Connection error (8.8.8.8#53) appearing a lot in my logs

racinmat · April 6, 2026, 4:57pm

my setup: I have Synology NAS with portainer and I run pihole there.

Setup:

Operating System: Synology DSM 7.3.2-86009 Update 3.
- Linux 4.4.302+, GNU/Linux synology_v1000_1621+
Hardware: Synology DS1621+
- CPU: AMD Ryzen V1500B
- RAM: 12GB
Docker compose file:

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:2025.04.0
    # using network host to see the clients correctly
    network_mode: "host"
server
    environment:
      # Set the appropriate timezone for your location from
      # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones, e.g:
      TZ: 'Europe/Prague'
      # Set a password to access the web interface. Not setting one will result in a random password being assigned
      FTLCONF_webserver_api_password: '...'
      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
      FTLCONF_dns_listeningMode: 'all'
      # making local dns work
      FTLCONF_dns_revServers: 'true,192.168.0.0/24,192.168.0.1,lan;true,192.168.0.0/24,192.168.0.1,int.matej.racinsky.cz'
      # https://discourse.pi-hole.net/t/cannot-disable-dhcp/14168
      DHCP_ACTIVE: false
      # setting ports by env var instead of mapping
      # https://docs.pi-hole.net/docker/configuration/?h=environ#configuring-ftl-via-the-environment
      FTLCONF_webserver_port: '1080,1443s'
    # Volumes store your data between container upgrades
    volumes:
      # For persisting Pi-hole's databases and common configuration file
      - '/volume1/docker/etc-pihole:/etc/pihole'
    cap_add:
      # Optional, if Pi-hole should get some more processing time
      - SYS_NICE
    restart: unless-stopped

Docker engine version: 24.0.2

Expected Behaviour:

I expect not to see the logs full of connection errors.

Actual Behaviour:

Connection error (8.8.8.8#53): TCP connection failed while receiving payload length from upstream (Connection reset by peer)

appears in the logs ~10req/minute, from total ~26req/minute.

Debug Token:

https://tricorder.pi-hole.net/cVfAv8yL/

jfb · April 6, 2026, 5:03pm

You are running quite an older version of Pi-hole.

From where did you get your compose file?

rdwebdesign · April 6, 2026, 5:41pm

Try the most recent image: pihole/pihole:2026.04.0, or pihole/pihole:latest.

rdwebdesign · April 6, 2026, 6:29pm

These messages are generated by dnsmasq (embedded in FTL).

dnsmasq developers believe these messages should always be logged and Pi-hole team will not change or remove parts of dnsmasq (which would make our development a lot more complex every time we need to update the internal dnsmasq).

If all you want is to hide these messages, you just need to use the Pi-hole option to hide these messages:

go to Settings > All settings page;
select Miscellaneous tab;
then enable misc.hide_connection_error option

image755×304 8.28 KB

Note: you need a newer image to use this option - I recommend 2026.04.0.

racinmat · April 6, 2026, 8:57pm

I updated to 2026.04.0 tag 4 hours ago and didn’t yet see the error even single time, but not all devices started using it yet.
So far it seems the update worked.

I found the `misc.hide_connection_error` in the settings, I’ll use it if I see these warnings again.

I understand the that you don’t want modify the dependencies. So it doesn’t indicate unexpected behavior and it’s normal DNS times out from time to time?

racinmat · April 6, 2026, 9:00pm

I got the docker-compose exactly by taking the one from GitHub - pi-hole/docker-pi-hole: The official Pi-hole Docker image from pi-hole.net · GitHub and then tweaking it as I saw fit to make it work locally.
I wanted to see correctly IP addresses of the clients to simplify any troubleshooting, e.g. of IP I blocked and would like to whitelist, hence the network mode instead of listing the ports.

And regarding the FTLCONF_dns_revServers, I just wanted to move as much settings from the UI to the docker-compose for better versioning, and I removed the capabilities I didn’t need.

rdwebdesign · April 6, 2026, 9:06pm

Please, before hiding them, just make sure everything is working as expected.

As explained before, most of the times these messages are only dnsmasq reporting closed connections, but sometimes they can indicate a real issue.

rdwebdesign · April 7, 2026, 3:08am

I see 2 issues on your compose file:

You are not using bridge mode, so you don't need to change this option.
Also, the value should be ALL (upper case), not all.

You can comment (or remove) this variable, unless you need Pi-hole to answer on different interfaces.

Using ALL with host mode is not wrong, but usually unnecessary.

This variable is invalid and should removed.

Since DHCP is disabled by default, using this invalid variable didn't change anything, but if you decide to change it to true, it won't work.

If in the future you decide to enable DHCP, use the correct variable: FTLCONF_dhcp_active.

Also, the link on the comment points to an old v5 issue, but this is a v6 image and the options are not the same.

racinmat · April 11, 2026, 3:29pm

thank you for all the comments and advices. I cleaned up my docker-compose to use only needed and up to date env vars, and now it seems ok and I don’t see these errors.
So we can consider this resolved.