Pihole doesn't block

dieterpi · 26 July 2023 13:56

Hey,

I know, it’s not a specifical dietpi topic, but maybe somebody had this problem.
I looked for it in the www, but did not find anything that suites.

I installed pihole within dietpi and it works so far. I set the DNS of the clients to pihole IP and they work. Pihole says, that it blocks about 2% of queries. But if I check for example if facebook is blocked, it’s not! Despite the fact, that I activated and updated one facebook blocking list. So something goes wrong.

Cheers
dieterpi

Joulinar · 26 July 2023 14:16

Have you seen your clients in the PiHole query log? Can you check the assigned DNS server in your clients? Maybe they are using a different DNS server than PiHole. Also, the blocking rate seems to be very low at 2%. Personally I have 30%+

dieterpi · 26 July 2023 14:41

I don’t log, so that can’t help.
DNS server is set to pihole on each client. But as it seems it somehow break through.

#Edit: I enabled the queries, but I get nothing. So it seems, that the clients did not use pihole as DNS, despite that the pihole IP is set.

Joulinar · 26 July 2023 15:07

Does your clients use DHCP? And do you have enabled IPv6 on your network? Probably your clients use IPv6 DNS server not pointing to PiHole. Have a look to your clients to verify DNS server used.

dieterpi · 26 July 2023 15:10

no, I use static settings. IPv6 is deactivated.
The fact is, that the client uses the ISP DNS, if I set the IP of pihole as DNS.
Maybe smth wrong with unbound on pihole?

WarHawk · 27 July 2023 02:52

Clear DNS reservations on the client systems…they will maintain a small level of DNS queries, so it’s pulling from it’s internal cache

Clear or reboot

Joulinar · 27 July 2023 06:54

This I don’t understand.

Both PiHole and Unbound have nothing to do with your clients and the DNS server they use. This is only a setting in your clients. Make sure that the correct DNS server is assigned to your clients.

dieterpi · 27 July 2023 07:09

I solved it there: Pihole uses ISP router DNS and don't block - Help - Pi-hole Userspace
But I think, it was a cache problem.

The thing with “client uses the ISP DNS if…” was the fact, that while using unbound the DNS leak test shows the ISP DNS.

As it seems, everything works now. The only thing is the strange IP (10.139.1.1) which pihole use as DNS while normal nslookup. Did not set this IP range and IP for nothing. But I think, I clear it out in the pihole forum.

Thanks!