Thank you kindly for your incredibly detailed replies to my somewhat vague and hastily written help request. Appreciate you migrating this to a new thread, as well. DNS is a real nightmare to attempt to troubleshoot, especially when one does not fully grasp the underlying protocol.
Perhaps in the upgrade from Raspbian buster > bullseye somethings may have broken, but the DS3231 RTC I installed in 2018 2019 (for DNSSEC purposes, thanks to recommendations here) appears to still be working just fine, at least compared with time.gov website.
sudo hwclock -r
2021-11-12 09:52:17.066233-05:00
I discovered a vast number of NTP requests coming from my Cisco "core" switch. Somehow that device did NOT adjust itself properly after returning from Daylight Savings to Standard time, I have now updated it manually.
My router has the following NTP servers applied; 0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org 3.us.pool.ntp.org which are then passed out to the entire network via DHCP (which i have attempted to confirm via NMAP):
sudo nmap --script broadcast-dhcp-discover
[sudo] password for user:
Starting Nmap 7.80 ( https://nmap.org ) at 2021-11-12 10:13 EST
Pre-scan script results:
| broadcast-dhcp-discover:
| Response 1 of 1:
| IP Offered: 192.168.11.60
| DHCP Message Type: DHCPOFFER
| Server Identifier: 192.168.11.1
| IP Address Lease Time: 2m00s
| Renewal Time Value: 1m00s
| Rebinding Time Value: 1m45s
| Subnet Mask: 255.255.255.0
| Broadcast Address: 192.168.11.255
| Domain Name Server: 192.168.11.7, 192.168.11.8
| Domain Name: lab.example.com
|_ Router: 192.168.11.1
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 3.22 seconds
This is a wonderful thread, apparently I had a draft reply written here, but never followed up to finish posting.
Yet again, you are spot on, sir. Unsure how i failed to notice the change in interface name post buster upgrade. Now resolved, we're back to eth0 finally.
I adjusted this once upon a time, based upon a recommendation you had made to me, many many moons ago, in order to allow connectivity for our various voice assistant / listening devices we've planted all around the home (connected to a separate SSID walled off from the LAN as an "untrusted" IoT VLAN), but almost certainly misconfigured this and will try "Listen on all interfaces" (one hop, local devices). I've been utilizing the same DNS redirect (sNAT) & captive DNS (dNAT) for years on my Edgerouter, but perhaps I need to revisit things and make sure there are no other potential configuration issues on my end, however that doesn't seem very likely at this stage in the game.
user@er12:~$ show dns forwarding statistics
----------------
Cache statistics
----------------
Cache size: 1000
Queries forwarded: 0
Queries answered locally: 104
Total DNS entries inserted into cache: 0
DNS entries removed from cache before expiry: 0
---------------------
Nameserver statistics
---------------------
Server: 192.168.11.8
Queries sent: 0
Queries retried or failed: 0
Server: 192.168.11.7
Queries sent: 0
Queries retried or failed: 0
Things do not seem to be escaping my attempts at capturing and invisibly redirecting DNS requests from the LAN. I cannot begin to thank you enough for all the time and patience with my various, disjointed (often times vague) support requests. Hopefully I've resolved the most glaring issues. Will continue testing through the weekend and see how we make out. So sorry to take much of your precious time with this. Be safe, @Bucking_Horn sir.
EDIT: Perhaps i'm still getting adjusted to all the new query types that are displayed in the latest version, but it seems as if i'm getting an awful lot of pihole2 requests across both devices. At this point I probably should just start with a fresh image of the SD card and rebuild it all properly from the ground up. I'm spending far too much time chasing my tail... and wasting your valuable time in the process.