This is what your dashboard looks like with a Samsung TV


#1

Thanks, Pi Hole!


What Really Happens On Your Network? Redux
#2

Wow, that’s insane :astonished:.

Have you noticed that it’s ads being blocked or is it something you can’t visually see while using the TV?


#3

Hi,

yes, but it’s getting insane ONLY when some queries get blocked by pihole!
I have done many tests with my Samsung TV (F series) and came to the result, that it’s better not to block samungcloudsolution.com, otherwise the TV get’s crazy :wink:!
The other queries can be blocked, they are used for updates, the Smart TV stuff like Apps and some “interesting” user tracking.


#4

So far the TV works fine blocking everything Samsung and allowing Netflix and Amazon. Keep in mind that I do not have cable TV, and use the TV mostly for Kodi, Netflix, Amazon video, and gaming. So, I have actually never seen ads on the TV. I assume its tracking and checking for updates and obviously is programmed to retry thousands of times every time the TV is turned on. As I said, it has not effected my experience with the TV, but it does pretty much destroy my Pi Hole graphs – making all the other events nearly meaningless.


#5

Yeah, there’s often a fine line between blocking and breaking things.[quote=“frankrpi3, post:3, topic:3165”]
“interesting” user tracking
[/quote]

Yeah these big companies like to spy on people.


#6

It’s still excessive, but I guess big data doesn’t care–it’s fun to use Pi-hole to find out this kind of stuff though that Samsung obviously obscures from the user.


#7

They run a .net domain too samsungcloudsolution.net


#8

Oh yeah… I blacklisted about 20 addresses or more all with “Samsung” in the query.


#9

And these are only the querries that piHole can see. My experience with Roku Players and FireTV has been that these devices (or Apps running on them) sometimes use hardcoded IP addresses and may contact outside DNS servers trying to bypass pihole.


#10

I would love to understand how this happens. Is it like a VPN? As I notice my VPN connection bypasses Pi Hole and the computer is not listed on the dashboard.

If this is the case, that would make nothing secure. Anything could walk all over our security.


#11

Hi Muther,

I tried to stop my FireTV and Roku from updating itself by blacklisting the known update servers, but had limited success.
I captured network traffic and discovered that the device contacted a Google DNS Server (8.8.8.8 and 8.8.4.4) even though I hadn’t specified those DNS Servers.

So just because you specify a specific DNS Server (via DHCP or manual) doesn’t imply that the device will use the specified DNS Server for all DNS queries.

Some Operating Systems will bypass the specified DNS Server for certain queries. I think Windows 10 may be affected and may not use the DNS Server as specified for your VPN Tunnel (Open DNS).
The iOS OpenVPN App also has a Google DNS Fallback Option, whereas the VPN Client can use the Google DNS Servers (and potentially bypassing pihole).

On your LAN (&Wifi) you can hijack DNS Traffic and direct it to the pihole. I use pfSense to Hijack the DNS Traffic and point it to pihole.
This will ensure all DNS Traffic get forwarded to the pihole, even if a User or the Operating System try to override the DNS Server you’ve specified.


#12

Thank you for your detailed reply. I’ll have a look at pfSense to understand more. One would think that my router software (tp-link) would detect and monitor all traffic regardless of OS.