Website blocked although not on a blocklist

Pr0metheus2 · May 10, 2024, 1:09pm

yes, that's all

CallMeCurious · May 10, 2024, 1:11pm

This is maybe a Country /Rregional block. Not sure. I think I dev / mod is going to have to help with this one. Its seems like its DNSSEC related.

You also may want to upload a debug log from the WebUI using Tools>generate debug log and make sure to post a token in the comments.

Pr0metheus2 · May 10, 2024, 1:15pm

Could be some Pi-Hole DNSSEC related issue, because changing DNS provider in browser to 1.1.1.1 works with no problems.

CallMeCurious · May 10, 2024, 1:17pm

True, but disabling pihole should have bypased that. Its certainly weird. Generate a debug log and post the token and hopefully a Dev / Moderator can provide a better answer.

Pr0metheus2 · May 10, 2024, 1:26pm

[✓] Your debug token is: https://tricorder.pi-hole.net/OnRq2pyE/
Hopefully this can be solvable...

NGr · May 10, 2024, 1:47pm

Are your date and time on the Pi correct?

Pr0metheus2 · May 10, 2024, 2:03pm

Yes, correct
root@raspberrypi:~# date
Fri 10 May 15:03:11 BST 2024

Pr0metheus2 · May 10, 2024, 2:08pm

I got this result in windows cmd
C:\Users\BiLLY>nslookup revanced.net
Server: pi.hole
Address: 192.168.2.250

*** pi.hole can't find revanced.net: Server failed

Pr0metheus2 · May 10, 2024, 2:09pm

and Pi-hole console:
root@raspberrypi:~# nslookup revanced.net
Server: 192.168.2.1
Address: 192.168.2.1#53

Non-authoritative answer:
Name: revanced.net
Address: 104.21.76.63
Name: revanced.net
Address: 172.67.190.236
Name: revanced.net
Address: 2606:4700:3036::6815:4c3f
Name: revanced.net
Address: 2606:4700:3037::ac43:beec

Pr0metheus2 · May 10, 2024, 2:11pm

192.168.2.1 is my UDM Pro router which has DHCP enabled, DNS for clients is 192.168.2.250 (Pi-hole)

Pr0metheus2 · May 10, 2024, 2:17pm

root@raspberrypi:~# host revanced.net
revanced.net has address 172.67.190.236
revanced.net has address 104.21.76.63
revanced.net has IPv6 address 2606:4700:3036::6815:4c3f
revanced.net has IPv6 address 2606:4700:3037::ac43:beec
revanced.net mail is handled by 34 route2.mx.cloudflare.net.
revanced.net mail is handled by 58 route1.mx.cloudflare.net.
revanced.net mail is handled by 79 route3.mx.cloudflare.net.

Pr0metheus2 · May 11, 2024, 9:38am

I did install Pi-hole from scratch, without restoring any previous settings, but same result - these pages are still blocked.

CallMeCurious · May 11, 2024, 12:02pm

With a re-install you will want to run another debug and post a new token.

Going back and looking at your query log output. Are you using .local as domain for your local network? Not sure if this is a problem in this case but .local is reserved for mDNS ( multicast DNS )

It still seems like the issue still goes back to the bogus NSEC messges your seeing in the query log. As I look closer at this it doesn't seem like revanced.net uses DNSSEC ( whois revanced.net | grep -iw DNSSEC shows unsigned ) so not sure why the messages.

This link talks about it a bit and some possible solutions.

https://www.reddit.com/r/pihole/comments/aw7123/how_to_fix_bogus_domain/

If you turn DNSSEC off does the site work?
If you change the upstream DNS server in piholes DNS Tab does it work?

Pr0metheus2 · May 12, 2024, 8:07pm

No matter if I turn DNSSEC On / Off, site still not working. Changing Upstream DNS server also does nothing.

Pr0metheus2 · May 12, 2024, 8:09pm

[✓] Your debug token is: https://tricorder.pi-hole.net/XiIw70Tf/

system · June 2, 2024, 8:10pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.