Pi-hole supports multiple blocking modes, where NULL is the current default. I would like to ask to change the default to NODATA, given some recently discovered issues in browsers on macOS with the NULL strategy:
- Pi-Hole + Chrome + Big Sur + BLOCKINGMODE=NULL = Slow
It appears that Chrome, derivatives (Edge, Brave, ...) and possibly Firefox on macOS Big Sur have an issue where connections to 0.0.0.0 don't fail immediately, but run into timeouts. This can cause Chrome to become extremely sluggish and show other weird issues (video conferences start to lag and desync, typing into input fields has a noticeable one second lag, ...).
Chrome is looking into improving things on their end (see above linked Chromium issue report) and more advanced users can mitigate this by manually configuring their Pi-hole to use the NODATA strategy, but I figured that maybe this is a good time to switch to the NODATA strategy by default. Even as an IT professional it took me weeks to finally make the connection between "My Chrome browser has a sluggish UI and bad lagging in video conferences" to "Pi-hole serves 0.0.0.0 on blocked domains, which triggers some network code issue". So even if Pi-hole is not at fault, maybe we can improve the experience for users by changing something on our side here.
I'm copying some additional thoughts from a Chromium engineer here from the issue linked above: "My suggestion for ideal blocking strategy would be NODATA with a TTL provided via SOA record in the Authority section and a relevant EDE (see RFC 8914). Creates a cacheable response while being mostly honest with the client about the situation rather than completely forging false results (REFUSED would be more honest than NODATA but it's not cacheable and it sounds like they're sensitive to that). But the caveat to my suggestion is that I'm biased due to knowing that Chrome can handle and cache such a response, but maybe the pi-hole peeps have experience with DNS clients that handle things poorly."
The Pi-hole docs about the blocking modes already state that NXDOMAIN and NODATA are roughly equivalent from the pros and cons compared to the NULL strategy (with NODATA having a slight edge in terms of compatibility). Maybe this is enough to tip it over the edge to make it the default?