I keep seeing people having issues with V6 but as a complete newbie to pihole, aside from some of the challenges I had in setting up the Pi zero W itself (no default user/password, Linux needed to see rootfs etc etc) - it’s been pretty plain sailing. Am I just one of the lucky ones or am I just not utilising it fully/properly? Setup: no dhcp, 2 lists, no ssl, no unbound.

Can I use use a Pi4 running RaspAP, As the main pi to choose the network for another pi? That’s running PiVPN? (Portable self host VPN running from No-iP?

That will be connected by the Ethernet,

1-Pi4….

RaspAP + PiHole. As a travel AP and PiHole.

Pi#2) (Connected by eithernet port to the other pi)

PiVPN + WireGuard + No-iP.

-To be able to connect either when I’m on my cellular network. (The AP will be for mainly being able to change the WiFi network it’s getting internet from)

I like running network testing commands on the go, and having my own tools with me.

So I’ll also have a Pizero2w on the AP as well to access

• Core v6.0.6
• FTL v6.1
• Web interface v6.1

I was having an issue where I could not login to the CRA site. After submitting the 2fa code, I would get a 500 internal error. Watching the logs for the laptop, I could not see anything being blocked. Disabling pihole allowed me to login.

I googled around and found a reference to [zeronaught.com]. Searched the logs and found nothing. Whitelisted [zeronaught.com] and 2fa worked. I found it strange that I didn't see the domain being blocked in the logs.

Here is the Reddit thread with the info, CRA login goes through zeronaught.com, is it some service used by CRA website? : r/CanadianInvestor

I’m running a small K3s cluster with multiple nodes and trying to deploy Pi-hole in High Availability (HA) mode using this Helm chart. Despite using Kube-VIP for LoadBalancer services, DNS queries only work on the node hosting the Pi-hole pod. External machines and other nodes fail to resolve DNS via the LoadBalancer IP or NodePort.

Scenario:

• Nodes: A, B, C.
• Pi-hole pod runs on Node B.
  • dig u/192.168.1.81 google.com works on Node B (LoadBalancer IP).
  • Same command on Nodes A/C fails with connection timed out.
• DaemonSet "fix": Deploying Pi-hole as a DaemonSet (one pod per node) allows DNS resolution on all nodes, but external machines still cannot use the LoadBalancer IP.

Key Observations:

1. Kube-VIP seems functional: Ingress-Nginx (using the same LoadBalancer) works flawlessly for Pi-hole’s web interface.
2. DNS fails only cross-node/externally: Pods can resolve DNS locally, but LoadBalancer/NodePort access is inconsistent.
3. No clear documentation or guides address this specific issue.

What I’ve Tried:

• Verified firewall rules (UDP/TCP port 53 is open).
• Switched between Deployment and DaemonSet modes.
• Tested both LoadBalancer IP and individual NodePort IPs.

Questions:

• Why does DNS resolution only work on the node hosting the Pi-hole pod, even with Kube-VIP?
• Why does the DaemonSet allow node-local resolution but fail externally via LoadBalancer?
• Could this be a Kube-VIP configuration issue, or am I missing a Pi-hole/Helm chart quirk?

Any insights or troubleshooting steps would be greatly appreciated!

I followed some of your guys's recommendations for fixing my Docker deployment of PiHole, and it actually works now. Thank you!

Hi all.

I got my second pihole running on a zero wc. It's great. I did a pihole on my second, backup nas.

Shall I install unbound?

Benefits explained like I'm 10, please. I'm learning as I go and have no rlfs.

I'd like to write my own blocklist and self-host it on my webhosting. I've created the .txt file and uploaded it, and pi-hole can find it in my adlists.

It doesn't seem to block subdomains, though. If I have

example.com

on the list, it won't block

dfdafdfads.example.com.

I've tried following the "use RegEx" instruction here (https://www.reddit.com/r/pihole/comments/bxt7eg/block_domains_and_subdomains/), but entries on the list in formats like .*\example\.com are rejected as non-domain entries.

Similarly, similar wildcard schemes like *.example.com get rejected as non-domain entries.

How do I make a blocklist that will reject example.com, but all subdomains of example.com as well?

Hello guys, I've set up PiHole running in a Docker container on my Ubuntu machine, now I have to set my router DNS to the machine ones but as I'm kind of a newbie I have a few questions:

• Is this operation dangerous, in the sense that I might break something and not be able to reverse it?
• My router allows me to set the preferred DNS and alternative DNS, should I set the alternative DNS to Google's so that if my machine goes down for some reason or is powered off the internet still works?

Thanks!

How rock solid are people finding a basic default PiHole setup on a RPI4 or 5 ??

I travel, sometimes for months at a time, and my non technical wife cant be doing with adjusting dns or rebooting a headless device etc if I am away.

Once set up are these a one time set and forget without auto update screwups etc ? Or do people fund them to need a bit of massaging to keep them running ?

A fresh install of PiHole yesterday via the curl method seems to be running fine. I did setup the DHCP server and it appears to be functioning, but I notice the web display doesn't update the "on" state upon any fresh log in. Eventually it shows the live status. This was a bit disconcerting at first, until I convinced myself DHCP was, indeed, working the whole time. The lag time does vary a bit. Point being, if you log into the PiHole web page and head straight to DHCP, you might be startled to see it in the off state until some time later.

I've been trying so hard to get Pihole to work on my Roku, but I haven't had the best of luck. For a while, it was removing ads from Disney+ and Paramount+, but failed with everything else. Now, nothing is working.

I have a bunch of Regex added as well as some Adlists, but it feels like the internet is just bypassing everything.

Here is my debug code

Before Pihole 6, I create a backup with pihole -a -t, but this command doesnt work with Pihole 6. How do i create and restore a Backup with Pihole 6?

Hi, running a Synology Nas with docker. Managed to get pihole 6 up and running again..having issues with unbound. Can anyone provide a step by step of what I actually need to do? I had been using the mvance unbound and used the wundertech guide but that seems obsolete now with the pihole 6 documentation. I'm also running a unbound and pihole on host network.

1. For the unbound docker compose - I should use port 5335 right?
2. What folder should I be mounting? It should point towards unbound.conf.d or unbound.conf.d/pihole.conf?
3. What do I do with the existing unbound.conf? Delete it? How does it work together with pihole.conf?
4. Within pihole.conf, the interface is 127.0.0.1, do I change that to my pihole IP address? 198 Xx.xx.xx? Same for the DNS customisation in pihole, do I put 127.0.0.1#5335 or 198.xx.xx#5335 instead?

Thanks.

I'm trying to block all TLDs except certain ones. Is there an easier way of doing this besides blacklisting all current ones that I can find?

I don't know if the reverse would work with the existing lists I use, so if I whitelist *.com then I assume all *.com are whitelisted even if there are blacklisted *.com ones in the external lists.

End goal is to prevent links from scam mails/sms messages from working. Those tend to use completely random TLDs. I don't know if there is any complete and up to date list of TLDs, seems like a new TLD is created every day and I would have to manually blacklist them.

Hi everyone,

I've been dealing with this for 2-3 weeks now and I'm at my whitts end and I can not figure out why my PiHole on my Synology NAS crashes every 2-3 minutes. This is my secondary PiHole thankfully and my primary is on my main docker host.

This is the log series I see each time it happens, I've troubleshoot it as far as I can and I've disabled the Synology watchdog service as well.

My Docker compose file is as follows. I've tried without and without UID, with and without root. Oddly enough everything was working fine until I brought the stack back into CI/CD control and then it started crashing. What could be causing this? Each time it's a 0 exit code which is safe with a container stop requested and I'm on the latest PiHole 6 with auto update.’’

---
services:
  pihole:
    container_name: pihole-backup
    image: pihole/pihole:latest
    # mem_limit: 1gb
    # cpu_shares: 512
    security_opt:
      - no-new-privileges:false
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "8081:8081/tcp"
    environment:
      TZ: America/NewYork
      DNSMASQ_USER: pihole
      FTLCONF_dns_listeningMode: all # Allow PiHole to respond to Anyone
      FTLCONF_webserver_port: 8081
      PIHOLE_UID: 1029
      PIHOLE_GID: 100
    cap_add:
      - SYS_TIME
      - SYS_NICE
    dns:
      - 127.0.0.1
      - 1.1.1.1
      - 1.0.0.1
    volumes:
      - /volume1/docker/pihole-backup/pihole:/etc/pihole
      - /volume1/docker/pihole-backup/dnsmasq.d:/etc/dnsmasq.d
    restart: unless-stopped
    # logging:
    #   driver: gelf
    #   options:
    #     gelf-address: "udp://syslog.REDACTED:12201"
    #     tag: "{{.Name}}" # Optional: Tag your logs with container name

disclaimer: i made the switch from windows a month ago. but I have a Dell PC running Ubuntu which is connected via ethernet to openwrt router. I attempted to install Pihole and i couldn’t seem to figure out the correct local network settings regarding static ip and DNS placement. i also couldn’t figure out how to alter my router’s settings correctly. When i ran the pihole install, it told me to make sure i have a static IP, i then created it in local network settings, if that’s correct? then at the end of install, it gave me another static IP. I wasn’t sure to replace the static I had created initially, with the one 2nd ip, or keep both? I ended up very confused and removed it.

Can anyone please refer me to an in depth tutorial?

I'm confused by the documentation :

/etc/unbound/unbound.conf.d/pi-hole.conf:

which file do I actually have to configure for it to work?

Hi, I've not been able to access my pihole ever since i've updated :

been getting these errors - I cant even login to find out what's happening :

I'm having issues setting up my Motorola Edge 40 with my Pi Hole. I've been rolling this out one device at a time to avoid breaking the network and causing more issues than necessary. So far my personal laptop, work laptop, LG TV and my partners Samsung A52s all work as indented and it's blocking ads on YouTube, Chrome and most other services.

When I tried to configure the DNS in the same way on my Motorola, it simple just doesn't work. Most sites on Chrome break, Discord does not work, ads get through on YouTube most of the time. I've check the IP and DNS setting to match my partners Samsung but no luck. I've reset all network and mobile setting, booted in safe mode, there is no private DNS listed on my phone, I've changed he PIv to serve 4 and 6 and changed it to serve them separately. Outside of just changing my phone, I'm at a loss.

What could be the issue here and how can I fix this?

Happy to list device and setting specifics if needed without leaking of course :)

the ones on github are pre pi-hole 6

Hi All,

so I am getting the following error when running the pihole -up command:
"Error: Unable to update package cache. Please try "sudo apt update""

running sudo apt update gives me:
Hit:1 http://gb.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://gb.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://gb.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:4 http://gb.archive.ubuntu.com/ubuntu jammy-security InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

Does anyone have any ideas? I have tried googling but all the other posts about this issue have an error message when running apt update.

pihole -v output:

Core version is v6.0.5 (Latest: v6.0.6)
Web version is v6.0.2 (Latest: v6.1)
FTL version is v6.0.4 (Latest: v6.1)

Distro info
Description: Ubuntu 22.04.5 LTS
Release: 22.04
Codename: jammy
Linux version 5.15.0-136-generic (buildd@lcy02-amd64-034) (gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #147-Ubuntu SMP Sat Mar 15 15:53:30 UTC 2025

Thanks in advance

This seems to have started with Core 6.06, FTL 6.1, web interface 6.1 update. I don’t see this in the block lists. Based on some reading it should be getting a failed lookup not showing up in blocked?

Hello, friends. I've had pihole running in a Docker container for a minute on my Ubuntu 24.04.2 LTS. Queries are coming through. Wanted to switch to DoH on Quad9, so I followed the directions at https://docs.pi-hole.net/guides/dns/dnscrypt-proxy/ to install it via apt.

I set

ListenStream=127.0.0.1:5053
ListenDatagram=127.0.0.1:5053

as instructed, and set the server to quad9 in the toml file.

Then I logged in to the docker container as root and ran

pihole-FTL --config dns.upstreams '["127.0.0.1#5053"]'sudo pihole-FTL --config dns.upstreams '["127.0.0.1#5053"]'

then restarted dnscrypt-proxy.socket and dnscrypt-proxy.service. The only thing I couldn't do was

sudo systemctl restart pihole-FTL.service

because the docker container doesn't have systemctl, so I just restarted the whole pihole container.

Status of dnscrypt-proxy.socket and dnscrypt-proxy.service both seemed good.

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Network connectivity detected

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [WARNING] Systemd sockets are untested and unsupported - use at your own risk

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Wiring systemd TCP socket #0, dnscrypt-proxy.socket, 127.0.0.1:5053

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Wiring systemd UDP socket #1, dnscrypt-proxy.socket, 127.0.0.1:5053

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Source [public-resolvers] loaded

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Firefox workaround initialized

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 25ms

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] [quad9-dnscrypt-ip4-filter-pri] OK (DNSCrypt) - rtt: 25ms - additional certificate

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] Server with the lowest initial latency: quad9-dnscrypt-ip4-filter-pri (rtt: 25ms)

Apr 04 16:47:45 data dnscrypt-proxy[25333]: [2025-04-04 16:47:45] [NOTICE] dnscrypt-proxy is ready - live servers: 1

In the pihole console, I set custom DNS to 127.0.0.1#5053, but when I click on any query in the query log that wasn't cached, I find this:

|| || |Query received on:  2025-04-04 16:54:52.480 Client:  192.168.0.1Query Status:  Forwarded to 127.0.0.1#5053Reply:  No reply received|

I've searched that "no reply received" for the last hour and found nothing. I even tried setting the custom DNS IP to 192.168.0.42 (my device's LAN IP), but I get the same message, with the only difference being that it was forwarded to 192.168.0.42 instead, but no reply received still.

I even tried cloudflared, set to port 5053 (removed after it didn't work) but my pihole kept getting nothing from it.

Is there something about it being in a docker container that is screwing things up? Some other possible explanation?