Blocked in openwrt but can see it in pi-hole - closed

Dear specialists,

I have blocked the domain [googleapis.com] in the openwrt blocklist - fine.
I can see blocked domains in the openwrt log blocklist as NX - fine.
When I open the pi-hole log list I can see some , not all domains [*.googleapis.com] from the openwrt router which was signed as blocked in the openwrt log blocklist as NX...

Domains which not will be blocked by openwrt:

-violatile-pa.googleapis.com
-userlocation.googleapis.com
-reminders-pa.googleapis.com
-android-context-data.googleapis.com

Any Ideas?? - wrong setup or bypass by hardcoded DNS entry???

Setup:
ISP - FB Router - Pi-hole (DNS)
- openwrt Router - 1 client for tests

Thanks

Neuro

Is the pihole used as upstream resolver to the router ?
If so, did you try blocking it on the pihole ?

Hi Frollic,

no, the FB is the upstream resolver.
Pihole is the local DNS-Server.

That sounds unnecessarily complicated, but ok.

Then explain how the setup works, if DNS queries get forwarded to the pi from the FB ?

Pihole is set as local DNS-Server:
FB
Heimnetz - Netzwerk - Netzwerkeinstellungen - Erweiterte Einstellungen - IPv4-Einstellungen - Lokaler DNS-Server(IP Pihole)

Pihole is the upstream:
unbound is the Server (127.0.0.1#5335)
DNSSEC enabled

Why not publish th Pi's IP as DNS for the clients?

Won't help you with the devices and apps ignoring the DNSes, but it's cleaner.

https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#dhcp_options

The system seems to have caught up because currently no openwrt blocked domain I can see in pihole...magic...

..hmm...
in another test, well suited here is Amazon, although block status in openwrt everything is routed through to the pihole...ok, I have to solve it myself...

It shouldn't be an architectural design issue because all devices will be blocked in pihole and when I connect a device to openwrt which should bloch via adblock, no blocked traffic should routed to pihole...isn't it?

No idea what this means.

Define blocked.

Still no idea why you have a redundant DNS.

1 Like

Test, simple test if openwrt blocks.

Some request from devices which are connected to openwrt will blocked as implemented in the blocklist BUT some requests form devices to openwrt router will not blocked as implemented like googleapis or amazon and before a device will come to production I test it - and ask for perhaps my mistake like this here.
How can it be that a request from an openwrt device that is blocked in openwrt blocklist appears in the pihole on the connected modem/router?
Later I will remove pihole from the productive setup...

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.