this is probably no pi-hole related matter, but as I noticed it through my pi-hole dashboard, I'll try to gather some informations here in the general forums.
I am using pi-hole for years now and I am also using an AppleTV 4K for several years.
I haven't noticed any noteworthy amount of DNS requests from this device in all that timeframe. Until some days ago.
The device produces about 100-200 requests per ten minutes. See screenshots attached. Even more remarkable is the fact, that the device makes significantly more requests when it's in sleep mode. I used the device between 8-9.30pm (20-21.30 CET) and as you can see (it's the red part of the bars), the amount of requests in this timeframe is much lower. The rest of the day the ATV was in sleep mode.
First I thought this is because some kind of HomeHub/HomeKit features. But I do not use any Home-related stuff and I tried to de-activate all related options on my AppleTV. But with 17.2 this is kind of difficult, because Apple seems not to want this to be deactivated at all.
In fact, it indeed could be that this behaviour exists since I updated the AppleTV to 17.2.
I already did a factory reset, which did not change anything.
Are there any AppleTV user here with similar experiences? Or maybe with some solution hints?
This is just a data point for you as you troubleshoot your issue. I have an AppleTV HD (not 4K) on OS 17.2, and it's showing 3,057 requests for the past 24 hours, and that includes 1,054 blocked requests. This is my family's primary television, for what it's worth. I am using the "out-of-the-box" Pihole adlists, also.
Thanks for your input. This is strange. I really don't understand why my unit produces this huge amount of requests.
As I said, this might not be a pi hole problem. So it doesn't matter if the requests are blocked or not. They simply are coming from the device, which is the main problem. Pi-hole only brings them to light...
You can click the name on the screen shown above and Pi-hole will show you the domains being requested by that client. These should help give clues as to what it's doing.
The domains being requested are alle Apple domains. About 10-12 different ones. So there's nothing special about which domains are requested, but how often they are requested.
That's a good sign,, at least there is nothing nefarious going on.
Bear in mind you wouldn't normally be aware of this. Pi-hole shines a light on the way some devices behave. If the requested domains are blocked, it would be worth whitelisting them and seeing if that makes the Apple TV calm down, as it may only be constantly trying because it can't get through.
Other than that I'd suggest just ignoring it, since Pi-hole is just reporting what it is seeing. Alternatively you could manually configure the Apple TV to not use Pi-hole and use something else, eg your router. That way it will no longer appear in your Pi-hole stats.
$ man dnsmasq
[..]
-T, --local-ttl=<time>
When replying with information from /etc/hosts or configura-
tion or the DHCP leases file dnsmasq by default sets the
time-to-live field to zero, meaning that the requester should
not itself cache the information. This is the correct thing
to do in almost all situations. This option allows a time-to-
live (in seconds) to be given for these replies. This will
reduce the load on the server at the expense of clients using
stale data under some circumstances.
Try up local-ttl to 60 seconds at first by creating a new config file with below:
sudo nano /etc/dnsmasq.d/99-local-ttl.conf
Containing below line:
local-ttl=60
Save/exit and run below to apply:
pihole restartdns
If that lowers the number of queries, you can try lower it to two seconds.
You want it as low as possible to prevent "clients using stale data under some circumstances".
I did some "research" the last couple days and here is what I found out:
As I said, I do not use any HomeKit-stuff, so I deactivated HomeKit on AppleTV. I did this with not associating any kind of room in the HomeKit-options-menu. Turns out, this was the reason why AppleTV did all these requests. I don't know why and this is far from logical for me, but as soon as I re-associated a room in the HomeKit-menu, the amount of requests instantly went down to a "normal" level. About 1-10 requests per 10 minutes.
I will monitor this in the coming days, but for now: so far so good...
