Question PiHole Lists?

[Homerboy]

I just set up a PiHole on my network yesterday and it generally seems to be running ok (except stupid AT&T doesn't let you change your DNS so that's a pain in the butt. At least my Ubiquity AP allows for manual DNS)
However, it still seems on some pages that ads will load (like the big banner ad at the top of CNN.com. I'm trying to find the latest and greatest lists out there, but I can't seem to find a good (new) comprehensive list.
Any help or ideas?

 

[NobleX13]

It's been a while since I've ran PiHole, but I think I tried running some of the lists from here https://firebog.net/

 

[mxnerd]

Try https://github.com/StevenBlack/hosts

 

[ch33zw1z]

Are you sure your DNS requests are always hitting pihole server?

 

[Homerboy]

Are you sure your DNS requests are always hitting pihole server?

well, on this machine I set the DNS in the network adapter to the pihole - no secondary. So not sure where else it would be getting DNS from then.
It seems google ads are the biggest culprit getting through (and one of the biggest ad providers too naturally.

 

[ch33zw1z]

well, on this machine I set the DNS in the network adapter to the pihole - no secondary. So not sure where else it would be getting DNS from then.
It seems google ads are the biggest culprit getting through (and one of the biggest ad providers too naturally.

Fair enough, it's easy to check by use cmd prompt and nslookup, both DNS are piholes I have running

nslookup forums.anandtech.com
Server:  ubuntu
Address:  192.168.1.30

Non-authoritative answer:
Name:    dra7275p949yj.cloudfront.net
Addresses:  13.225.221.103
          13.225.221.109
          13.225.221.32
          13.225.221.30
Aliases:  forums.anandtech.com

You can query a specific DNS server like this

nslookup forums.anandtech.com 10.0.10.30
Server:  edge
Address:  10.0.10.30

Non-authoritative answer:
Name:    dra7275p949yj.cloudfront.net
Addresses:  13.226.98.59
          13.226.98.4
          13.226.98.112
          13.226.98.33
Aliases:  forums.anandtech.com

So far I've been using the default lists. Under the web-gui > tools > update gravity. But I'll be checking out other poster's links.

Got a specific link you were having ad's on? I wouldn't mind checking it out to see if my servers also block it (or not)

 

[Homerboy]

Fair enough, it's easy to check by use cmd prompt and nslookup, both DNS are piholes I have running

nslookup forums.anandtech.com
Server:  ubuntu
Address:  192.168.1.30

Non-authoritative answer:
Name:    dra7275p949yj.cloudfront.net
Addresses:  13.225.221.103
          13.225.221.109
          13.225.221.32
          13.225.221.30
Aliases:  forums.anandtech.com

You can query a specific DNS server like this

nslookup forums.anandtech.com 10.0.10.30
Server:  edge
Address:  10.0.10.30

Non-authoritative answer:
Name:    dra7275p949yj.cloudfront.net
Addresses:  13.226.98.59
          13.226.98.4
          13.226.98.112
          13.226.98.33
Aliases:  forums.anandtech.com

So far I've been using the default lists. Under the web-gui > tools > update gravity. But I'll be checking out other poster's links.

Got a specific link you were having ad's on? I wouldn't mind checking it out to see if my servers also block it (or not)

Interesting and good notes to work off of.
Just go to cnn.com
does the big top banner load for you?

 

[Fanatical Meat]

@Homerboy please give a review after using it for some time.
Let me know if there are problems with shopping because my wife would hate that.

 

[ch33zw1z]

Interesting and good notes to work off of.
Just go to cnn.com
does the big top banner load for you?

View attachment 22004

No, looks fine:

nslookup www.cnn.com
Server:  ubuntu
Address:  192.168.1.30

Non-authoritative answer:
Name:    turner-tls.map.fastly.net
Addresses:  2a04:4e42:5::323
          151.101.21.67
Aliases:  www.cnn.com

Also, when I setup pihole, i choose to use QUAD9 Filtered + DNSSEC, not sure that makes a difference.

 

[Homerboy]

No, looks fine:

View attachment 22005

nslookup www.cnn.com
Server:  ubuntu
Address:  192.168.1.30

Non-authoritative answer:
Name:    turner-tls.map.fastly.net
Addresses:  2a04:4e42:5::323
          151.101.21.67
Aliases:  www.cnn.com

Well, Why is mine not working?

 

[ch33zw1z]

Well, WTF. Why is mine not working?

Not sure, what's the IP of your DNS server.

1. Can you ping it?
2. What does nslookup respond with?
3. What does ipconfig /all think your DNS server is
4. What upstream service did you choose to use?
5. What web browser?

I just discovered this morning that my wife's win10 laptop was not releasing DNS IP's even when switching wifi networks (I have 4 vlan's total, each wifi on it's own). So she was having some weird issues from time to time. Probably when i started messing with the pihole servers. So trying to basic troubleshooting helped to narrow it down, but ended up having to uninstall the wlan adapter (not delete drivers) and reboot. that got it working again.

 

[Homerboy]

@ch33zw1z could you post the lists your using? I want to strip back to "stock" and rebuild my lists.

 

[ch33zw1z]

@ch33zw1z could you post the lists your using? I want to strip back to "stock" and rebuild my lists.

This is a stock install of pihole, all 3 of my pihole servers haven't been modified from the base install.

 

[Homerboy]

Not sure, what's the IP of your DNS server.

1. Can you ping it?
2. What does nslookup respond with?
3. What does ipconfig /all think your DNS server is
4. What upstream service did you choose to use?
5. What web browser?

I just discovered this morning that my wife's win10 laptop was not releasing DNS IP's even when switching wifi networks (I have 4 vlan's total, each wifi on it's own). So she was having some weird issues from time to time. Probably when i started messing with the pihole servers. So trying to basic troubleshooting helped to narrow it down, but ended up having to uninstall the wlan adapter (not delete drivers) and reboot. that got it working again.

I can ping my PiHole just fine (that sounds dirty)
damn it, this VM is using IPV6?! I didn't even realize that.
How can I tell what the IPV6 address of the PiHole is?
Or better yet, how the hell do I get this VM off IPV6?

 

[Homerboy]

This is a stock install of pihole, all 3 of my pihole servers haven't been modified from the base install.

View attachment 22006

Ok I've reverted back to just those 4 lists. So I'm back to a baseline now.
The problem I'm guessing is that this VM is running on IPV6 and I only updated the IPV4 settings in the network adapter. I'd guess I need to change the IPV6 settings as well so that the DNS is pointed towards my pihole, but no idea how to either A) switch to IPV4 or B) update the IPV6 DNS setting

 

[Homerboy]

Actually, I take that back maybe...
It looks like the VM is running IPV6 and IPV4.
The IPV6 DNS is still hitting AT&T's DNS though. As you can see below, the secondary DNS is showing as 192.168.1.201 which is my pihole.
So I think I just need to kill this IPV6 crap?

 

[Homerboy]

Yeap. Killed IPV6 and cnn.com has no banner

 

[ch33zw1z]

Couldn't hurt, my pihole doesn't use IPv6

Actually, I take that back maybe...
It looks like the VM is running IPV6 and IPV4.
The IPV6 DNS is still hitting AT&T's DNS though. As you can see below, the secondary DNS is showing as 192.168.1.201 which is my pihole.
So I think I just need to kill this IPV6 crap?

View attachment 22009

What VM is it? What OS?

 

[bigi]

I've ran pihole in nas/docker with default settings and did not see ads. This has been a testing phase as I only directed my PC DNS to pihole. Looks promising. Next, I'll probably hook it up to my entire rig.

 

[Homerboy]

I've ran pihole in nas/docker with default settings and did not see ads. This has been a testing phase as I only directed my PC DNS to pihole. Looks promising. Next, I'll probably hook it up to my entire rig.

It's been running fine now for me since this post. Sadly, AT&T does not allow you to manually configure DNS in their gateway, so it has to be done at the individual PC level. I was able to change the DNS in my Wireless AP though so helps on the wireless devices at least. It is pretty fun to have to browsers open and split screen/dual monitor them. On one have the piHole console open, and on the other pull up something with a lot of ads (cnn.com, yahoo.com....anandtech.com) and watch the little counter on PiHole go up

 

[mxnerd]

@Homerboy Just disable AT&T's gateway DHCP server, and use PiHole's DHCP server instead for your LAN.

 

[Homerboy]

@Homerboy Just disable AT&T's gateway DHCP server, and use PiHole's DHCP server instead for your LAN.

I thought about that, not sure why I opted against it. I think I was concerned about issues if the pihole server went down (running in a docker on an unRaid server , so I do reboot in every once in a while)

 

[sdifox]

It's been running fine now for me since this post. Sadly, AT&T does not allow you to manually configure DNS in their gateway, so it has to be done at the individual PC level. I was able to change the DNS in my Wireless AP though so helps on the wireless devices at least. It is pretty fun to have to browsers open and split screen/dual monitor them. On one have the piHole console open, and on the other pull up something with a lot of ads (cnn.com, yahoo.com....anandtech.com) and watch the little counter on PiHole go up

You have your own router no? Just set it up there.

 

[ch33zw1z]

You have your own router no? Just set it up there.

If it's a ISP gateway, probably modem/router device.

Maybe he can set the ATT gateway to bridge mode and get a standalone router to run everything

 

[Homerboy]

If it's a ISP gateway, probably modem/router device.

Maybe he can set the ATT gateway to bridge mode and get a standalone router to run everything

I could go that route, or as suggested earlier, let pihole handle the DHCP aspect of everything. That's all just more work and it seems like it's working fine now by manually setting the IPv4 properties on the 2 hardwired PCs in my house and then on my Wireless AP seeing the DNS to the pihole.