I'm not sure if this is the right forum or not. I'm running a pi-hole to reduce ads at home. After I upgraded to the latest and greatest iphone code, I noticed that I'm seeing a lot more ads. Checked pi-hole, and it is working fine. Check my phone, and pi-hole is first in the list followed by the two well known OpenDNS IPs. When I run a packet capture, my iPhone automagically chooses to use OpenDNS versus the local DNS server. I even put the pi-hole at the top and bottom of my list of DNS servers. The iPhone is still preferring OpenDNS.
I tried creating Layer 3 firewall rules to block just my phone's IP to OpenDNS, but that did not work. I ran packet capture and can see my phone hitting the two supposedly blocked IP addresses. The only way I have been able to block OpenDNS from my phone is to create a L7 rule that blocks access to dns.opendns.com, which isn't optimal since I'd like to still use DNS the next time my cat disconnects the pi-hole.
I ended up just using my MX as my secondary DNS server in my DHCP list. I removed the Layer 7 rule mentioned above. This seems to work fine now.
Yeah, this is an apple problem, but I'm sure they were paid to code this new "feature" by the ad companies.
Anyone have ideas on a less ham fisted better approach?
