Config error is refused

Expected Behaviour:

DNS works
-DietPi

Actual Behaviour:

DNS seems to work fine on any device connected via ethernet, but doesn't resolve over wifi. Get a plethora of stuff like

ar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:03 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:03 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:03 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:04 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:04 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:04 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:04 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1
Mar  8 20:11:04 dnsmasq[10474]: cached accounts.google.com is (null)
Mar  8 20:11:04 dnsmasq[10474]: config error is REFUSED
Mar  8 20:11:04 dnsmasq[10474]: query[A] accounts.google.com from 192.168.1.1

and nothing is loading on my phone.

Debug Token:

https://tricorder.pi-hole.net/ji1seqb21m

So the same queries work fine over Ethernet but just not over Wifi? How is the Pi-hole connected to WiFi ? Itself or through the router (so via Ehternet)?

Given the frequency of that answer, this could be a client excessively requesting DNS resolution, so this may be Pi-hole's recently introduced rate-limiting feature in action.

However, cached <domain> is (null) is unusual.

I'll see if I can get a developer to take a closer look.

In the meantime, try to find out which client would be responsible for those excessive queries, and stop it from doing so.

There is also a a chance you've closed a partial DNS loop that could have prompted those queries:
As you seem to have enabled Pi-hole's Conditional Forwarding, that would close a partial loop if your router would also be using Pi-hole as an upstream DNS server.
If that's the case, either disable CF in Pi-hole or remove Pi-hole as upstream in your router to avoid this.

And finally, you seem to have configured your router to distribute Pi-hole as local DNS server via DHCP, but your router is also adding its own IP:

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   
   * Received 304 bytes from eth0:192.168.1.1
     Offered IP address: 192.168.1.11
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.1.1
      dns-server: 192.168.1.1
      dns-server: 192.168.1.11
      --- end of options ---

Currently, your clients will by-pass Pi-hole on occasions by picking your router for DNS.

See if you can disable this in your router.

1 Like

Please add

DEBUG_QUERIES=true

to the file /etc/pihole/pihole-FTL.conf (create if it does not exist) and run

pihole restartdns

Next time the flood of queries appear, check /var/log/pihole-FTL.log if it says something like

Rate-limiting UDP query "..." from iface:client

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.