Indeed it seems that my pi running pi-hole is already running an NTP service.
presumably, then I can just redirect requests to time.windows.com to localhost on the pihole
Is that a question ?
You know my opinion, try push NTP IP (not name) through DHCP.
Sorry for not being clear.
I am pushing NTP using IP through DHCP from my EdgeRouter-X. The IoT devices do not appear to be respecting it, though I restarted them... perhaps they have some cache. I'll wait and see what happens with them tomorrow.
jfb (can't @-mention other users yet 
) indicated above that if I add time.windows.com to the hosts file on my pihole that I can redirect it from there. I suspect this will have the effect of redirecting all clients. I would prefer to only do it for my IoT devices. I will test modifying the hosts file tomorrow.
Yes, the devices need to renew their DHCP lease for the changes to propagate.
Power cycling them is on of the options to renew the lease.
Normal devices honer the DHCP options received.
Normal non M$ devices dont query time.windows.com for time 
They're not M$ devices. They're Alexa-enabled IoT devices. Specifically they're OneLink Safe and Sound smoke detectors.
Thats a sad implementation by Alexa using M$'s time servers.
They have huge public NTP pools available to them on the net as alternative.
EDIT: and more tracking opportunities for M$.
Regardless of them not respecting my timeserver config, they're requesting it every 40 seconds.
The result is that, over time, nearly half my outbound requests are NTP 
1 Like
Thats nice thing about Pi-hole, it shows some of the crappy implementations.
Not so good for the dashboard though 
That’s odd. I have two Dots, an Echo and 8 Amazon Smart Plugs and none of those devices have ever queried “time.windows.com”. I mean like, ever! The only time I occasionally see that domain is when I power up my Windows 10 Gaming PC. Are you sure those queries are being generated by the Amazon devices?
Yeah. They are OneLink Safe and Sound alexa-enabled smoke detectors.
The traffic is very strange. They're hitting www.microsoft.com, www.yahoo.com, www.amazon.com, time.windows.com.... every 40 seconds.
1 Like
Thanks for this, it works!
However, I also noticed that I can do this in the PiHole UI directly under "Local DNS Records"
So now, I think, that my feature request would be "Allow Local DNS Records to apply to groups, rather than globally."
Would you mind to file a new feature request then please?
What is the objection to all your clients using a local time server? That's going to be quicker and less internet traffic.
Will do, thanks!
I can envision a scenario where I don't want to prevent my well-mannered clients from hitting their NTP server of choice.
Ahhhhhhh ok, they’re Alexa enabled devices but aren’t devices made by Amazon. That explains those weird queries.
Problem is that they’re Alexa ENABLED devices, but I’m almost 100% positive Amazon doesn’t directly manufacture those products. They’re just Alexa enabled. I have 11 Amazon/Alexa devices and I haven’t even seen 1 query for any kind of NTP server from them.
1 Like
Thanks for opening the new FR. I'm going to close this now.