_shell "/usr/share/lighttpd/create-mime.assign.pl"
   include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"
' 2>/dev/null"
   $HTTP["url"] =~ "^/admin/" {
       
       setenv.add-response-header = (
           "X-Pi-hole" => "The Pi-hole Web interface is working!",
           "X-Frame-Options" => "DENY"
       )
       $HTTP["url"] =~ ".ttf$" {
           
           setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
       }
   }
   $HTTP["url"] =~ "^/admin/\.(.*)" {
        url.access-deny = ("")
   }
   include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1495 Sep 15 21:09 /etc/cron.d/pihole
   43 3   * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity
   00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
   @reboot root /usr/sbin/logrotate /etc/pihole/logrotate
   */10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
   2 15  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
   @reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 582 Sep 17 08:30 /var/log/lighttpd/error.log
   2018-09-15 21:05:02: (log.c.217) server started 
   2018-09-15 21:11:04: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-15 21:11:04: (log.c.217) server started 
   2018-09-15 21:23:20: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-15 21:23:52: (log.c.217) server started 
   2018-09-16 07:45:34: (log.c.217) server started 
   2018-09-16 10:10:14: (server.c.1828) server stopped by UID = 0 PID = 1 
   2018-09-16 10:10:40: (log.c.217) server started 
   2018-09-17 08:29:46: (server.c.1828) server stopped2018-09-17 08:30:24: (log.c.217) server started 

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 4054 Sep 17 08:30 /var/log/pihole-FTL.log
   -----head of pihole-FTL.log------
   [2018-09-17 08:22:17.014] ########## FTL started! ##########
   [2018-09-17 08:22:17.014] FTL branch: 
   [2018-09-17 08:22:17.015] FTL version: v4.0
   [2018-09-17 08:22:17.015] FTL commit: 8493df4
   [2018-09-17 08:22:17.015] FTL date: 2018-08-05 13:40:30 -0700
   [2018-09-17 08:22:17.015] FTL user: pihole
   [2018-09-17 08:22:17.015] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2018-09-17 08:22:17.015]    SOCKET_LISTENING: only local
   [2018-09-17 08:22:17.015]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2018-09-17 08:22:17.015]    MAXDBDAYS: max age for stored queries is 365 days
   [2018-09-17 08:22:17.015]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2018-09-17 08:22:17.016]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2018-09-17 08:22:17.016]    DBINTERVAL: saving to DB file every minute
   [2018-09-17 08:22:17.016]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2018-09-17 08:22:17.016]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2018-09-17 08:22:17.016]    PRIVACYLEVEL: Set to 0
   [2018-09-17 08:22:17.016]    IGNORE_LOCALHOST: Show queries from localhost
   [2018-09-17 08:22:17.016]    BLOCKINGMODE: Null IPs for blocked domains
   [2018-09-17 08:22:17.016]    REGEX_DEBUGMODE: Inactive
   [2018-09-17 08:22:17.016] Finished config file parsing
   [2018-09-17 08:22:17.017] INFO: No whitelist file found
   [2018-09-17 08:22:17.017] Compiled 0 Regex filters and -1 whitelisted domains in 0.2 msec (0 errors)
   [2018-09-17 08:22:17.019] Database successfully initialized
   [2018-09-17 08:22:17.020] Imported 0 queries from the long-term database
   [2018-09-17 08:22:17.020]  -> Total DNS queries: 0
   [2018-09-17 08:22:17.020]  -> Cached DNS queries: 0
   [2018-09-17 08:22:17.020]  -> Forwarded DNS queries: 0
   [2018-09-17 08:22:17.020]  -> Exactly blocked DNS queries: 0
   [2018-09-17 08:22:17.020]  -> Unknown DNS queries: 0
   [2018-09-17 08:22:17.021]  -> Unique domains: 0
   [2018-09-17 08:22:17.021]  -> Unique clients: 0
   [2018-09-17 08:22:17.021]  -> Known forward destinations: 0
   [2018-09-17 08:22:17.021] Successfully accessed setupVars.conf
   [2018-09-17 08:30:36.239] ########## FTL started! ##########
   [2018-09-17 08:30:36.241] FTL branch: 

   -----tail of pihole-FTL.log------
   [2018-09-17 08:22:17.021]  -> Known forward destinations: 0
   [2018-09-17 08:22:17.021] Successfully accessed setupVars.conf
   [2018-09-17 08:30:36.239] ########## FTL started! ##########
   [2018-09-17 08:30:36.241] FTL branch: 
   [2018-09-17 08:30:36.241] FTL version: v4.0
   [2018-09-17 08:30:36.241] FTL commit: 8493df4
   [2018-09-17 08:30:36.241] FTL date: 2018-08-05 13:40:30 -0700
   [2018-09-17 08:30:36.241] FTL user: pihole
   [2018-09-17 08:30:36.246] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2018-09-17 08:30:36.246]    SOCKET_LISTENING: only local
   [2018-09-17 08:30:36.247]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2018-09-17 08:30:36.247]    MAXDBDAYS: max age for stored queries is 365 days
   [2018-09-17 08:30:36.247]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2018-09-17 08:30:36.247]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2018-09-17 08:30:36.247]    DBINTERVAL: saving to DB file every minute
   [2018-09-17 08:30:36.247]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2018-09-17 08:30:36.247]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2018-09-17 08:30:36.247]    PRIVACYLEVEL: Set to 0
   [2018-09-17 08:30:36.247]    IGNORE_LOCALHOST: Show queries from localhost
   [2018-09-17 08:30:36.247]    BLOCKINGMODE: Null IPs for blocked domains
   [2018-09-17 08:30:36.248]    REGEX_DEBUGMODE: Inactive
   [2018-09-17 08:30:36.248] Finished config file parsing
   [2018-09-17 08:30:36.248] INFO: No whitelist file found
   [2018-09-17 08:30:36.248] Compiled 0 Regex filters and -1 whitelisted domains in 0.3 msec (0 errors)
   [2018-09-17 08:30:36.318] Database successfully initialized
   [2018-09-17 08:30:36.326] Imported 0 queries from the long-term database
   [2018-09-17 08:30:36.327]  -> Total DNS queries: 0
   [2018-09-17 08:30:36.327]  -> Cached DNS queries: 0
   [2018-09-17 08:30:36.327]  -> Forwarded DNS queries: 0
   [2018-09-17 08:30:36.327]  -> Exactly blocked DNS queries: 0
   [2018-09-17 08:30:36.327]  -> Unknown DNS queries: 0
   [2018-09-17 08:30:36.327]  -> Unique domains: 0
   [2018-09-17 08:30:36.327]  -> Unique clients: 0
   [2018-09-17 08:30:36.327]  -> Known forward destinations: 0
   [2018-09-17 08:30:36.328] Successfully accessed setupVars.conf

*** [ DIAGNOSING ]: Locale
    LANG=

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 0 Sep 17 08:29 /var/log/pihole.log
   -----head of pihole.log------


********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **

    * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
    * For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
    * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[i] Debug script running in automated mode
    * Using openssl for transmission.
[✗]  There was an error uploading your debug log.
   * Please try again or contact the Pi-hole team for assistance.
   * A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log

#3

It look like you are running a dnsmasq service besides pihole.

If so kill the separate dnsmasq and restart pihole.


#4

Does this mean I can’t use my router for DHCP and have to use pi-hole?


#5

DNSmasq is built-in pihole-FTL 4.x


#6

Ok, so it’s an all-or-nothing situation, right? I HAVE to use pi-hole as DHCP server if I want to use it as DNS?


#7

Then I have to ask you again. Do have DNSmasq installed on your router?


#8

Answer: Yes, dnsmasq is on my router.

But I have to ask my question a 3rd time… Does this mean I MUST use pi-hole as both DHCP and DNS server or can I just use it as DNS?

I will try method 2 from this document: How do I configure my devices to use pi-hole as their DNS server

I used method 1, and just changed the DNS server in TomatoUSB to the pi-hole server. Notice that in the screenshot on that page, “Use DNSMasq for DHCP” is CHECKED. This option appears to allow DNSMasq to continue to function as DHCP server, so that’s what I was going for. I will try method 2, which tells dnsmasq to use pi-hole as the DNS server.

What I’m not clear on is that I then have to configure pi-hole to use my router as the upstream DNS server, but my router thinks that pi-hole is the DNS server… This seems like a circular reference to me…


#9

Router have their own DHCP servers so no link for me to DNSmasq

I HAVE to use pi-hole as DHCP server if I want to use it as DNS?

No that is not the case and it can perfectly be used as only a DNS server

Concluding. Disable the separate running DNSmasq and trust that Pi-hole will do DHCP and DNS.

The document you are referring to is from pre Pi-hole 4.x and since 4.x DNSmasq is integrated in Pi-hole…did I write this for the second time. :wink:


#10

No that is not the case and it can perfectly be used as only a DNS server

Disable the separate running DNSmasq and trust that Pi-hole will do DHCP and DNS

Sorry mate - I know you’re trying to help, but I just don’t see how “it can be perfectly used as only a DNS server” and “trust that Pi-hole will do DHCP and DNS” are an answer.

If it’s perfectly used as only a DNS server, then why are you telling me to let it do DHCP? I really don’t want to reconfigure all my address reservations, and if this doesn’t solve the problem, then my network is completely hooped until I get DHCP back to the router. If it’s only DNS then, I can switch the DNS servers back to google on my router without too much hassle.

I’m trying pi-hole out, but I just can’t afford to take the network down for hours at a time. Two teenage kids and a wife make for some serious grief if the network is down for more than few minutes.

Besides, “it can perfectly be used as only a DNS server” - so why don’t you want to help me do that?

Not sure if you wrote that for the 2nd time because we’ve gone back and forth a lot without moving anything forward. Let’s just close this off and I’ll go see if I can solve the problem myself.

Thanks for trying to help - I really do appreciate it.


#11

You started about DHCP so I had to keep that also in mind.

I wish much luck because I can’t help you any further.


#12

No. You can’t run dnsmasq process separately on the Pi that hosts Pi-Hole. pihole-FTL uses port 53, and if dnsmasq is running on the Pi, then pihole-FTL cannot start, as is shown in your debug log.

You can use Pi-Hole as your DNS server without using it as your DHCP server (I would suspect this is how most users have it configured).

dnsmasq running on your router only affects how the router does it’s own DNS routing, not how the Pi behaves.

This is not the case. Most users use one of the commercial third party DNS servers (8 options provided on the admin GUI).

With this setup (the two items above), the router does all the DHCP serving, and the Pi-Hole does all the DNS resolving.


#13

Ok, problem solved… and as expected, it was pilot error.

TomatoUSB (I’m using the Shibby fork) has a switch to intercept DNS (port 53), whether or not an application tries to resolve names directly (Netflix). This switch was ON for me, and as soon as I unchecked that and saved the settings in the router, everything was off to the races.

I’m assuming that pi-hole intercepts port 53, which means applications can TRY to resolve directly to 8.8.8.8, but those requests will be intercepted and passed to pi.hole first, then sent upstream for resolution.

I know it’s off topic here, but curious if that’s indeed the case.

Thanks to msatter and jfb for trying to solve my stupidity, it was appreciated.


#14

Ok, so that wasn’t quite right… pi-hole won’t capture port 53 (or at least not out of the box), so I was hoping the router would capture all port 53 requests and send to the DNS server (pi-hole), but it seems that doesn’t work… perhaps because pi-hole is inside the router’s subnet?

Currently:

               modem: LAN 192.168.y.1
 router: WAN 192.168.y.9          
         LAN 192.168.x.1
. 
  devices in the LAN (192.168.x.XXX)
      incl pi-hole: 192.168.x.4

If I move the pi-hole upstream from the router thusly:

               modem: LAN 192.168.y.1
 router: WAN 192.168.y.9          pi-hole: 192.168.y.4
         LAN 192.168.x.1
.
  devices in the LAN (192.168.x.XXX)

Would that allow the router to capture port 53, then send the request up 1 subnet to the pi-hole?


#15

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.