Hi Bart — I appreciate the note.

Certainly your client is likely to be caching the DNS response. How long it does it for will come down to the TTL on each individual domain you query. Some will be very short, others could run in to minutes or even hours.

I did some digging on how pihole manages TTL’s. If you block a domain, then unblock it again, you should notice it becomes unblocked almost immediately. This is due to dnsmasq using a TTL of 2 seconds. If a domain is not blocked, it will provide the TTL of the target domain. For example, with google.com I just got a TTL of 3000 seconds. That means you’ll need to wait up to 5 minutes to see it get blocked.

What you need is pihole (or the DNS resolver, dnsmasq) to shorten the TTL regardless of whether the domain is blocked or not. I found this just worked for me (pick your favorite editor):

sudo nano /etc/dnsmasq.d/03-customchanges.conf

Add the lines:

max-ttl=5
max-cache-ttl=5

Then restart the DNS service:

sudo pihole restartdns

This tells dnsmasq to only ever send 5 second TTL’s, and also only cache the result for up to 5 seconds.

Be aware that shortening the TTL will increase load on your Rasberry Pi. I wouldn’t recommend zero as every request will need to be looked up, which on an average web page will be very wasteful and likely slow the browsing experience. I picked 5 seconds as it’s likely long enough to load the page, whilst being short enough to live with waiting for it to get re-read for a block change.

Although there are other approaches via firewalling, this is going to be by far the simplest way.

Could I ask you to let me know how you get on? If all goes well I’d like to update the article.

Thank you!

James