Unable to use ip as dns and pinging ip gives time out

Mathias · January 23, 2023, 7:55pm

Unable to use ip as dns and pinging ip gives time out

Running on a AWS server with Ubuntu 20.04 LTS

jfb · January 23, 2023, 8:06pm

Your problem is not well described. You have posted a picture with the relevant information redacted.

Pi-hole is not involved in any transactions directly to an IP. If you have the IP, you don't need domain resolution, and that is what Pi-hole would provide. You ask Pi-hole for the IP that belongs to a domain name, and Pi-hole returns the IP.

butchkemper · January 23, 2023, 8:10pm

When the IP is a private number behind a router running NAT, why do people feel the need to blackout the number so it cannot be seen? There is no reduction in security if the world knows that 192.168.0.1 is the IP on the Router's LAN.

Butch

Mathias · January 23, 2023, 8:14pm

It's on a AWS server so it's the server IP I'm blacking out.

Mathias · January 23, 2023, 8:15pm

Can you please help me out with what more to provide? As I'm unsure what more to add.

jfb · January 23, 2023, 8:18pm

If you are entering an IP and the other end doesn't respond to a ping, that's not a Pi-hole problem. Pi-hole had no involvement in that transaction.

You can verify this by repeating the IP ping and then checking your query log in Pi-hole. There should be no matching query.

Mathias · January 23, 2023, 8:20pm

Then what do I do? Just a noobie here trying to explore PI-Hole and maybe one day donate if it all works.

also currently pinging the IP and I'm seeing nothing in the logs.

jfb · January 23, 2023, 8:27pm

The endpoint may not respond to pings. Not all endpoints do.

As I noted, this is not a Pi-hole issue, since your ping doesn't involve a DNS resolution.

Here is an example from a Pi which uses Pi-hole for DNS.

pi@Pi-3B-DEV:~ $ ping -c3 google.com
PING google.com (142.251.32.14) 56(84) bytes of data.
64 bytes from ord38s33-in-f14.1e100.net (142.251.32.14): icmp_seq=1 ttl=118 time=18.3 ms
64 bytes from ord38s33-in-f14.1e100.net (142.251.32.14): icmp_seq=2 ttl=118 time=20.1 ms
p64 bytes from ord38s33-in-f14.1e100.net (142.251.32.14): icmp_seq=3 ttl=118 time=20.7 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2438ms
rtt min/avg/max/mdev = 18.304/19.695/20.683/1.012 ms

pi@Pi-3B-DEV:~ $ ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=118 time=18.8 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=118 time=19.7 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=118 time=19.2 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 18.848/19.247/19.714/0.356 ms

Pings to both the domain name, and to an IP. Both were answered, since the endpoint responds to pings.

In the Pi-hole log, only these entries appear:

14:19:39: query[A] google.com from 127.0.0.1
14:19:39: forwarded google.com to 127.0.0.1#5335
14:19:39: reply google.com is 142.251.32.14

Not that only the ping to the domain required a domain name resolution from Pi-hole, and Pi-hole provided that. The ping directly to the IP had no interaction with P-hole, because the IP was known.

Mathias · January 23, 2023, 8:34pm

I'm sorry, but I still don't get it.

Like it must be a server issue then, but all ports should have been opened so it doesn't really make sense.

jfb · January 23, 2023, 8:44pm

Open ports don't necessarily lead to an endpoint responding to pings.

You are using a connectivity tool that is somewhat limited. It only checks the ping function, not general connectivity to the endpoint.

Are you able to ssh into the AWS server? If so, you have connectivity. From there, configure the server to respond to pings.

Mathias · January 24, 2023, 9:40am

I tried completely reinstalling the server now, got to install pi-hole and it "works" my PC is using the IP as an DNS and I'm on the internet but when using nslookup command in cmd on domains I get a DNS timeout and when using the command ping it works fine, and it's showing nothing in the logs of me browsing the internet.

I'm using openDNS and also tried Quad9 DNS on the pi-hole in settings.

Again it's running on a AWS server with ubuntu 20.04 and I followed this guide: How to Setup Pi-hole on an AWS Instance – Mumble Grumble

Webdash also works perfectly fine.

(Update it does filter as I tried to ping analytics.yahoo.com and it doesn't work but with a tor browser or other device I can reach analytics.yahoo.com, but it doesn't show anything in any of the logs on the PI-Hole. Also got this warning in the other logs)

Bucking_Horn · January 24, 2023, 10:00am

Your above screenshot detailing that your Pi-hole is receiving requests from public IP addresses would suggest that you may be running an open resolver, which poses a potential threat for all Internet users, e.g. by serving as a multiplier in a DNS Amplification attack .

The Pi-hole team strongly discourages Pi-hole’s usage as an open resolver, and we won't provide support in that case.

Mathias · January 24, 2023, 10:03am

Oh, must be something with the security settings on AWS then, will try to limit it to my IP only. Thank you for giving me a heads up.

Bucking_Horn · January 24, 2023, 10:08am

The proper way to integrate a cloud-based Pi-hole is via VPN, allowing secure access by authenticated clients only.
See the VPN section from Pi-hole's documentation (at Guides|VPN) for further suggestions, e.g. Overview - Pi-hole documentation.

Mathias · January 24, 2023, 10:09am

I've now closed it to only my ip I hope.

system · February 14, 2023, 10:09am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.