Allo and PiHole

I recently upgrade my Allo wireless to using their Blast Router. After I upgrade to the Blast Router, my DVR and set top boxes (STB) could no longer connect. Working with their support team, there was a few things that they thought that it might be because I changed the default IP range away from 192.168.1.0/24. Another thought was that the STBs needed the DHCP turned on as I turned it off. I also run PiHole on my network for DNS and DHCP. Lucky for me I have my PiHole sending its data to Splunk.

After resetting the STBs and Blast Router to factory defaults with the Allo Support team, I went through testing each part of the theories. I changed the default IP range and rebooted the STBs and everything connected. I changed the DNS to PiHole and rebooted the STBs. The STBs did not connect. I changed the DNS back to the internal and everything connected. I changed the DHCP to the PiHole and rebooted the STBs with the DNS pointed to the internal DNS server. After a reboot, the STBs connected with out an issue. I then changed the DNS to point to the PiHole DNS server and rebooted the STBs. They were unable to connect. So the issue is the DNS server in PiHole.

I jumped over to Splunk after grabbing the IPs for the STBs. A quick search of:

index=”pihole” (src=”172.16.24.200″ OR src=”172.16.24.201″ OR src=”172.16.24.202″) answer=NXDOMAIN

showed me that there were some domains that PiHole wasn’t able to resolve.

A quick stats command and I have a list of the domains that the STBs were looking for.

index=”pihole” (src=”172.16.24.200″ OR src=”172.16.24.201″ OR src=”172.16.24.202″) answer=NXDOMAIN
| stats count by query
| sort – count

Now the question is why are they failing and were should they go? Doing a nslookup externally comes back empty and this is why PiHole was failing.

% nslookup pflocal.iptvtg.com 8.8.8.8

Server: 8.8.8.8

Address: 8.8.8.8#53

** server can’t find pflocal.iptvtg.com: NXDOMAIN

I can still ask the Blast Router what it has for DNS for those addresses

% nslookup pflocal.iptvtg.com 172.16.24.1

Server: 172.16.24.1

Address: 172.16.24.1#53

Name: pflocal.iptvtg.com

Address: 10.131.7.82

Now I have two ways I can solve this issue.

  1. I can forward any unknown domains to the Blast Router and it will forward them along
  2. I can get the list of domain requests, do a lookup for them to the Blast Router, and add them as a local DNS entry.

I went for #2. Below are the list of domains that I needed to add to my local DNS:

DomainIP
appstore001.iptvtg.com10.11.154.10
mdspf301.iptvtg.com10.11.150.10
pflocal.iptvtg.com10.131.7.82
time.iptvtg.com10.10.5.100