UDP DNS reply: Timeout - no response from upstream DNS server

Gielpy · June 30, 2025, 11:34pm

Expected Behaviour:

I have recently started a fresh v6 install on a fresh bookworm image.

Pihole installation seems to go just fine, and I'm manually assigning the pihole as DNS server to some of my devices. As soon as I save those details, no connections go through.

Actual Behaviour:

Here's what the pihole query log shows: https://imgur.com/XNkQu1h
Update: I've changed this cloudflare and there's no change in behavior.

I've tried changing between various DNS providers but it doesn't change the result: "No reply received".

Here's the FTL log: https://imgur.com/GANqVTG

, where it also says there's no response from the upstream DNS server.

There was also a brief moment of hope when I found this thread (https://www.reddit.com/r/pihole/comments/1islibw/ntp_error_after_pihole_v6_update/) as I thought an NTP error was causing issues; my router is set for US west coast time manually, so I thought the pihole trying to force a different time was the issue. However, unchecking ntp.ipv4.active and the other settings didn't fix it.

Any help to get this back up and running would be appreciated. I think my situation may be similar to what is described here: DNS does not resolve for UDP - #3 by petergeelhoed
but I'm not sure what I should try to resolve any potential network issues should this round of pihole debugging not succeed.

Debug Token:

https://tricorder.pi-hole.net/WiBjMPxy/

Thank you!!

Bucking_Horn · July 1, 2025, 6:08am

Your debug log shows Pi-hole to be operational, but it cannot communicate with public DNS servers:

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] www.olx.pl-oferta2320592.shop is NOERROR on lo (127.0.0.1)
[✓] www.olx.pl-oferta2320592.shop is NOERROR on eth0 (192.168.1.86)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)

Run from your Pi-hole machine, please share the output of:

nslookup discourse.pi-hole.net

nslookup discourse.pi-hole.net 8.8.8.8

Gielpy · July 1, 2025, 8:18pm

Thanks for the response. Here are the outputs from my Pi-hole machine:

nslookup discourse.pi-hole.net
Server: 192.168.1.254
Address: 192.168.1.254#53

Non-authoritative answer:
Name: discourse.pi-hole.net
Address: 157.180.42.82

nslookup discourse.pi-hole.net 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: discourse.pi-hole.net
Address: 157.180.42.82

7/5/25: I tried adding OpenDNS and Cloudflare in addition to GoogleDNS with no change in effect.

deHakkelaar · July 6, 2025, 1:30am

And below from above failed attempt?

nslookup doubleclick.com 8.8.8.8

Gielpy · July 6, 2025, 1:47am

Here you go:

nslookup doubleclick.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: doubleclick.com
Address: 192.178.164.101
Name: doubleclick.com
Address: 192.178.164.113
Name: doubleclick.com
Address: 192.178.164.138
Name: doubleclick.com
Address: 192.178.164.139
Name: doubleclick.com
Address: 192.178.164.100
Name: doubleclick.com
Address: 192.178.164.102
Name: doubleclick.com
Address: 2607:f8b0:4023:2009::65
Name: doubleclick.com
Address: 2607:f8b0:4023:2009::8a
Name: doubleclick.com
Address: 2607:f8b0:4023:2009::66
Name: doubleclick.com
Address: 2607:f8b0:4023:2009::71

Gielpy · July 7, 2025, 4:54pm

I went ahead and tried a different workaround: booting up a different PC with a brand new Ubuntu install, then installing pi-hole. No difference in result, I'm still getting no response from the upstream DNS server.
Part of me thinks it's my router but it worked just fine with my pi-hole back on V5, making me think it's something there.

Gielpy · July 12, 2025, 5:44pm

I’m running out of ideas unless somebody here has some.

I turned on the more extensive debugger and it gives me a lot of “dnsmasq received signal 17”; what would that be?

My most recent debug can be found here: https://tricorder.pi-hole.net/NSy7uknD/

Ladrien · July 12, 2025, 8:59pm

Is pi-hole running in a docker container?

If not, please show the output of sudo iptables -L -t nat and sudo iptables -L.

ip addr and ip route wouldn't hurt either.

Gielpy · July 12, 2025, 9:16pm

Pihole is running on Ubuntu 24.04.
Here's the output for those commands you suggested.
Thanks!


$ sudo iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

 $ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether c8:60:00:70:1e:db brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.85/24 brd 192.168.1.255 scope global dynamic noprefixroute enp2s0
       valid_lft 34312sec preferred_lft 34312sec
    inet6 fe80::6e18:c8bc:2bd4:f862/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

$ ip route
default via 192.168.1.254 dev enp2s0 proto dhcp src 192.168.1.85 metric 100 
192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.85 metric 100

Ladrien · July 12, 2025, 9:20pm

It looks like your pi-hole machine is set with a DHCP lease. Can you try to set it to a static IP address and see what changes?

Everything else looks good otherwise.

Gielpy · July 12, 2025, 9:57pm

That’s…. Interesting? The addresses is set as static on the router for the Ubuntu machine that pihole is on. I just went into the wired connection settings on Ubuntu and set it as manual there with the same address and right now it’s not reconnecting to the internet.

Ladrien · July 12, 2025, 11:09pm

Can you send the output of sudo netplan get

Gielpy · July 13, 2025, 3:51am

Sure, I reset the Ubuntu network configuration to 'automatic' and have this:

$ sudo netplan get

** (process:72134): WARNING **: 20:50:18.173: Permissions for /etc/netplan/01-network-manager-all.yaml are too open. Netplan configuration should NOT be accessible by others.
network:
  version: 2
  renderer: NetworkManager
  ethernets:
    enp2so:
      addresses:
      - "192.168.1.85/24"
      nameservers:
        addresses:
        - 8.8.8.8
        - 8.8.4.4
      routes:
      - to: "default"
        via: "192.168.1.254"
    NM-5cb42b05-6b53-440c-ba3c-1c03dec98f49:
      renderer: NetworkManager
      match:
        name: "enp2s0"
        macaddress: "C8:60:00:70:1E:DB"
      dhcp4: true
      wakeonlan: true
      networkmanager:
        uuid: "5cb42b05-6b53-440c-ba3c-1c03dec98f49"
        name: "Profile 1"
        passthrough:
          connection.timestamp: "1752259573"
          ipv6.addr-gen-mode: "default"
          ipv6.method: "dhcp"
          ipv6.ip6-privacy: "-1"
          proxy._: ""