Unable to access website

Please follow the below template, it will help us to help you!

Expected Behaviour:

[Website https://nzb.su was accessible at one time. It is not blacklisted. I have even whitelisted the site and still not accessible ]

Actual Behaviour:

[Website https://nzb.su is no longer accessible. I keep getting the following error when attempting to access the website "DNS_PROBE_FINISHED_NXDOMAIN. This makes me believe that Pihole is possibly blocking it. I even get the error when I turn pihole blocking off. When I am connected via VPN website is accessible. Tested on different machines, cleared browser cache, reset network adapters as well on both machines. Not sure what else to try?]

Debug Token:

[https://tricorder.pi-hole.net/a6j9xj1mdb]

Your debug log did not completely upload, likely due to the very long text that follows this section. You have made some local changes to your Pi-Hole install, but I don’t think it is related to this problem.

*** [ DIAGNOSING ]: Web version
[i] Web: v4.3 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.3-0-g44aff727-dirty

Are you able to connect to that site at all? What is the output of: dig nzb.su

The problem could be with the web site. When you connect to the VPN, your apparent IP is at a different location, which may be the difference.

In the Central USA, I am able to load the website using Pi-Hole, and it loads fairly slowly.

I got the following results below

; <<>> DiG 9.10.3-P4-Raspbian <<>> nzb.su
;; global options: +cmd
;; connection timed out; no servers could be reached

What upstream DNS servers is Pi-Hole using? Try one of them directly using

dig nzb.su @[IP of the DNS server here]

Honestly, I have been having problems for the past week since I made a backup image of my pihole and moved it to a new sd card. It ended up being what I thought was a time sync issue as dns was not working at all. I finally got it working after attempting to reinstall unbound with my pihole, or so I thought then ran into this issue with this website. Could you possibly help me verify if my pihole DNS settings page is correctly configured for unbound usage as that could possibly be a issue? The settings are below:

I got this with the unbound upstream
~ $ dig nzb.su @127.0.0.1

; <<>> DiG 9.10.3-P4-Raspbian <<>> nzb.su @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6195
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;nzb.su. IN A

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Aug 23 18:08:09 CDT 2019
;; MSG SIZE rcvd: 35

and then I got this when using google (8.8.8.8)
~ $ dig nzb.su @8.8.8.8

; <<>> DiG 9.10.3-P4-Raspbian <<>> nzb.su @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38896
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;nzb.su. IN A

;; ANSWER SECTION:
nzb.su. 20951 IN A 209.208.67.181

;; Query time: 29 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Aug 23 18:08:34 CDT 2019
;; MSG SIZE rcvd: 51

Got another debug token to see if it works now

https://tricorder.pi-hole.net/fgrmmv51hd

These look fine with the exception of DNSSEC enabled. In your configuration, unbound is doing the DNSSEC and Pi-Hole should not be.

The problem seems to lie in your unbound install. Have you checked the date/time on the Pi again - wrong time can lead to SERVFAIL.

Same problem as before - only the first part of the log uploaded.

Ok, I think the best thing for me to do is wipe my sd card and start from fresh. I was hoping to avoid it, but oh well, things happen. Question, would I be better off using dnscrypt vs unbound? As I did want to give it a try and this would be the time to switch.

I wouldn’t start with a wipe. Uninstall unbound, then reinstall. If that fails, then up the ante.

Unbound would be my preference over encrypted DNS. More private, fast and you have complete control of your resolver.

Ok, thanks! Will try the uninstall and reinstall first of Unbound and see if that helps. I really appreciate your help on this, you guys are AWESOME!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.