Thank you jfb, regarding the .local domain query that my mac generates here's an example of related queries logged in the /etc/var/pihole.log
file
Jan 26 13:46:03 dnsmasq[736]: query[SOA] local from 192.168.1.4
Jan 26 13:46:03 dnsmasq[736]: forwarded local to 84.200.70.40
Jan 26 13:46:03 dnsmasq[736]: validation result is SECURE
Jan 26 13:46:04 dnsmasq[736]: query[SOA] local from 192.168.1.4
Jan 26 13:46:04 dnsmasq[736]: forwarded local to 84.200.70.40
Jan 26 13:46:05 dnsmasq[736]: validation result is SECURE
Jan 26 13:46:13 dnsmasq[736]: query[SOA] local from 192.168.1.4
Jan 26 13:46:13 dnsmasq[736]: forwarded local to 84.200.70.40
Jan 26 13:46:13 dnsmasq[736]: validation result is SECURE
Regarding the second problem with the unresolved Lloyds domain here's the result of dig online.lloydsbank.co.uk
dig online.lloydsbank.co.uk
; ; Truncated, retrying in TCP mode.
; <<>> DiG 9.10.6 <<>> online.lloydsbank.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22202
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;online.lloydsbank.co.uk. IN A
;; ANSWER SECTION:
online.lloydsbank.co.uk. 39 IN CNAME online.lloydsbank.co.uk.edgekey.net.
online.lloydsbank.co.uk.edgekey.net. 21519 IN CNAME e4535.ksd.akamaiedge.net.
e4535.ksd.akamaiedge.net. 20 IN A 104.74.131.21
;; Query time: 5923 msec
;; SERVER: 192.168.1.16#53(192.168.1.16)
;; WHEN: Sat Jan 26 17:55:01 GMT 2019
;; MSG SIZE rcvd: 152
And here's the corresponding entry in /etc/var/pihole.log
Jan 26 17:54:35 dnsmasq[736]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 17:54:35 dnsmasq[736]: forwarded online.lloydsbank.co.uk to 84.200.70.40
Jan 26 17:54:35 dnsmasq[736]: dnssec-query[DNSKEY] lloydsbank.co.uk to 84.200.70.40
Jan 26 17:54:35 dnsmasq[736]: reply online.lloydsbank.co.uk is <CNAME>
Jan 26 17:54:35 dnsmasq[736]: reply online.lloydsbank.co.uk.edgekey.net is <CNAME>
Jan 26 17:54:35 dnsmasq[736]: reply e4535.ksd.akamaiedge.net is 104.74.131.21
Jan 26 17:54:35 dnsmasq[15253]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 17:54:45 dnsmasq[15254]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 17:54:47 dnsmasq-dhcp[736]: no address range available for DHCPv6 request via eth0
Jan 26 17:54:53 dnsmasq[15255]: query[A] 0.debian.pool.ntp.org from 127.0.0.1
Jan 26 17:54:55 dnsmasq[15256]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 17:55:01 dnsmasq[15256]: forwarded online.lloydsbank.co.uk to 84.200.70.40
Jan 26 17:55:01 dnsmasq[15256]: dnssec-query[DNSKEY] lloydsbank.co.uk to 84.200.70.40
Jan 26 17:55:01 dnsmasq[15256]: reply lloydsbank.co.uk is DNSKEY keytag 24067, algo 8
Jan 26 17:55:01 dnsmasq[15256]: reply lloydsbank.co.uk is DNSKEY keytag 44230, algo 8
Jan 26 17:55:01 dnsmasq[15256]: reply lloydsbank.co.uk is DNSKEY keytag 8190, algo 8
Jan 26 17:55:01 dnsmasq[15256]: dnssec-query[DS] edgekey.net to 84.200.70.40
Jan 26 17:55:01 dnsmasq[15256]: reply edgekey.net is no DS
Jan 26 17:55:01 dnsmasq[15256]: validation result is INSECURE
Jan 26 17:55:01 dnsmasq[15256]: reply online.lloydsbank.co.uk is <CNAME>
Jan 26 17:55:01 dnsmasq[15256]: reply online.lloydsbank.co.uk.edgekey.net is <CNAME>
Jan 26 17:55:01 dnsmasq[15256]: reply e4535.ksd.akamaiedge.net is 104.74.131.21
The very weird thing is that about an hour later I tried again dig online.lloydsbank.co.uk
and I had no response whatsoever:
dig online.lloydsbank.co.uk
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.10.6 <<>> online.lloydsbank.co.uk
;; global options: +cmd
;; connection timed out; no servers could be reached
And the corresponding entry in `/etc/var/pihole.log`
Jan 26 19:24:03 dnsmasq[736]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 19:24:03 dnsmasq[736]: forwarded online.lloydsbank.co.uk to 84.200.70.40
Jan 26 19:24:03 dnsmasq[736]: dnssec-query[DNSKEY] lloydsbank.co.uk to 84.200.70.40
Jan 26 19:24:03 dnsmasq[736]: reply online.lloydsbank.co.uk is <CNAME>
Jan 26 19:24:03 dnsmasq[736]: reply online.lloydsbank.co.uk.edgekey.net is <CNAME>
Jan 26 19:24:03 dnsmasq[736]: reply e4535.ksd.akamaiedge.net is 104.89.35.51
Jan 26 19:24:03 dnsmasq[16379]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 19:24:13 dnsmasq[16380]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Jan 26 19:24:23 dnsmasq[16381]: query[A] online.lloydsbank.co.uk from 192.168.1.4
Finally, here's the result of the scutil --dns
command on my Mac
DNS configuration
resolver #1
search domain[0] : device
nameserver[0] : 192.168.1.16
if_index : 7 (en0)
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 301000
DNS configuration (for scoped queries)
resolver #1
search domain[0] : device
nameserver[0] : 192.168.1.16
if_index : 7 (en0)
flags : Scoped, Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)