Pi-hole DNS requests on mobile apps are being redirected to router's DNS

chriscacadus · January 11, 2023, 6:50pm

Hello, I've been trying to configure a Pi-hole to run in my network, not through DHCP but by manually setting the DNS server on the target device as Pi-hole's address (this will be relevant later).
The setup for my network looks like this:
192.168.1.1 - The modem/router
192.168.1.3 - The device (android phone)
192.168.1.7 - The raspberry pi in which Pi-hole is hosted

The router uses automatically assigned DNS (by the ISP)
The device has a manually assigned static IP address, with DNS server set to 192.168.1.7
The raspberry also has a manually assigned static IP address

The problem: On the android device if I try to test the ad blocking on a web browser (in this case Chrome) by going to the website Ad Blocker Test (d3ward.github.io), the ads do get blocked, hinting that the pihole is working properly. However, if I try to test the ad blocking on mobile apps, the ads are still there!

I found a couple solutions:

Setting the PPP DNS server (the one the router uses, which corresponds to the DNS used by the WAN interface) to Pi-hole's address, however this is not a viable option since this means the whole network's traffic is redirected to the Pi-hole.
Disabling the "peerdns" option, which allows the Pi-hole to work as intended, but stops the router from working as a dns server, forcing to use either public DNS servers or Pi-hole as the DNS server in the DHCP server, also stopping the server from automatically getting DNS servers from the peer when rebooting.

Any feedback would be greatly appreciated.

trendy · January 11, 2023, 6:58pm

Most likely the mobile apps are bypassing the setting you have for pihole, hence it works with the browser but not in the apps.

chriscacadus · January 11, 2023, 7:49pm

Mhh ok but why does it block them if I set pihole as my router's WAN DNS server?

trendy · January 11, 2023, 7:52pm

Because maybe they are trying to bypass it by using the router as DNS.

chriscacadus · January 11, 2023, 7:59pm

Ohh ok that would make sense, is there any way to force them to use pihole as DNS? Well, other than setting the router's DNS to pihole. Maybe using dnsmasq to stop intercepting traffic from a specific interface or using iptables to force pihole as DNS?
Edit: If it can be of any help, I'm using a wireless range extender as a "pihole network" while leaving the rest of my network with my router as DNS server, it has its own DHCP server which I set to give IP's from 192.168.1.100 to 192.168.1.199

frollic · January 11, 2023, 8:17pm

chriscacadus · January 11, 2023, 8:22pm

I actually read that article yesterday and forgot about it. Is there any way to configure this in order do hijack only addresses from 192.168.1.100 to 192.168.1.199? Or maybe is it better to create a VPN and put the the devices in there?

chriscacadus · January 12, 2023, 12:20am

Hey so it turns out that the android apps were using my IPv6 DNS, so I disabled DHCPv6 with

/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop

and the ads stopped appearing from the apps as well!
It's honestly very odd how the DHCPv6 gets mentioned very seldomly in this kind of problems, I noticed it only when I switched to another phone, since on my samsung the IPv6 DNS doesn't even get displayed. I partially found the solution from this post

but was sheer luck that I noticed the IPv6 DNS on my other phone and thought it might have had something to do with it. Anyways, thanks everyone for the help!

system · January 22, 2023, 12:20am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.