I should not notice big differences on internet usage.
Actual Behaviour:
Almost every website I open is pretty laggy to load. Many aren't loading at all.
Throughout the day, some apps and services get randomly disconnected, such as Slack, Telegram or WhatsApp.
When disconnected, my network shows an '?' mark. This happens on PC (Ubuntu 20 and Windows 10) and Mobile (2 devices with latest android).
This disconnection lasts for a couple of minutes usually. Sometimes just refreshing the page of a "Unkown host" website will make it load again.
If I remove Pi-Hole, I don't have any kind of issues.
Your debug log looks normal as far as configuration is concerned, but there are a few lines in your logs that don't fit that configuration:
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 6174 Mar 15 16:20 /var/log/lighttpd/error.log
-----head of error.log------
2021-03-14 16:10:44: (server.c.2059) server stopped by UID = 0 PID = 1
2021-03-14 16:10:45: (server.c.1464) server started (lighttpd/1.4.53)
2021-03-14 16:42:21: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: Executing sudo pihole -a setdns "1.1.1.1,1.0.0.1" domain-needed bogus-priv no-dnssec failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-03-14 16:43:49: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: Executing sudo pihole -a setdns "192.168.1.2\#5335" domain-needed bogus-priv no-dnssec failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-03-14 16:43:53: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
2021-03-14 16:43:56: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
2021-03-14 19:17:16: (server.c.1464) server started (lighttpd/1.4.53)
-----tail of error.log------
2021-03-15 13:21:04: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: Executing sudo pihole -a setdns "1.1.1.1,1.0.0.1" domain-needed bogus-priv no-dnssec failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-03-15 13:21:11: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
2021-03-15 13:21:16: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
2021-03-15 15:56:35: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: Executing sudo pihole -a enabledhcp 192.168.1.3 192.168.1.254 192.168.1.1 24 lan true true failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-03-15 15:56:39: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
2021-03-15 15:56:41: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning: SQLite3::query(): Unable to prepare statement: 8, attempt to write a readonly database in /var/www/html/admin/api_db.php on line 401
Did you try to enable Pi-hole's DHCP server lately, or to use a local DNS proxy or server like unbound? Were those options active when you observed your slowdowns?
During an observed slowdown, what's the output of the following commands from a client:
nslookup pi.hole
nslookup flurry.com
Also, please check the DNS servers reported to be in use by a client, e.g by checking the DNS server section from the output of the following command on your Win10 machine:
Did you try to enable Pi-hole's DHCP server lately, or to use a local DNS proxy or server like unbound?
I did. I'm trying to use Pihole's DHCP at the moment. I tried to use unbound as per pihole's guide, but when I noticed the slowdowns I uninstalled it and used Cloudflare instead.
Also, please check the DNS servers reported to be in use by a client, e.g by checking the DNS server section from the output of the following command on your Win10 machine:
I did it from my Ubuntu machine through cat /etc/resolv.conf, it displays:
nameserver 127.0.0.53
options edns0 trust-ad
search lan
During an observed slowdown, what's the output of the following commands from a client:
leonardo@leonardo:~$ nslookup pi.hole
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find pi.hole: SERVFAIL
leonardo@leonardo:~$ nslookup flurry.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find flurry.com: SERVFAIL
leonardo@leonardo:~$ nslookup pi.hole
;; connection timed out; no servers could be reached
leonardo@leonardo:~$ nslookup flurry.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find flurry.com: SERVFAIL
Recent Ubuntu is using systemd-resolved as a local dns caching resolver, which makes checking /etc/resolv.conf for an Ubuntu machine's upstream DSN pointless. It always shows a localhost address.
Try systemd-resolve --status or cat /run/systemd/resolve/resolv.conf instead, or use the command supplied above for Win10.
Were your nslookups all run during a slowdown?
I'm asking because you seem to have run them twice, and results differ:
In your second set, it was Ubuntu's local dns resolver that failed to answer nslookup pi.hole.
What is Pi-hole's status during a slowdown?
Check on your Pi-hole machine by running:
pihole status
sudo systemctl status --full --no-pager pihole-FTL.service
Also, roughly how many queries is Pi-hole registering during such a slowdown (if any)?
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 5 (br-1f82080eeffd)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 4 (docker0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 3 (wlp2s0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.1.2
DNS Domain: ~.
local
Link 2 (enp1s0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
I usually keep an SSH open to the Raspberry running pihole, and I always run pihole status to check why I can't access the internet. The status is usually positive, although sometimes it takes a while (2~ seconds) to print the status to the console
pi@raspberrypi:~ $ pihole status
[✓] DNS service is listening
[✓] UDP (IPv4)
[✓] TCP (IPv4)
[✓] UDP (IPv6)
[✓] TCP (IPv6)
[✓] Pi-hole blocking is enabled
Also, roughly how many queries is Pi-hole registering during such a slowdown (if any)?
I checked a 15 minute period which included a minute of outage and it reported 683 queries. I'll try to refine this further
Probably not.
Unless you have any indication that DHCP would be involved?
Thanks.
This shows that your Ubuntu would just use your Pi-hole for DNS, presuming that 192.168.1.2 is your Pi-hole's IP.
Just for completeness, could you share cat /run/systemd/resolve/resolv.conf as well?
Maybe not directly related, but you should avoid using local as your local domain name. That domain is reserved for the mDNS protocol and should not be used with DNS.
Your nslookups show that DNS queries either fail with SERVFAIL (a valid DNS answer indicating a problem with an upstream DNS server) or Ubuntu's local resolver is failing to accept and deliver the query to Pi-hole.
As Ubuntu is using a local resolver before forwarding requests to Pi-hole, it remains unclear whether SERVFAIL was reported back by one of Pi-hole's upstreams or by Pi-hole itself. You could try to correlate that with Pi-hole's Query Log at that time.
For future tests, direct your nslookups directly at Pi-hole, e.g.:
That would imply that Pi-hole is fully operational and responsive while you observe clients slowing down. A bit of a stretch to find out about this, partly due to Ubuntu hiding some important details from us.
If Pi-hole is responsive, it's either Ubuntu's systemd-resolved that isn't (unlikely), or yet another DNS server is involved and doesn't play along.
Thank you for supplying that output.
It reveals another DNS server employed by your Ubuntu machine.
What device in your network owns that IPv6 address?
You could cross check that with your Pi-hole's IPv6 addresses by running the following command on your Pi-hole machine:
What device in your network owns that IPv6 address?
It was my router's. I disabled IPV6, now I only get nameserver 192.168.1.2, but failures continue
A thing I noticed is that eventually Pihole-FTL is showing red, and pihole status shows that DNS service is not listening. I must then manually pihole restartdns or wait sometime when it gets back up. Pihole-FTL.log contains no errors. Where else can I look to see why it crashed? Could it be related?
