Steve, The easiest next step to troubleshoot is to manually set the iPad's DNS to point to the pfSense. If that works, then you know the problem is in the PiHole. If that doesn't work, try setting the iPad to use Google Public DNS (8.8.8.8 and 8.8.4.4). If that works, then the problem is the pfSense. If that doesn't work, then the problem is the iPad itself.
To change the iPad's DNS server, you can follow these instructions: http://www.macinstruct.com/node/452 The next troubleshooting step would be to do a packet capture of whichever leg of the query (iPad -> PiHole, PiHole -> pfSense, or pfSense -> Internet) seems to be the problem. Set a filter on the packet capture to capture only DNS traffic (port 53). Then you can see if the request is malformed, if no response ever comes back, or if the response is malformed. Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Sat, Feb 18, 2017 at 3:35 PM, Steve Berg <sb...@mississippi.com> wrote: > Having an odd issue with DNS not resolving for one hostname from one > client. > > I've got this setup: > > cable modem -> pfSense (2.3.2-RELEASE-p1) -> internal network > > Inside the network I have a piHole running on an RPi3 and all systems get > a statically mapped DHCP address (from pfSense) and the piHole is set to be > DNS. piHole uses pfSense as it's upstream DNS so all all internal > hostnames resolve locally from piHole/pfSense, outside hostnames come from > dnsmasq on piHole or pfSense. > > On my iPad when connected to the WiFi I cannot resolve the IP for our > local newpaper's website, all other hostnames seem to resolve just fine. > That newpaper site resolves for other clients on the internal network with > no problem including an iPhone on the WiFi. As soon as I turn the iPad's > WiFi off and connect via Verizon LTE it sees the newspaper site just fine. > > Only the one wireless device is showing this problem so far. Nothing on > the wired network, and not the other three wireless devices. > > I've turned on DNS forwarder on pfSense and DNS resolver, but I really > don't think it's either of those because I'm not seeing the problem on > anything but the one iPad. > > I'm fairly new to pfSense but not to general networking so this one has me > stumped at the moment. I have looked into using pfBlockerNG instead of > pihole but I'd rather figure this problem out first. If anyone has > suggestions on what might be wrong and how to fix I'd appreciate it. > > > -- > //- Fixer of that which is broke -// > //- Home = sb...@mississippi.com -// > //- Sinners can repent, but stupid is forever. -// > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
