Cloudflare both primary and secondary are selected
How do I troubleshoot this, also where is the debug token I was expecting it to be at the end of pihole -d when it says ** FINISHED DEBUGGING! ** I see nothing that looks like a token
i̶t̶ ̶a̶p̶p̶e̶a̶r̶s̶ ̶t̶o̶ ̶b̶e̶ ̶a̶ ̶R̶a̶s̶p̶b̶i̶a̶n̶ ̶B̶u̶s̶t̶e̶r̶ ̶p̶r̶o̶b̶l̶e̶m̶
why is it not using the default route, "route -n" everything looks fine
Did you answer Yes to the question that followed that line? If you answer yes, the debug log uploads and you get a token in return.
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[?] Would you like to upload the log? [y/N]
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[?] Would you like to upload the log? [y/N] y
* Using curl for transmission.
[✗] There was an error uploading your debug log.
Please try again or contact the Pi-hole team for assistance.
A local copy of the debug log can be found at: /var/log/pihole_debug.log
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.1.2/24 matches the IP found in /etc/pihole/setupVars.conf
But, it is looking for a gateway on a different IP range:
[i] Default IPv4 gateway: 192.168.100.1
* Pinging 192.168.100.1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)
This may be a recent problem, as Pi-Hole shows the following activity for the previous 24 hours:
[2019-10-01 06:07:16.549 30036] Imported 4983 queries from the long-term database
[2019-10-01 06:07:16.550 30036] -> Total DNS queries: 4983
[2019-10-01 06:07:16.550 30036] -> Cached DNS queries: 904
[2019-10-01 06:07:16.550 30036] -> Forwarded DNS queries: 3738
[2019-10-01 06:07:16.550 30036] -> Exactly blocked DNS queries: 242
[2019-10-01 06:07:16.550 30036] -> Unknown DNS queries: 99
[2019-10-01 06:07:16.550 30036] -> Unique domains: 154
[2019-10-01 06:07:16.550 30036] -> Unique clients: 17
[2019-10-01 06:07:16.550 30036] -> Known forward destinations: 7
It appears that you are located in the US? But, the timezone on the Pi is set to Great Britain.
The log output shows a date/time that has not yet been achieved in the US. Incorrect time can also impact DNSSEC authentication, and you have DNSSEC enabled.
*** [ INITIALIZING ]
[i] 2019-10-01:06:11:39 debug log has been initialized.
I temporarily turned off DNSSEC and it resolves names as normal.
DNSSEC is back on, Changing timezone to local and rebooting still not working with DNSSEC on
time on the pihole is 30 sec slow
dig provides a number of query options which affect the way in which lookups are made and the results displayed. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies.
Each query option is identified by a keyword preceded by a plus sign (+). Some keywords set or reset an option. These may be preceded by the string no to negate the meaning of that keyword. Other keywords assign values to options like the timeout interval. They have the form +keyword=value. Keywords may be abbreviated, provided the abbreviation is unambiguous; for example, +cd is equivalent to +cdflag. The query options are:
**+[no]dnssec**
Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query
Whether the time is correct or wrong by a few hours the response is the same, Can I have an example syntax for dig with dnssec?
dig @1.0.0.1 cnn.com [no]dnssec
"(dig +dnssec cnn.com@1.0.0.1 and dig cnn.com@1.0.0.1) look the same"
but dig dnssec cnn.com@1.0.0.1 has longer output: so I'm still not sure of syntax.
Ether way I cannot tell if dnssec is working or not(with dig). Dig still seems to work even if the date is two months slow.
If you look at the output, you will see it is longer because the query is trying to resolve the IP of dnssec as well as cnn.com. The syntax for options is to put a "+" in front of the option. See man dig on your Pi terminal.