Hi,
Using Pi-hole for DNS and DHCP with static IP addresses and no static IP for the Pi-hole.
Pi-hole is shown in the Dashboard as pi.hole which I understand is correct, but why also localhost (127.0.0.1) which is also Pi-hole or I have it wrong?
Thanks - Steen
admin@Pi-hole1:~ $ sudo cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.1.1 Pi-hole1
Your question relates to /etc/hosts rather than Pi-hole (regardless of its release).
Your entries look completely normal.
In particular, it is expected that 127.0.0.1 is localhost.
Pi-hole is reading that file, and its dashboard is using that information to put names to the client IPs that send DNS requests.
Thanks - assumed so, but better to be100% sure by asking.
Queries from localhost are queries something on your system asks. Queries from pi.hole are queries generated by Pi-hole itself, not some other application on the same system. I guess the pi.hole are DNSSEC-related?
Yes, major queries on pi.hole are type DNSKEY:
Query received on: 2024-03-11 16:19:46.288 Client: pi.hole (::) DNSSEC status: SECURE Query Status: Forwarded to 1.1.1.1#53Reply: DNSSEC Database ID: 126078
There are some queries type DS:
Query received on: 2024-03-11 15:53:11.157 Client: pi.hole (::) Query Status: Forwarded to 1.1.1.1#53Reply: NODATA Database ID: 124777
For the localhost I am not sure where the asks are coming from, they are all in state INSECURE:
Query received on: 2024-03-11 17:25:03.790 Client: localhost (127.0.0.1) DNSSEC status: INSECURE Query Status: Served from cache Reply: NODATA Database ID: 12890
Query received on: 2024-03-11 15:32:19.587 Client: localhost (127.0.0.1) DNSSEC status: INSECURE Query Status: Served from cache Reply: DOMAIN Database ID: 124440