OpenWrt, PiHole in dhcp - no internet acces from OpenWrt

Hi all,
I have a dns issue.
I use PiHole has dhcp & dnsserver.
Openwrt is the router(192.168.1.1), and the internet box configured in bridge mode (192.168.0.1)
All is quite correct : internet acces from PCs, external acces is avalaible.
But

nslookup openwrt.org
;; connection timed out; no servers could be reached

 nslookup openwrt.org 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Name:      openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1

 ping 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
64 bytes from 139.59.209.225: seq=0 ttl=52 time=21.096 ms

I don t find where is the problem :frowning:
many thanks in advance for you help.

Hello,

what is the output of

uci export dhcp; 
ls -l  /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
package dhcp

config dnsmasq
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option dnssec '0'
        option noresolv '1'
        option cachesize '5000'
        option localservice '0'
        list rebind_domain 'onion'
        option domain 'chtiloft'
        option nonwildcard '0'
        list server '127.0.0.1#5300'
        list server '/onion/127.0.0.1#9053'
        list server '/0.openwrt.pool.ntp.org/8.8.8.8'
        option domainneeded '1'
        option logqueries '1'
config dhcp 'lan'
        option interface 'lan'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        option ignore '1'
        list dhcp_option '6,192.168.1.101'
config dhcp 'wan'
        option interface 'wan'
        option ignore '1'
config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
lrwxrwxrwx    1 root     root            16 Nov  5 15:12 /etc/resolv.conf -> /tmp/resolv.conf
lrwxrwxrwx    1 root     root            21 Jan  2 11:28 /tmp/resolv.conf -> /tmp/resolv.conf.auto
-rw-r--r--    1 root     root            16 Jan  8 21:12 /tmp/resolv.conf.auto

tks

Why are you forwarding everything to port 5300?

no idea :frowning: don't know what it means... and 'onion' also.

tks for your help

Well, you cannot just have such configuration on your router without any knowledge.
Onion is for the tor protocol.
Either you or someone else installed some package or modified the router in this way.
If you are in doubt, do a reset to defaults and configure it again from scratch.

no, it s me who installled from scatch. Off course, i have some knowledge.
But, quite sure, tor was installed by default with the basic configuration. I have at the moment disable all about tor.
Any way, if i install again, i will surely spend time again et maybe will reproduce the same mistakes...
Tks again for your help @trendy

If your problem is solved, feel free to mark the relevant post as the solution; and edit the title to add "[SOLVED]" to the beginning (click the pencil behind the topic).

grafik

1 Like

@trendy, not solved :(.
i have updating dchp list server using luci

        list server '/0.openwrt.pool.ntp.org/8.8.8.8'
        list server '192.168.1.101'

192.168.1.101 is my pihole server

root@OpenWrt4900 ~# nslookup openwrt.org
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:      openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1
root@OpenWrt4900 ~# nslookup openwrt.org 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Name:      openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1
root@OpenWrt4900 ~# ping  139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
64 bytes from 139.59.209.225: seq=0 ttl=52 time=19.801 ms

using luci, ping response :

ping: bad address 'openwrt.org' 
traceroute: bad address 'openwrt.org'
nsloockup : ;; connection timed out; no servers could be reached

have a good day

What is the output of

nslookup www.google.com
nslookup www.google.com 192.168.1.101

I have been struggling with the exact same problem for a few weeks now, I have tried setting the DNS servers in either the WAN and LAN, or both. Only my router itself can't resolve DNS, any other device on the network can.

I don't want to steal this topic, but this is my output:

(10.0.1.1 is the router and 10.0.1.2 is the box where pihole is hosted)

root@LEDE:~# nslookup www.google.com 10.0.1.2
Server:         10.0.1.2
Address:        10.0.1.2#53

Name:      www.google.com
Address 1: 216.58.208.100
Address 2: 2a00:1450:400e:80d::2004

I have also a couple of piholes and everything works fine.
The relevant sections are:

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option local '/mrv/'
	option domain 'mrv'
	list server '/elv/10.0.1.1'
	option rebind_protection '0'
	option localservice '0'
	option nonwildcard '0'
	option enable_tftp '1'
	option tftp_root '/tmp/'
	option dhcp_boot 'vmlinux'
	option sequential_ip '1'
	option filterwin2k '1'
	option strictorder '1'
	option queryport '5353'
	option quietdhcp '1'
	option allservers '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option force '1'
	list dns 'fd00:bbbb::2'
	list dns 'fd00:bbbb::3'
	list domain 'mrv'
	option ra_management '1'
	option ra 'server'
	option dhcpv6 'server'
	option leasetime '2h'
	list dhcp_option '42,10.0.2.1,10.0.2.3'
	list dhcp_option '252,"\n"'
	list dhcp_option '15,mrv'
	list dhcp_option '119,mrv,elv'
	list dhcp_option '6,10.0.2.2,10.0.2.3'

config interface 'lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '10.0.2.1'
	option dns '10.0.2.3 10.0.2.2 10.0.20.1'
	option ip6assign '60'
	option force_link '0'
	option ip6ifaceid '::1'
	option ifname 'eth1.4'

piholes are 2.2 and 2.3

I have copied your config file parts and changed them accordingly, and it opkg updates without a problem now! To be honest, I don't know what option fixed it, so I'll include my relevant sections after fixing.

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option local '/ph/'
        option domain 'ph'
        list server '/ph/10.0.1.1'
        option rebind_protection '0'
        option localservice '0'
        option nonwildcard '0'
        option enable_tftp '1'
        option tftp_root '/tmp/'
        option dhcp_boot 'vmlinux'
        option sequential_ip '1'
        option filterwin2k '1'
        option strictorder '1'
        option queryport '5353'
        option quietdhcp '1'
        option allservers '1'


config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        list domain 'ph'
        option leasetime '12h'
        list dhcp_option '6,10.0.1.2'
        list dhcp_option '15,ph'
        option ra_management '1'
        option ra 'server'

my pihole is on 10.0.1.2

Thank you very much, I have been trying to fix this for a long time. I hope OP also manages to fixes this!

It would be best to run a diff first against your version to see the lines that could be the culprits.

 ~# nslookup www.google.com
;; connection timed out; no servers could be reached

root@OpenWrt4900 ~# nslookup www.google.com 192.168.1.101
Server:         192.168.1.101
Address:        192.168.1.101#53

Name:      www.google.com
Address 1: 216.58.215.36
Address 2: 2a00:1450:4007:808::2004

I am sorry, I spoke too soon. Somehow, it works sometimes, but other times it doesn't.

I have ran nslookup $domain two times back to back, within a few seconds, the first time it works, the second time it doesn't.

root@LEDE:~# nslookup www.google.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: $domain (I am a new user, I can only post 2 links in one post)
Address 1: 172.217.17.68
Address 2: 2a00:1450:400e:80d::2004
root@LEDE:~# nslookup www.google.com
;; connection timed out; no servers could be reached

I feel that it has something to do with ipv6, I have tried disabling ipv6 as far as I can find (blank out the prefix in interfaces, stop wan6), but I also noticed that DNS resolving is somehow really slow right now.

EDIT:
my log is riddled with this message. Something is causing an (infinite) loop between pihole and OpenWRT?

Sun Jan 12 20:29:58 2020 daemon.warn dnsmasq[10294]: Maximum number of concurrent DNS queries reached (max: 150)

You can find Pihole's IPv6 address by clicking on the Settings tab in piholes web page , It's on the first page. If you look at @trendy He added pihole's IPv6 with

list dns ' Ipv6 address'

My ipv6 address in pihole is blank (which I would expect), but somehow it is still able to resolve ipv6?

Apparently you have misconfigured something about the local nameserver of the router.
If you directly ask the Pihole it answers back.
What is the output of:

ls -l  /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*

Same for you @ivohulsman (also make sure you have configured properly pihole and there is no loop in queries between OpenWrt and Pihole).

Thanks for your reply, here is the output.

root@LEDE:~# ls -l  /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
lrwxrwxrwx    1 root     root            16 Jun 27  2019 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r--    1 root     root            31 Jan 13 22:00 /tmp/resolv.conf
-rw-r--r--    1 root     root            71 Jan 12 21:23 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search ph
nameserver 127.0.0.1

==> /tmp/resolv.conf <==
search ph
nameserver 127.0.0.1

==> /tmp/resolv.conf.auto <==
# Interface lan
nameserver 10.0.1.2 (this is the pihole)
# Interface wan
nameserver 1.1.1.1