Windows 10 Bypassing PiHole After 21H2 Update

gerowen · April 13, 2022, 2:06am

I set up a PiHole at my mom's house for her a year or two ago, and I noticed this evening after updating Windows 10 on her desktop to 21H2, it seems the entire OS is just ignoring the local DNS server (PiHole) and going straight to the internet through some other hard-coded DNS server. I know that the PiHole is working properly because my own laptop (Debian) that was connected via VPN, and another Linux machine I have running there as a backup server, were able to properly resolve local DNS names and ads were being blocked. Her Windows 10 PC however could neither resolve local DNS names, nor was it having ads blocked. It could access local IP addresses directly, but could not resolve those IPs from the names I have configured in the PiHole "Local DNS" area.

Here are some things I've tried and checked:

Verified that the router was configured to hand out the PiHole as the only DNS server and there were no secondary servers configured.
Flushed the local DNS cache with ipconfig /flushdns to try and force the desktop to reach out to the PiHole whenever fresh attempts to access local DNS names were made.
I noticed a couple of IPv6 addresses listed under "DNS Servers" when I ran ipconfig /all , so I manually assigned the IPv4 settings in Windows and left IPv6 disabled altogether so that when running ipconfig, the only DNS server listed is the IPv4 address of the PiHole.
Tried disabling/enabling the affected WiFi network interface after making these configuration changes (Old Windows control panel method).
Tried rebooting the machine after making these configuration changes.
Disabled all the "secure DNS" features in Firefox and Brave that might make them use DNS over HTTPS in lieu of the PiHole.

Despite all this, I cannot ping local DNS names in the command line with the Windows machines, but I can with my Linux laptop. I can visit websites via the Windows machine that should be getting blocked by the PiHole. Those sites are being blocked by the PiHole when I try to visit them from my Linux machine.

The only thing I can figure is that after updating, Windows has some sort of hard-coded DNS server or DNS over HTTPS that is taking precedent, despite what the output of ipconfig /all is telling me.

Any ideas on how to get Windows to stop doing its own thing and get back behind her PiHole?

jfb · April 13, 2022, 3:13am

From a client that you believe should be connected to the Pi-Hole for DNS, from the command prompt or terminal on that client (and not via ssh or Putty to the Pi), what is the output of

nslookup pi.hole

nslookup flurry.com

gerowen · April 13, 2022, 3:25am

I came back here to close this post, but I appreciate you taking the time to respond. After about an hour I logged back in to double check and get a screenshot, and everything had just magically decided to start working. Some kind of cached values that weren't cleared when I did ipconfig /flushdns ? Weird thing is, it worked before and no changes were made to any of the settings until after it stopped working post-update. Sorry to waste your time I guess.

Bucking_Horn · April 13, 2022, 6:34am

Your mom's router may advertise its own IPv6 address as DNS server, allowing clients to by-pass Pi-hole via IPv6.
Check the router's DNS configuration for IPv6, run the commands as suggested by jfb, and check your Windows client's DNS server section from ipconfig /all for IPv6 addresses.

system · May 4, 2022, 6:35am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.