Unable to block google ads

Help
1

Expected Behaviour:

Visiting some sites and expecting ads to be blocked. Specifically, Google Ads.

I used the “add domain as wildcard” and added all kinds of combinations of URLs that I see when I hover with the mouse over the visible ads.

Example: googleads.g.doubleclick.net I tried to block exactly this URL and I tried using regex to block it like this (\.|^)googleads\.g\.doubleclick\.net$ or (\.|^)googleads$

But the ads keeps reappearing. My PC is set to use 192.168.1.2 which is the PiHole’s IP Address. My Router is the PiHole as the DNS:

image
image753×928 37.6 KB

nslookup shows it’s going through pihole, but I still don’t understand why I get the ads showing.

pi@raspberrypi:~ $ nslookup googleads.g.doubleclick.net
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   googleads.g.doubleclick.net
Address: 0.0.0.0
Name:   googleads.g.doubleclick.net
Address: ::

pi@raspberrypi:~ $

Actual Behaviour:

Google ads are not getting blocked.

Debug Token:

https://tricorder.pi-hole.net/3j5EBDzq/

2

Router settings look good ... for the IPv4 part.
Except I would restrict the pool range from 192.168.1.50 to 192.168.1.250 instead to also allow to configure devices with a true static IP to be outside above DHCP scope (but within the same subnet).

What does below output?

sudo pihole-FTL dhcp-discover | grep 'dns-server\|Recursive DNS server'

It broadcasts an IPv4 DHCPDISCOVER plus an IPv6 RS (Router Solicitation) via multicast and catches the responses from the router(s) etc.
You can also run it without above grep for you yourself to inspect whats advertised on your LAN via IPv4 DHCP or IPv6 RA (Router Advertisement):

sudo pihole-FTL dhcp-discover

Dont post full unredacted output here for privacy!

3

Do you mean that by doing so, I can still manually assign static IPs to devices that are below .50?

pi@raspberrypi:~ $ sudo pihole-FTL dhcp-discover | grep 'dns-server\|Recursive DNS server'
   dns-server: 192.168.1.2
pi@raspberrypi:~ $

pi@raspberrypi:~ $ sudo pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers and IPv6 routers
Timeout: 6 seconds

* Received 312 bytes from 192.168.1.1 @ eth0
  Offered IP address: 192.168.1.2
  Server IP address: 192.168.1.1
  Relay-agent IP address: N/A
  BOOTP server: (empty)
  BOOTP file: (empty)
  DHCP options:
   Message type: DHCPOFFER (2)
   server-identifier: 192.168.1.1
   lease-time: 86400 ( 1d )
   renewal-time: 43200 ( 12h )
   rebinding-time: 75600 ( 21h )
   netmask: 255.255.255.0
   broadcast: 192.168.1.255
   wpad-server: "\n"
   netbios-ns: 192.168.1.1
   domain-name: "workgroup"
   dns-server: 192.168.1.2
   router: 192.168.1.1
   --- end of options ---

* Received 88 bytes from fe80::6d9:xxxx:xxxx:xxxx @ eth0
  Hop limit: 64
  Stateful address conf.: No
  Stateful other conf.: Yes
  Mobile home agent: No
  Router preference: Medium
  Neighbor discovery proxy: No
  Router lifetime: 600 s
  Reachable time: N/A
  Retransmit time: N/A
  - Prefix: fd00::/64
    Valid lifetime: 600 sec
    Preferred lifetime: 600 sec
    On-link: Yes
    Autonomous address conf.: Yes
  MTU: 1484 bytes (valid)
  Source link-layer address: 04:D9:xx:xx:xx:xx
  DNS search list: workgroup
   DNS search list lifetime: 600 sec

* Received 64 bytes from fe80::b72d:xxxx:xxxx:xxxx @ eth0
  Hop limit: undefined
  Stateful address conf.: No
  Stateful other conf.: Yes
  Mobile home agent: No
  Router preference: Medium
  Neighbor discovery proxy: No
  Router lifetime: 0 s
  Reachable time: N/A
  Retransmit time: N/A
  - Prefix: fd96:b465:xxxx:xxxx::/64
    Valid lifetime: 1800 sec
    Preferred lifetime: 1800 sec
    On-link: Yes
    Autonomous address conf.: Yes
  - Route: fdf6:xxxx:xxx:1::/64
    Route preference: Medium
    Route lifetime: 1800 sec

* Received 88 bytes from fe80::6d9:xxxx:xxxx:xxxx @ eth0
  Hop limit: 64
  Stateful address conf.: No
  Stateful other conf.: Yes
  Mobile home agent: No
  Router preference: Medium
  Neighbor discovery proxy: No
  Router lifetime: 600 s
  Reachable time: N/A
  Retransmit time: N/A
  - Prefix: fd00::/64
    Valid lifetime: 600 sec
    Preferred lifetime: 600 sec
    On-link: Yes
    Autonomous address conf.: Yes
  MTU: 1484 bytes (valid)
  Source link-layer address: 04:D9:F5:xx:xx:xx
  DNS search list: workgroup
   DNS search list lifetime: 600 sec

Received 1 DHCP (IPv4) and 3 RA (IPv6) answers on eth0
pi@raspberrypi:~ $

I garbled some of the addresses with x's

As a side note, I use the Edge browser, and I made sure I have this key/value pair in my Windows registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge
BuiltInDnsClientEnabled [DWORD]
Value data: 0

With Firefox browser I don’t get the ads. (I just figured it out now…)

4

Yes.
I have all my network critical devices configured with manual static IP details on the devices themselves just in case of the DHCP server failing for some reason.

Output looks good.
If you localized it to the browser, try find below setting and make sure its disabled:

5

Will do. I’ll report back one I get to do it later today.

Are the results good for this? ‘sudo pihole-FTL dhcp-discover’

6

I can’t seem to use my own specified DNS address because it’s under a managed account (though it’s my account, not an organization account)

image
image826×101 9.87 KB

So aside from the registry change I’ve done, I don’t know how to execute setp 5: “Select the Enter custom provider drop-down menu and choose Cloudflare (1.1.1.1).”

7

You might have created that “managed browser” problem when you made that registry edit above. Try removing it or changing back to its original value then restart your browser; although since it’s a policy setting, it may require a reboot to take effect as it’s in the Local Machine hive.

8

You're not suppose to configure and enable DoH but make sure its disabled/turned off instead:

That setting allows the browser to bypass Pi-hole via DoH: