First I'll say that ultimately the solution is to get rid of the Roku TVs, but the wife likes them due to their simplicity of operation so I'm pretty much stuck with the stupid things.
I've installed a PiHole for the first time primarily to block obnoxious features and surveillance being conducted by Roku. These sets will attempt to use Google and Cloudflare DNS so my router is configured to route DNS requests to the PiHole. Roku also has a huge number of sneaky [xxxxxxx].logs.roku.com domains for transmitting data, so I used a regular expression in the PiHole to block those.
Results: ads, updates and (presumably) phoning home are blocked but the live TV schedule is also blocked. (We receive local broadcasts over the air via antenna.) Does anyone here know what Roku domain to whitelist in order to get the live TV schedule to work again?
These are the DNS requests that reported by PiHole as the Roku TVs boot up and start working. (I could try whitelisting one at a time but wanted to ask if someone else here has run into this and found the solution.)
I tried whitelisting epgreg.sr.roku.com but that didn't work, unfortunately, the program guide still does not display. (I did check that the domain did resolve OK.) It would not be surprising if they hide that functionality in one of their other domains. What I may do is try briefly allowing the roku domains one at a time to see the result. However I want to be careful that the sets do not upgrade their firmware. Roku has been delivering "features" like AI screen scraping to watch and report on what you're seeing on the screen, and they might get even sneakier with getting around DNS blocks like hard-coding DNS servers with non-standard ports.
I checked the pihole log and although there are some domains that were not in my list they are mostly variations on "logs.roku.com". There appear to be a lot of those, possibly an attempt to make phoning home harder to block. Roku must really, REALLY want "their" data.
Also, I'm noticing that while the Roku TVs are turned "off" they are still trying to phone home. I suppose that should not be surprising.
Back in the Cold War days there used to be a joke going around to the effect of: "In Soviet Union, TV watchesYOU!" It doesn't sound so funny any more.
Well this turned into something of a fiasco. While experimenting what could be unblocked to possibly get the program guide back, while keeping ads and telemetry blocked , the antenna TV feature bricked and would not work even when blocking was disabled.
After unsuccessfully trying to fix this I finally had to do a factory reset on the TV. This meant keeping the pihole disabled so the set could phone home for initial setup. Unfortunately the setup requires a firmware update - no way around it - which is one of the things I was trying to avoid. (If the set can't update firmware the setup terminates and you have to start from the beginning.)
So now with the new firmware if the pihole is enabled the antenna TV comes up blank. I tried enabling everything except for the *.logs.roku.com domains, thinking maybe I could get away with just blocking telemetry, and it still didn't work. Over-the-air TV (and possibly other functions) will apparently refuse to work if you don't permit the set open access to phone home. I found that also to be the case if Quad9 DNS servers are specified. The set appears touchy about what DNS is being used even if there are no specific blocks in place. (The set works with Google and Cloudflare DNS.) It looks like Roku TVs are getting nastier about ad and telemetry blocking.
I'll have to do some more experimentation but at this point it appears not possible to use the pihole and the Roku TVs at the same time.
When it comes to the domains you mentioned earlier :
I think it would be the api.rokutime.com and navigation.sr.roku.com ones if I had to make a guess...
I have an Asus router running DD-WRT so it's no problem putting in the firewall rules to re-route DNS requests to the pihole. That part is working just fine. The problem now is that the set is refusing to work when it's not able to phone home. (That issue is beyond the scope of this forum, and Roku has pulled the plug on their community support forum. They now only have some awful/useless AI-based "support".)
Thanks - as I said initially, I'd love to get rid of the stupid thing but the political situation at home makes that impossible. I sure miss TVs that were only dumb receivers!
