DHCP not working

Help docker
1

Hello everybody
edit: Aug, 25th 2021

I've been using pihole for quite a while within my 38 container Docker/Traefik/Pihole-setup. Over the years I've managed to automate pretty much every maintenaince function an eliminated all but one issue with my setup: Pihole. In my case Pihole is handling DHCP and DNS requests.

Behaviour
At some points (in the meantime daily, it used to be less) pihole does not handle requests properly. Following issues appear:

  • Devices receive an IP but can neither access internet nor local IPs of docker services available
  • No IP is given out to devices

I am not sure if the issues are connected.

Expected behaviour
No notable problems with IP-leases or connection outages at all times.

Work around
When the problem occurs I turn on the DHCP of my router for about 5 Minutes. When everything works again, I turn it off until the next time the problem occurs.
lease time is set to 24h

Problem narrowed down
By now I figured, that as soon as the "work around" lease times expire the whole problem appears again. I used to have work-around-lease-times up to one week that's the reason I couldn't narrow it down earlier. This strongly points to a configuration issue, where pihole is not handing out IP's but only using the ones that already exist.

System

  • OS Ubuntu Server 20.04.3 LTS
  • Docker
    Client:
    Version: 20.10.7
    API version: 1.41
    Go version: go1.13.8
    Git commit: 20.10.7-0ubuntu1~20.04.1
    Built: Wed Aug 4 22:52:25 2021
    OS/Arch: linux/amd64
    Context: default
    Experimental: true
    Server:
    Engine:
    Version: 20.10.7
    API version: 1.41 (minimum version 1.12)
    Go version: go1.13.8
    Git commit: 20.10.7-0ubuntu1~20.04.1
    Built: Wed Aug 4 19:07:47 2021
    OS/Arch: linux/amd64
    Experimental: false
  • Pihole: Pi-hole v5.3.1 | Web Interface v5.5.1 | FTL v5.8.1

Docker-compose
Following my docker-compose code - not sure if I configured Traefik / Pihole correctly.

traefik:
        container_name: traefik
        image: traefik:picodon
        command:
            - --global.checkNewVersion=true
            - --global.sendAnonymousUsage=true
            - --entryPoints.http.address=:80
            - --entryPoints.https.address=:443
            - --entrypoints.https.forwardedHeaders.trustedIPs=mylistoftrustedips
            - --entryPoints.traefik.address=:8080
            - --entryPoints.ping.address=:8081
            - --api=true
            - --api.dashboard=true
            - --ping=true
            - --pilot.token=$TRAEFIK_PILOT_TOKEN
            - --log=true
            - --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
            - --accessLog=true
            - --accessLog.filePath=/traefik2.log
            - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
            - --accessLog.filters.statusCodes=400-499
            - --providers.docker=true
            - --providers.docker.endpoint=tcp://socket-proxy:2375
            - --providers.docker.exposedByDefault=false
            - --entrypoints.https.http.tls.certresolver=dns-cloudflare
            - --entrypoints.https.http.tls.domains[0].main=$DOMAINNAME
            - --entrypoints.https.http.tls.domains[0].sans=*.$DOMAINNAME
            - --providers.docker.network=t2_proxy
            - --providers.docker.swarmMode=false
            - --providers.file.directory=/rules
            - --providers.file.watch=true # Only works on top level files in the rules folder
            - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
            - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
            - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
            - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
            - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90
        networks:
          t2_proxy:
            ipv4_address: myipadress
          socket_proxy:
        depends_on:
            - socket-proxy
        security_opt:
            - no-new-privileges:true
        healthcheck:
            test: ["CMD", "traefik", "healthcheck", "--ping"]
            interval: 5s
            retries: 3
        ports:
            - target: 80
              published: 80
              protocol: tcp
              mode: host
            - target: 443
              published: 443
              protocol: tcp
              mode: host
            - target: 8080
              published: 8080
              protocol: tcp
              mode: host
            - target: 8081
              published: 8081
              protocol: tcp
              mode: host
        volumes:
            - $APPDATADIR/traefik2/rules:/rules # file provider directory
            - $APPDATADIR/traefik2/acme/acme.json:/acme.json
            - $APPDATADIR/traefik2/traefik2.log:/var/log/docker/traefik2.log
        environment:    
            - CF_API_EMAIL_FILE=mysecretpath
            - CF_API_KEY_FILE=mysecretpath
            - TZ=${TZ}
        secrets:
            - cloudflare_email
            - cloudflare_api_key
        labels:
            - "autoheal=true"
            - "traefik.enable=true"
            # HTTP-to-HTTPS Redirect
            - "traefik.http.routers.http-catchall.entrypoints=http"
            - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
            - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
            - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
            # HTTP Routers
            - "traefik.http.routers.traefik-rtr.entrypoints=https"
            - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"
            ## Services - API
            - "traefik.http.routers.traefik-rtr.service=api@internal"
            ## Healthcheck/ping
            - "traefik.http.routers.ping.rule=Host(`traefik.$DOMAINNAME`) && Path(`/ping`)"
            - "traefik.http.routers.ping.service=ping@internal"
            ## Middlewares
            - "traefik.http.routers.traefik-rtr.middlewares=chain-authelia@file"   
        restart: unless-stopped

pihole:
       pihole:
        image: pihole/pihole:latest
        container_name: pihole
        domainname: $DOMAINNAME
        hostname: pihole
        network_mode: "host"
        security_opt:
            - no-new-privileges:true
        environment:
            - ServerIP=myserverip
            - TZ=${TZ}
            - WEBPASSWORD=${PW1}
            - PROXY_LOCATION=pihole
            - DHCP_ACTIVE=true
            - DHCP_START=mydhcpstart
            - DHCP_END=mydhcpend
            - DHCP_ROUTER=myrouterip
            - DHCP_LEASETIME=168
            - WEB_PORT=9050
            - DHCP_rapid_commit=true
            - PIHOLE_DNS_=1.0.0.1;1.1.1.1
        dns:
            - 127.0.0.1
            - 1.1.1.1
        ports:
            - 53:53 #DNS
            - 67:67 #DHCP
            - 80:80
            - 443:443
        volumes:
            - $APPDATADIR/pihole/etc-pihole:/etc/pihole
            - $APPDATADIR/pihole/etc-dnsmasqd:/etc/dnsmasq.d
            - $APPDATADIR/pihole/logs/lighttpd:/var/log/lighttpd
            - $APPDATADIR/pihole/logs/pihole.log:/var/log/pihole.log
        cap_add:
            - NET_ADMIN
        restart: unless-stopped

Pihole debug token
https://tricorder.pi-hole.net/yqmgG7X4/

Pihole error log
Today between 1800 and 1840 again, no access to internet but IPs were handed out. The error messages appear when I turn on/off the routers DHCP fuctionality.

2021-08-24 18:53:34: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning:  Executing sudo pihole status web failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-08-24 20:04:52: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning:  Executing sudo pihole status web failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79
2021-08-24 20:32:47: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning:  Executing sudo pihole status web failed. in /var/www/html/admin/scripts/pi-hole/php/func.php on line 79

If you need any more information, please let me know. Any help is much appreciated. And thank you for your time and effort you invest to help others in need!

akrea

PS: On top of everything I have the exact same problem: [Web-Interface] status unknown but Pi-hole working without any restrictions again, I don't know if it is related ot the above mentioned issues.

2

Please check /var/log/pihole-FTL.log and /var/pihole.log when the issue happens.

They will contain more information. pihole-FTL.log is typically empty but logs all kinds of warnings and errors. pihole.log shows you what is going on. Absence of activity in these two files when the issue happens is an indication for something odd, too. Furthermore, FTL knows a bunch of debug flags we can selectively add in case we need to research things closer.

3

Thank you for your reply. Please check my amendments in italics in the original post (Problem narrowed down).

Problem appeard exactly after 24 hours (set lease time of my router IP handout). As mentioned I strongly suspect a configuration issue with the pihole-dhcp-handling.

The pihole-FTL.log (04:22:... in the log below is the restart of the server after backup)

[2021-08-25 04:22:23.526 344M] Using log file /var/log/pihole-FTL.log
[2021-08-25 04:22:23.526 344M] ########## FTL started! ##########
[2021-08-25 04:22:23.526 344M] FTL branch: master
[2021-08-25 04:22:23.526 344M] FTL version: v5.8.1
[2021-08-25 04:22:23.526 344M] FTL commit: b90ab8b1
[2021-08-25 04:22:23.526 344M] FTL date: 2021-04-21 20:03:47 +0100
[2021-08-25 04:22:23.526 344M] FTL user: root
[2021-08-25 04:22:23.526 344M] Compiled for x86_64 (compiled on CI) using gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
[2021-08-25 04:22:23.526 344M] Creating mutex
[2021-08-25 04:22:23.527 344M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2021-08-25 04:22:23.527 344M]    SOCKET_LISTENING: only local
[2021-08-25 04:22:23.527 344M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2021-08-25 04:22:23.527 344M]    MAXDBDAYS: max age for stored queries is 365 days
[2021-08-25 04:22:23.527 344M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2021-08-25 04:22:23.527 344M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2021-08-25 04:22:23.527 344M]    DBINTERVAL: saving to DB file every minute
[2021-08-25 04:22:23.527 344M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2021-08-25 04:22:23.527 344M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2021-08-25 04:22:23.527 344M]    PRIVACYLEVEL: Set to 0
[2021-08-25 04:22:23.527 344M]    IGNORE_LOCALHOST: Show queries from localhost
[2021-08-25 04:22:23.527 344M]    BLOCKINGMODE: Null IPs for blocked domains
[2021-08-25 04:22:23.527 344M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2021-08-25 04:22:23.527 344M]    DBIMPORT: Importing history from database
[2021-08-25 04:22:23.527 344M]    PIDFILE: Using /run/pihole-FTL.pid
[2021-08-25 04:22:23.527 344M]    PORTFILE: Using /run/pihole-FTL.port
[2021-08-25 04:22:23.527 344M]    SOCKETFILE: Using /run/pihole/FTL.sock
[2021-08-25 04:22:23.527 344M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2021-08-25 04:22:23.527 344M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2021-08-25 04:22:23.527 344M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2021-08-25 04:22:23.527 344M]    PARSE_ARP_CACHE: Active
[2021-08-25 04:22:23.527 344M]    CNAME_DEEP_INSPECT: Active
[2021-08-25 04:22:23.527 344M]    DELAY_STARTUP: No delay requested.
[2021-08-25 04:22:23.527 344M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2021-08-25 04:22:23.527 344M]    NICE: Cannot change niceness to -10 (permission denied)
[2021-08-25 04:22:23.527 344M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
[2021-08-25 04:22:23.527 344M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2021-08-25 04:22:23.527 344M]    EDNS0_ECS: Overwrite client from ECS information
[2021-08-25 04:22:23.527 344M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2021-08-25 04:22:23.527 344M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2021-08-25 04:22:23.527 344M]    REPLY_ADDR4: Automatic interface-dependent detection of address
[2021-08-25 04:22:23.527 344M]    REPLY_ADDR6: Automatic interface-dependent detection of address
[2021-08-25 04:22:23.527 344M] Finished config file parsing
[2021-08-25 04:22:23.527 344M] WARNING: Starting pihole-FTL as user root is not recommended
[2021-08-25 04:22:23.528 344M] Database version is 9
[2021-08-25 04:22:23.528 344M] Imported 0 alias-clients
[2021-08-25 04:22:23.528 344M] Database successfully initialized
[2021-08-25 04:22:23.528 344M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 720.9KB used, 67.1MB total, FTL uses 708.9KB)
[2021-08-25 04:22:23.528 344M] New upstream server: 1.1.1.1:53 (0/512)
[2021-08-25 04:22:23.538 344M] New upstream server: 1.0.0.1:53 (1/512)
[2021-08-25 04:22:23.622 344M] Resizing "FTL-queries" from 262144 to (8192 * 64) == 524288 (/dev/shm: 761.9KB used, 67.1MB total, FTL uses 749.9KB)
[2021-08-25 04:22:23.647 344M] Resizing "FTL-domains" from 12288 to (1024 * 24) == 24576 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-25 04:22:23.678 344M] Resizing "FTL-queries" from 524288 to (12288 * 64) == 786432 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-25 04:22:23.686 344M] Imported 9270 queries from the long-term database
[2021-08-25 04:22:23.686 344M]  -> Total DNS queries: 9270
[2021-08-25 04:22:23.686 344M]  -> Cached DNS queries: 2019
[2021-08-25 04:22:23.686 344M]  -> Forwarded DNS queries: 4436
[2021-08-25 04:22:23.686 344M]  -> Blocked DNS queries: 2536
[2021-08-25 04:22:23.686 344M]  -> Unknown DNS queries: 224
[2021-08-25 04:22:23.686 344M]  -> Unique domains: 922
[2021-08-25 04:22:23.686 344M]  -> Unique clients: 13
[2021-08-25 04:22:23.686 344M]  -> Known forward destinations: 2
[2021-08-25 04:22:23.686 344M] Successfully accessed setupVars.conf
[2021-08-25 04:22:23.686 344M] *************************************************************************
[2021-08-25 04:22:23.686 344M] * WARNING: Required Linux capability CAP_SYS_NICE not available         *
[2021-08-25 04:22:23.686 344M] *************************************************************************
[2021-08-25 04:22:23.755 346M] PID of FTL process: 346
[2021-08-25 04:22:23.755 346M] INFO: FTL is running as root
[2021-08-25 04:22:23.756 346/T347] Listening on port 4711 for incoming IPv4 telnet connections
[2021-08-25 04:22:23.756 346/T347] Terminating IPv4 telnet thread
[2021-08-25 04:22:23.756 346/T349] Listening on Unix socket
[2021-08-25 04:22:23.756 346/T349] Terminating socket thread
[2021-08-25 04:22:23.756 346/T350] Terminating database thread
[2021-08-25 04:22:23.756 346/T351] Terminating GC thread
[2021-08-25 04:22:23.756 346/T352] Terminating resolver thread
[2021-08-25 04:22:23.798 346/T348] Listening on port 4711 for incoming IPv6 telnet connections
[2021-08-25 04:22:23.798 346/T348] Terminating IPv6 telnet thread
[2021-08-25 04:22:23.798 346M] Shutting down...
[2021-08-25 04:22:24.049 346M] Finished final database update
[2021-08-25 04:22:24.055 346M] ########## FTL terminated after 529ms  (code 0)! ##########
[2021-08-25 04:22:24.134 432M] Using log file /var/log/pihole-FTL.log
[2021-08-25 04:22:24.134 432M] ########## FTL started! ##########
[2021-08-25 04:22:24.134 432M] FTL branch: master
[2021-08-25 04:22:24.134 432M] FTL version: v5.8.1
[2021-08-25 04:22:24.134 432M] FTL commit: b90ab8b1
[2021-08-25 04:22:24.134 432M] FTL date: 2021-04-21 20:03:47 +0100
[2021-08-25 04:22:24.134 432M] FTL user: root
[2021-08-25 04:22:24.134 432M] Compiled for x86_64 (compiled on CI) using gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
[2021-08-25 04:22:24.140 432M] Creating mutex
[2021-08-25 04:22:24.153 432M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2021-08-25 04:22:24.153 432M]    SOCKET_LISTENING: only local
[2021-08-25 04:22:24.153 432M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2021-08-25 04:22:24.153 432M]    MAXDBDAYS: max age for stored queries is 365 days
[2021-08-25 04:22:24.153 432M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2021-08-25 04:22:24.153 432M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2021-08-25 04:22:24.153 432M]    DBINTERVAL: saving to DB file every minute
[2021-08-25 04:22:24.153 432M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2021-08-25 04:22:24.153 432M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2021-08-25 04:22:24.153 432M]    PRIVACYLEVEL: Set to 0
[2021-08-25 04:22:24.153 432M]    IGNORE_LOCALHOST: Show queries from localhost
[2021-08-25 04:22:24.153 432M]    BLOCKINGMODE: Null IPs for blocked domains
[2021-08-25 04:22:24.153 432M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2021-08-25 04:22:24.153 432M]    DBIMPORT: Importing history from database
[2021-08-25 04:22:24.153 432M]    PIDFILE: Using /run/pihole-FTL.pid
[2021-08-25 04:22:24.153 432M]    PORTFILE: Using /run/pihole-FTL.port
[2021-08-25 04:22:24.153 432M]    SOCKETFILE: Using /run/pihole/FTL.sock
[2021-08-25 04:22:24.153 432M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2021-08-25 04:22:24.153 432M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2021-08-25 04:22:24.153 432M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2021-08-25 04:22:24.153 432M]    PARSE_ARP_CACHE: Active
[2021-08-25 04:22:24.153 432M]    CNAME_DEEP_INSPECT: Active
[2021-08-25 04:22:24.153 432M]    DELAY_STARTUP: No delay requested.
[2021-08-25 04:22:24.153 432M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2021-08-25 04:22:24.153 432M]    NICE: Cannot change niceness to -10 (permission denied)
[2021-08-25 04:22:24.153 432M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
[2021-08-25 04:22:24.153 432M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2021-08-25 04:22:24.153 432M]    EDNS0_ECS: Overwrite client from ECS information
[2021-08-25 04:22:24.153 432M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2021-08-25 04:22:24.153 432M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2021-08-25 04:22:24.153 432M]    REPLY_ADDR4: Automatic interface-dependent detection of address
[2021-08-25 04:22:24.153 432M]    REPLY_ADDR6: Automatic interface-dependent detection of address
[2021-08-25 04:22:24.154 432M] Finished config file parsing
[2021-08-25 04:22:24.154 432M] WARNING: Starting pihole-FTL as user root is not recommended
[2021-08-25 04:22:24.154 432M] Database version is 9
[2021-08-25 04:22:24.154 432M] Imported 0 alias-clients
[2021-08-25 04:22:24.154 432M] Database successfully initialized
[2021-08-25 04:22:24.154 432M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 720.9KB used, 67.1MB total, FTL uses 708.9KB)
[2021-08-25 04:22:24.154 432M] New upstream server: 1.1.1.1:53 (0/512)
[2021-08-25 04:22:24.178 432M] New upstream server: 1.0.0.1:53 (1/512)
[2021-08-25 04:22:24.361 432M] Resizing "FTL-queries" from 262144 to (8192 * 64) == 524288 (/dev/shm: 761.9KB used, 67.1MB total, FTL uses 749.9KB)
[2021-08-25 04:22:24.412 432M] Resizing "FTL-domains" from 12288 to (1024 * 24) == 24576 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-25 04:22:24.471 432M] Resizing "FTL-queries" from 524288 to (12288 * 64) == 786432 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-25 04:22:24.476 432M] Imported 9270 queries from the long-term database
[2021-08-25 04:22:24.476 432M]  -> Total DNS queries: 9270
[2021-08-25 04:22:24.476 432M]  -> Cached DNS queries: 2019
[2021-08-25 04:22:24.476 432M]  -> Forwarded DNS queries: 4436
[2021-08-25 04:22:24.476 432M]  -> Blocked DNS queries: 2536
[2021-08-25 04:22:24.476 432M]  -> Unknown DNS queries: 224
[2021-08-25 04:22:24.476 432M]  -> Unique domains: 922
[2021-08-25 04:22:24.476 432M]  -> Unique clients: 13
[2021-08-25 04:22:24.476 432M]  -> Known forward destinations: 2
[2021-08-25 04:22:24.476 432M] Successfully accessed setupVars.conf
[2021-08-25 04:22:24.476 432M] *************************************************************************
[2021-08-25 04:22:24.476 432M] * WARNING: Required Linux capability CAP_SYS_NICE not available         *
[2021-08-25 04:22:24.476 432M] *************************************************************************
[2021-08-25 04:22:24.599 432M] PID of FTL process: 432
[2021-08-25 04:22:24.599 432M] INFO: FTL is running as root
[2021-08-25 04:22:24.600 432/T476] Listening on port 4711 for incoming IPv4 telnet connections
[2021-08-25 04:22:24.605 432/T478] Listening on Unix socket
[2021-08-25 04:22:24.616 432/T477] Listening on port 4711 for incoming IPv6 telnet connections
[2021-08-25 04:22:24.617 432M] Reloading DNS cache
[2021-08-25 04:22:24.617 432M] Blocking status is enabled
[2021-08-25 04:22:25.642 432/T479] Compiled 0 whitelist and 0 blacklist regex filters for 13 clients in 2.2 msec
[2021-08-25 04:25:24.667 432M] Reloading DNS cache
[2021-08-25 04:25:24.667 432M] Blocking status is enabled
[2021-08-25 04:25:25.208 432/T479] SQLite3 message: file unlinked while open: /etc/pihole/gravity.db (28)
[2021-08-25 04:25:25.215 432/T479] Compiled 0 whitelist and 0 blacklist regex filters for 13 clients in 0.6 msec
[2021-08-25 05:00:00.240 432/T479] Notice: Database size is 514.22 MB, deleted 17 rows
[2021-08-25 05:53:00.855 432M] Resizing "FTL-dns-cache" from 4096 to (512 * 16) == 8192 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 05:53:35.284 432M] Resizing "FTL-domains" from 24576 to (1536 * 24) == 36864 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 05:59:00.845 432/T479] Notice: Database size is 514.22 MB, deleted 19 rows
[2021-08-25 06:30:11.520 432M] Resizing "FTL-dns-cache" from 8192 to (768 * 16) == 12288 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 06:59:00.919 432/T479] Notice: Database size is 514.23 MB, deleted 736 rows
[2021-08-25 07:05:52.249 432M] Resizing "FTL-dns-cache" from 12288 to (1024 * 16) == 16384 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 07:06:33.728 432M] Resizing "FTL-dns-cache" from 16384 to (1280 * 16) == 20480 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 07:59:00.867 432/T479] Notice: Database size is 514.27 MB, deleted 31 rows
[2021-08-25 09:00:00.302 432/T479] Notice: Database size is 514.31 MB, deleted 43 rows
[2021-08-25 10:00:00.402 432/T479] Notice: Database size is 514.36 MB, deleted 24 rows
[2021-08-25 10:59:00.665 432/T479] Notice: Database size is 514.38 MB, deleted 155 rows
[2021-08-25 11:59:00.509 432/T479] Notice: Database size is 514.43 MB, deleted 498 rows
[2021-08-25 12:00:13.110 432M] Resizing "FTL-dns-cache" from 20480 to (1536 * 16) == 24576 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 12:06:49.826 432M] Resizing "FTL-domains" from 36864 to (2048 * 24) == 49152 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 12:06:54.242 432M] Resizing "FTL-strings" from 81920 to (122880 * 1) == 122880 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-25 13:00:00.520 432/T479] Notice: Database size is 514.47 MB, deleted 182 rows
[2021-08-25 14:00:00.847 432/T479] Notice: Database size is 514.49 MB, deleted 933 rows
[2021-08-25 14:24:21.549 432M] Resizing "FTL-queries" from 786432 to (16384 * 64) == 1048576 (/dev/shm: 1.4MB used, 67.1MB total, FTL uses 1.4MB)
[2021-08-25 14:59:00.701 432/T479] Notice: Database size is 514.49 MB, deleted 217 rows
[2021-08-25 16:00:00.782 432/T479] Notice: Database size is 514.50 MB, deleted 78 rows
[2021-08-25 16:59:00.836 432/T479] Notice: Database size is 514.53 MB, deleted 14 rows
[2021-08-25 17:51:03.290 432M] Resizing "FTL-dns-cache" from 24576 to (1792 * 16) == 28672 (/dev/shm: 1.6MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-25 18:00:00.868 432/T479] Notice: Database size is 514.56 MB, deleted 106 rows
[2021-08-25 18:59:00.488 432/T479] Notice: Database size is 514.64 MB, deleted 466 rows
[2021-08-25 19:10:39.739 432M] Resizing "FTL-dns-cache" from 28672 to (2048 * 16) == 32768 (/dev/shm: 1.7MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-25 19:15:15.230 432M] Resizing "FTL-dns-cache" from 32768 to (2304 * 16) == 36864 (/dev/shm: 1.7MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-25 19:15:57.557 432M] Resizing "FTL-dns-cache" from 36864 to (2560 * 16) == 40960 (/dev/shm: 1.7MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-25 19:20:30.206 432M] Resizing "FTL-dns-cache" from 40960 to (2816 * 16) == 45056 (/dev/shm: 1.7MB used, 67.1MB total, FTL uses 1.7MB)

And the pihole.log for around the time the problem occurred today: https://pastebin.com/akHz3APJ

pihole.log hints to not giving name localhost to the DHCP lease of 192.168.0.187 because the name exists in /etc/hosts with address 127.0.0.1. Below the content of the file:

root@pihole:/var/log# cat /etc/hosts
127.0.0.1       localhost.localdomain   localhost
127.0.0.1       skippy.localadmin       skippy
::1             localhost6.localdomain6 localhost6

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

From here on I'm out of my league...

4

You're missing UDP.

Edit: Details

    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "80:80/tcp"
1 Like
5

Thank you for the input. I changed/added the ports accordingly and restarted the container this morning.

The issue just appeared again. This time I could pinpoint it exactly as I was watching plex and suddenly everything stopped at 19:10:32. Then I turned on my routers DHCP (DNS pointing to ServerIP) at 19:16:22.

pihole.log

ug 26 19:10:25 dnsmasq[466]: forwarded outlook.office365.com to 1.1.1.1
Aug 26 19:10:25 dnsmasq[466]: query[A] outlook.office365.com from 192.168.0.145
Aug 26 19:10:25 dnsmasq[466]: reply outlook.office365.com is <CNAME>
Aug 26 19:10:25 dnsmasq[466]: reply outlook.ha.office365.com is <CNAME>
Aug 26 19:10:25 dnsmasq[466]: reply outlook.ms-acdc.office.com is <CNAME>
Aug 26 19:10:25 dnsmasq[466]: reply ZRH-efz.ms-acdc.office.com is 52.97.186.146
Aug 26 19:10:25 dnsmasq[466]: reply ZRH-efz.ms-acdc.office.com is 52.98.168.178
Aug 26 19:10:25 dnsmasq[466]: reply ZRH-efz.ms-acdc.office.com is 52.97.232.194
Aug 26 19:10:25 dnsmasq[466]: reply ZRH-efz.ms-acdc.office.com is 52.97.201.210
Aug 26 19:10:32 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:32 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:32 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:32 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:32 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:32 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:32 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:32 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:33 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:33 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:33 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:33 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:33 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:33 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:33 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:33 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:34 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:34 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:34 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:34 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:34 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:34 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:34 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:34 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:35 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:35 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:35 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:35 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:35 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:35 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:35 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:10:35 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:36 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:10:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:36 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:10:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:36 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:10:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:36 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:10:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:10:51 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:10:51 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:11:21 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:11:21 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:11:36 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:36 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:36 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:36 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:36 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:39 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:39 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:42 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:11:42 dnsmasq[466]: config error is REFUSED
Aug 26 19:11:51 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:11:51 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:12:21 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:12:21 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:12:41 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:41 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:41 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:41 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:41 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:41 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:41 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:41 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:44 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:44 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:44 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:44 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:44 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:44 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:44 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:44 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:45 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:45 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:45 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:45 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:45 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:45 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:45 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:45 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:49 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:12:49 dnsmasq[466]: config error is REFUSED
Aug 26 19:12:51 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:12:51 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:13:22 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:13:22 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:13:47 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:47 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:47 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:47 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:47 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:47 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:47 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:47 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:50 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:50 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:52 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:13:52 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:13:54 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:13:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:54 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:13:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:54 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:13:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:54 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:13:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:55 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:55 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:55 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:13:55 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:13:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:22 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:14:22 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:14:52 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:52 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:52 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:52 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:52 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:52 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:52 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:52 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:52 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:14:52 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:14:54 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:54 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:54 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:54 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:54 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:55 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:55 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:55 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:14:55 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:14:55 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:00 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:15:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:00 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:15:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:00 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:15:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:00 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:15:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:02 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:02 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:02 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:02 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:02 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:02 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:02 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:02 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:20 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:21 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:22 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:15:22 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:15:23 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:28 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:36 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:52 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:15:52 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:15:53 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:15:58 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:58 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:58 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:58 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:58 dnsmasq[466]: query[A] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:58 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:58 dnsmasq[466]: query[AAAA] 0.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:58 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:59 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:59 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:59 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:59 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:59 dnsmasq[466]: query[A] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:59 dnsmasq[466]: config error is REFUSED
Aug 26 19:15:59 dnsmasq[466]: query[AAAA] 1.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:15:59 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:00 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:00 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:00 dnsmasq[466]: query[A] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:00 dnsmasq[466]: query[AAAA] 2.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:00 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:00 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:16:01 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:16:03 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:16:04 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:16:04 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:04 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:16:04 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:04 dnsmasq[466]: query[A] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:16:04 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:04 dnsmasq[466]: query[AAAA] ntp.ubuntu.com from 127.0.0.1
Aug 26 19:16:04 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:08 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:16:08 dnsmasq-dhcp[466]: DHCP packet received on enp1s0 which has no address
Aug 26 19:16:08 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:08 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:08 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:08 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:08 dnsmasq[466]: query[A] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:08 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:08 dnsmasq[466]: query[AAAA] 3.ubuntu.pool.ntp.org from 127.0.0.1
Aug 26 19:16:08 dnsmasq[466]: config error is REFUSED
Aug 26 19:16:22 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:16:22 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:16:52 dnsmasq[466]: query[A] pi.hole from 127.0.0.1
Aug 26 19:16:52 dnsmasq[466]: /etc/pihole/local.list pi.hole is 192.168.0.10
Aug 26 19:16:56 dnsmasq[466]: query[A] mtalk.google.com from 192.168.0.30
Aug 26 19:16:56 dnsmasq[466]: forwarded mtalk.google.com to 1.1.1.1
Aug 26 19:16:56 dnsmasq[466]: forwarded mtalk.google.com to 1.0.0.1

Unfortunately, I had a wrong persistant volume config for pihole-FTL.log. So I don't have this log from the moment of the incident. I fixed this and retartet the container:

[2021-08-26 20:26:53.644 338M] Using log file /var/log/pihole-FTL.log
[2021-08-26 20:26:53.644 338M] ########## FTL started! ##########
[2021-08-26 20:26:53.644 338M] FTL branch: master
[2021-08-26 20:26:53.644 338M] FTL version: v5.8.1
[2021-08-26 20:26:53.644 338M] FTL commit: b90ab8b1
[2021-08-26 20:26:53.644 338M] FTL date: 2021-04-21 20:03:47 +0100
[2021-08-26 20:26:53.644 338M] FTL user: root
[2021-08-26 20:26:53.644 338M] Compiled for x86_64 (compiled on CI) using gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
[2021-08-26 20:26:53.644 338M] Creating mutex
[2021-08-26 20:26:53.644 338M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2021-08-26 20:26:53.644 338M]    SOCKET_LISTENING: only local
[2021-08-26 20:26:53.644 338M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2021-08-26 20:26:53.644 338M]    MAXDBDAYS: max age for stored queries is 365 days
[2021-08-26 20:26:53.644 338M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2021-08-26 20:26:53.644 338M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2021-08-26 20:26:53.644 338M]    DBINTERVAL: saving to DB file every minute
[2021-08-26 20:26:53.644 338M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2021-08-26 20:26:53.644 338M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2021-08-26 20:26:53.644 338M]    PRIVACYLEVEL: Set to 0
[2021-08-26 20:26:53.645 338M]    IGNORE_LOCALHOST: Show queries from localhost
[2021-08-26 20:26:53.645 338M]    BLOCKINGMODE: Null IPs for blocked domains
[2021-08-26 20:26:53.645 338M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2021-08-26 20:26:53.645 338M]    DBIMPORT: Importing history from database
[2021-08-26 20:26:53.645 338M]    PIDFILE: Using /run/pihole-FTL.pid
[2021-08-26 20:26:53.645 338M]    PORTFILE: Using /run/pihole-FTL.port
[2021-08-26 20:26:53.645 338M]    SOCKETFILE: Using /run/pihole/FTL.sock
[2021-08-26 20:26:53.645 338M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2021-08-26 20:26:53.645 338M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2021-08-26 20:26:53.645 338M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2021-08-26 20:26:53.645 338M]    PARSE_ARP_CACHE: Active
[2021-08-26 20:26:53.645 338M]    CNAME_DEEP_INSPECT: Active
[2021-08-26 20:26:53.645 338M]    DELAY_STARTUP: No delay requested.
[2021-08-26 20:26:53.645 338M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2021-08-26 20:26:53.645 338M]    NICE: Cannot change niceness to -10 (permission denied)
[2021-08-26 20:26:53.645 338M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
[2021-08-26 20:26:53.645 338M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2021-08-26 20:26:53.645 338M]    EDNS0_ECS: Overwrite client from ECS information
[2021-08-26 20:26:53.645 338M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2021-08-26 20:26:53.645 338M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2021-08-26 20:26:53.645 338M]    REPLY_ADDR4: Automatic interface-dependent detection of address
[2021-08-26 20:26:53.645 338M]    REPLY_ADDR6: Automatic interface-dependent detection of address
[2021-08-26 20:26:53.645 338M] Finished config file parsing
[2021-08-26 20:26:53.645 338M] WARNING: Starting pihole-FTL as user root is not recommended
[2021-08-26 20:26:53.645 338M] Database version is 9
[2021-08-26 20:26:53.645 338M] Imported 0 alias-clients
[2021-08-26 20:26:53.645 338M] Database successfully initialized
[2021-08-26 20:26:53.646 338M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 720.9KB used, 67.1MB total, FTL uses 708.9KB)
[2021-08-26 20:26:53.664 338M] New upstream server: 1.1.1.1:53 (0/512)
[2021-08-26 20:26:53.698 338M] New upstream server: 1.0.0.1:53 (1/512)
[2021-08-26 20:26:53.714 338M] Resizing "FTL-domains" from 12288 to (1024 * 24) == 24576 (/dev/shm: 761.9KB used, 67.1MB total, FTL uses 749.9KB)
[2021-08-26 20:26:53.724 338M] Resizing "FTL-queries" from 262144 to (8192 * 64) == 524288 (/dev/shm: 774.1KB used, 67.1MB total, FTL uses 762.1KB)
[2021-08-26 20:26:53.752 338M] Resizing "FTL-queries" from 524288 to (12288 * 64) == 786432 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-26 20:26:53.756 338M] Resizing "FTL-domains" from 24576 to (1536 * 24) == 36864 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:53.761 338M] Resizing "FTL-queries" from 786432 to (16384 * 64) == 1048576 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:53.781 338M] Resizing "FTL-queries" from 1048576 to (20480 * 64) == 1310720 (/dev/shm: 1.6MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-26 20:26:53.788 338M] Imported 16733 queries from the long-term database
[2021-08-26 20:26:53.788 338M]  -> Total DNS queries: 16733
[2021-08-26 20:26:53.788 338M]  -> Cached DNS queries: 4983
[2021-08-26 20:26:53.788 338M]  -> Forwarded DNS queries: 6892
[2021-08-26 20:26:53.788 338M]  -> Blocked DNS queries: 4648
[2021-08-26 20:26:53.788 338M]  -> Unknown DNS queries: 120
[2021-08-26 20:26:53.788 338M]  -> Unique domains: 1259
[2021-08-26 20:26:53.788 338M]  -> Unique clients: 17
[2021-08-26 20:26:53.788 338M]  -> Known forward destinations: 2
[2021-08-26 20:26:53.788 338M] Successfully accessed setupVars.conf
[2021-08-26 20:26:53.788 338M] *************************************************************************
[2021-08-26 20:26:53.788 338M] * WARNING: Required Linux capability CAP_SYS_NICE not available         *
[2021-08-26 20:26:53.788 338M] *************************************************************************
[2021-08-26 20:26:53.790 340M] PID of FTL process: 340
[2021-08-26 20:26:53.790 340/T341] Listening on port 4711 for incoming IPv4 telnet connections
[2021-08-26 20:26:53.790 340/T341] Terminating IPv4 telnet thread
[2021-08-26 20:26:53.790 340/T344] Terminating database thread
[2021-08-26 20:26:53.790 340/T343] Listening on Unix socket
[2021-08-26 20:26:53.790 340/T343] Terminating socket thread
[2021-08-26 20:26:53.790 340/T345] Terminating GC thread
[2021-08-26 20:26:53.790 340M] INFO: FTL is running as root
[2021-08-26 20:26:53.790 340/T346] Terminating resolver thread
[2021-08-26 20:26:53.791 340M] Shutting down...
[2021-08-26 20:26:53.791 340/T342] Listening on port 4711 for incoming IPv6 telnet connections
[2021-08-26 20:26:53.791 340/T342] Terminating IPv6 telnet thread
[2021-08-26 20:26:53.857 421M] Using log file /var/log/pihole-FTL.log
[2021-08-26 20:26:53.857 421M] ########## FTL started! ##########
[2021-08-26 20:26:53.857 421M] FTL branch: master
[2021-08-26 20:26:53.857 421M] FTL version: v5.8.1
[2021-08-26 20:26:53.857 421M] FTL commit: b90ab8b1
[2021-08-26 20:26:53.857 421M] FTL date: 2021-04-21 20:03:47 +0100
[2021-08-26 20:26:53.857 421M] FTL user: root
[2021-08-26 20:26:53.857 421M] Compiled for x86_64 (compiled on CI) using gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
[2021-08-26 20:26:53.857 421M] Creating mutex
[2021-08-26 20:26:53.858 421M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2021-08-26 20:26:53.858 421M]    SOCKET_LISTENING: only local
[2021-08-26 20:26:53.858 421M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2021-08-26 20:26:53.858 421M]    MAXDBDAYS: max age for stored queries is 365 days
[2021-08-26 20:26:53.858 421M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2021-08-26 20:26:53.858 421M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2021-08-26 20:26:53.858 421M]    DBINTERVAL: saving to DB file every minute
[2021-08-26 20:26:53.858 421M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2021-08-26 20:26:53.858 421M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2021-08-26 20:26:53.858 421M]    PRIVACYLEVEL: Set to 0
[2021-08-26 20:26:53.858 421M]    IGNORE_LOCALHOST: Show queries from localhost
[2021-08-26 20:26:53.858 421M]    BLOCKINGMODE: Null IPs for blocked domains
[2021-08-26 20:26:53.858 421M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2021-08-26 20:26:53.858 421M]    DBIMPORT: Importing history from database
[2021-08-26 20:26:53.858 421M]    PIDFILE: Using /run/pihole-FTL.pid
[2021-08-26 20:26:53.858 421M]    PORTFILE: Using /run/pihole-FTL.port
[2021-08-26 20:26:53.858 421M]    SOCKETFILE: Using /run/pihole/FTL.sock
[2021-08-26 20:26:53.858 421M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2021-08-26 20:26:53.858 421M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2021-08-26 20:26:53.858 421M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2021-08-26 20:26:53.858 421M]    PARSE_ARP_CACHE: Active
[2021-08-26 20:26:53.858 421M]    CNAME_DEEP_INSPECT: Active
[2021-08-26 20:26:53.858 421M]    DELAY_STARTUP: No delay requested.
[2021-08-26 20:26:53.858 421M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2021-08-26 20:26:53.858 421M]    NICE: Cannot change niceness to -10 (permission denied)
[2021-08-26 20:26:53.858 421M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
[2021-08-26 20:26:53.858 421M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2021-08-26 20:26:53.858 421M]    EDNS0_ECS: Overwrite client from ECS information
[2021-08-26 20:26:53.858 421M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2021-08-26 20:26:53.858 421M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2021-08-26 20:26:53.859 421M]    REPLY_ADDR4: Automatic interface-dependent detection of address
[2021-08-26 20:26:53.859 421M]    REPLY_ADDR6: Automatic interface-dependent detection of address
[2021-08-26 20:26:53.859 421M] Finished config file parsing
[2021-08-26 20:26:53.859 421M] WARNING: Starting pihole-FTL as user root is not recommended
[2021-08-26 20:26:53.859 421M] Database version is 9
[2021-08-26 20:26:53.859 421M] Imported 0 alias-clients
[2021-08-26 20:26:53.859 421M] Database successfully initialized
[2021-08-26 20:26:53.859 421M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 2.6MB used, 67.1MB total, FTL uses 708.9KB)
[2021-08-26 20:26:53.882 421M] New upstream server: 1.1.1.1:53 (0/512)
[2021-08-26 20:26:53.919 421M] New upstream server: 1.0.0.1:53 (1/512)
[2021-08-26 20:26:53.935 421M] Resizing "FTL-domains" from 12288 to (1024 * 24) == 24576 (/dev/shm: 2.6MB used, 67.1MB total, FTL uses 749.9KB)
[2021-08-26 20:26:53.945 421M] Resizing "FTL-queries" from 262144 to (8192 * 64) == 524288 (/dev/shm: 2.6MB used, 67.1MB total, FTL uses 762.1KB)
[2021-08-26 20:26:53.974 421M] Resizing "FTL-queries" from 524288 to (12288 * 64) == 786432 (/dev/shm: 2.9MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-26 20:26:53.978 421M] Resizing "FTL-domains" from 24576 to (1536 * 24) == 36864 (/dev/shm: 3.1MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:53.983 421M] Resizing "FTL-queries" from 786432 to (16384 * 64) == 1048576 (/dev/shm: 3.1MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:54.006 421M] Resizing "FTL-queries" from 1048576 to (20480 * 64) == 1310720 (/dev/shm: 3.4MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-26 20:26:54.014 421M] Imported 16733 queries from the long-term database
[2021-08-26 20:26:54.014 421M]  -> Total DNS queries: 16733
[2021-08-26 20:26:54.014 421M]  -> Cached DNS queries: 4983
[2021-08-26 20:26:54.014 421M]  -> Forwarded DNS queries: 6892
[2021-08-26 20:26:54.014 421M]  -> Blocked DNS queries: 4648
[2021-08-26 20:26:54.014 421M]  -> Unknown DNS queries: 120
[2021-08-26 20:26:54.014 421M]  -> Unique domains: 1259
[2021-08-26 20:26:54.014 421M]  -> Unique clients: 17
[2021-08-26 20:26:54.014 421M]  -> Known forward destinations: 2
[2021-08-26 20:26:54.014 421M] Successfully accessed setupVars.conf
[2021-08-26 20:26:54.015 421M] *************************************************************************
[2021-08-26 20:26:54.015 421M] * WARNING: Required Linux capability CAP_SYS_NICE not available         *
[2021-08-26 20:26:54.015 421M] *************************************************************************
[2021-08-26 20:26:54.015 421M] FATAL ERROR in dnsmasq core: failed to bind DHCP server socket: Address already in use
[2021-08-26 20:26:54.017 421M] ########## FTL terminated after 160ms  (code 1)! ##########
[2021-08-26 20:26:54.869 465M] Using log file /var/log/pihole-FTL.log
[2021-08-26 20:26:54.869 465M] ########## FTL started! ##########
[2021-08-26 20:26:54.869 465M] FTL branch: master
[2021-08-26 20:26:54.869 465M] FTL version: v5.8.1
[2021-08-26 20:26:54.870 465M] FTL commit: b90ab8b1
[2021-08-26 20:26:54.870 465M] FTL date: 2021-04-21 20:03:47 +0100
[2021-08-26 20:26:54.870 465M] FTL user: root
[2021-08-26 20:26:54.870 465M] Compiled for x86_64 (compiled on CI) using gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
[2021-08-26 20:26:54.870 465M] Creating mutex
[2021-08-26 20:26:54.871 465M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2021-08-26 20:26:54.871 465M]    SOCKET_LISTENING: only local
[2021-08-26 20:26:54.871 465M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2021-08-26 20:26:54.871 465M]    MAXDBDAYS: max age for stored queries is 365 days
[2021-08-26 20:26:54.871 465M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2021-08-26 20:26:54.871 465M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2021-08-26 20:26:54.871 465M]    DBINTERVAL: saving to DB file every minute
[2021-08-26 20:26:54.871 465M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2021-08-26 20:26:54.871 465M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2021-08-26 20:26:54.871 465M]    PRIVACYLEVEL: Set to 0
[2021-08-26 20:26:54.871 465M]    IGNORE_LOCALHOST: Show queries from localhost
[2021-08-26 20:26:54.871 465M]    BLOCKINGMODE: Null IPs for blocked domains
[2021-08-26 20:26:54.871 465M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2021-08-26 20:26:54.871 465M]    DBIMPORT: Importing history from database
[2021-08-26 20:26:54.871 465M]    PIDFILE: Using /run/pihole-FTL.pid
[2021-08-26 20:26:54.871 465M]    PORTFILE: Using /run/pihole-FTL.port
[2021-08-26 20:26:54.871 465M]    SOCKETFILE: Using /run/pihole/FTL.sock
[2021-08-26 20:26:54.871 465M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2021-08-26 20:26:54.871 465M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2021-08-26 20:26:54.871 465M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2021-08-26 20:26:54.871 465M]    PARSE_ARP_CACHE: Active
[2021-08-26 20:26:54.871 465M]    CNAME_DEEP_INSPECT: Active
[2021-08-26 20:26:54.871 465M]    DELAY_STARTUP: No delay requested.
[2021-08-26 20:26:54.871 465M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2021-08-26 20:26:54.871 465M]    NICE: Cannot change niceness to -10 (permission denied)
[2021-08-26 20:26:54.871 465M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
[2021-08-26 20:26:54.871 465M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2021-08-26 20:26:54.871 465M]    EDNS0_ECS: Overwrite client from ECS information
[2021-08-26 20:26:54.871 465M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2021-08-26 20:26:54.871 465M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2021-08-26 20:26:54.871 465M]    REPLY_ADDR4: Automatic interface-dependent detection of address
[2021-08-26 20:26:54.871 465M]    REPLY_ADDR6: Automatic interface-dependent detection of address
[2021-08-26 20:26:54.871 465M] Finished config file parsing
[2021-08-26 20:26:54.871 465M] WARNING: Starting pihole-FTL as user root is not recommended
[2021-08-26 20:26:54.872 465M] Database version is 9
[2021-08-26 20:26:54.872 465M] Imported 0 alias-clients
[2021-08-26 20:26:54.872 465M] Database successfully initialized
[2021-08-26 20:26:54.872 465M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 720.9KB used, 67.1MB total, FTL uses 708.9KB)
[2021-08-26 20:26:54.894 465M] New upstream server: 1.1.1.1:53 (0/512)
[2021-08-26 20:26:54.931 465M] New upstream server: 1.0.0.1:53 (1/512)
[2021-08-26 20:26:54.948 465M] Resizing "FTL-domains" from 12288 to (1024 * 24) == 24576 (/dev/shm: 761.9KB used, 67.1MB total, FTL uses 749.9KB)
[2021-08-26 20:26:54.957 465M] Resizing "FTL-queries" from 262144 to (8192 * 64) == 524288 (/dev/shm: 774.1KB used, 67.1MB total, FTL uses 762.1KB)
[2021-08-26 20:26:54.983 465M] Resizing "FTL-queries" from 524288 to (12288 * 64) == 786432 (/dev/shm: 1.0MB used, 67.1MB total, FTL uses 1.0MB)
[2021-08-26 20:26:54.988 465M] Resizing "FTL-domains" from 24576 to (1536 * 24) == 36864 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:54.993 465M] Resizing "FTL-queries" from 786432 to (16384 * 64) == 1048576 (/dev/shm: 1.3MB used, 67.1MB total, FTL uses 1.3MB)
[2021-08-26 20:26:55.013 465M] Resizing "FTL-queries" from 1048576 to (20480 * 64) == 1310720 (/dev/shm: 1.6MB used, 67.1MB total, FTL uses 1.6MB)
[2021-08-26 20:26:55.019 465M] Imported 16733 queries from the long-term database
[2021-08-26 20:26:55.019 465M]  -> Total DNS queries: 16733
[2021-08-26 20:26:55.019 465M]  -> Cached DNS queries: 4983
[2021-08-26 20:26:55.019 465M]  -> Forwarded DNS queries: 6892
[2021-08-26 20:26:55.019 465M]  -> Blocked DNS queries: 4648
[2021-08-26 20:26:55.019 465M]  -> Unknown DNS queries: 120
[2021-08-26 20:26:55.019 465M]  -> Unique domains: 1259
[2021-08-26 20:26:55.019 465M]  -> Unique clients: 17
[2021-08-26 20:26:55.019 465M]  -> Known forward destinations: 2
[2021-08-26 20:26:55.019 465M] Successfully accessed setupVars.conf
[2021-08-26 20:26:55.019 465M] *************************************************************************
[2021-08-26 20:26:55.019 465M] * WARNING: Required Linux capability CAP_SYS_NICE not available         *
[2021-08-26 20:26:55.019 465M] *************************************************************************
[2021-08-26 20:26:55.020 465M] PID of FTL process: 465
[2021-08-26 20:26:55.020 465M] INFO: FTL is running as root
[2021-08-26 20:26:55.020 465/T466] Listening on port 4711 for incoming IPv4 telnet connections
[2021-08-26 20:26:55.020 465/T468] Listening on Unix socket
[2021-08-26 20:26:55.021 465M] Reloading DNS cache
[2021-08-26 20:26:55.021 465M] Blocking status is enabled
[2021-08-26 20:26:55.021 465/T467] Listening on port 4711 for incoming IPv6 telnet connections
[2021-08-26 20:26:56.023 465/T469] Compiled 0 whitelist and 0 blacklist regex filters for 17 clients in 0.2 msec
[2021-08-26 20:30:25.203 465M] Reloading DNS cache
[2021-08-26 20:30:25.203 465M] Blocking status is enabled
[2021-08-26 20:30:25.711 465/T469] SQLite3 message: file unlinked while open: /etc/pihole/gravity.db (28)
[2021-08-26 20:30:25.724 465/T469] Compiled 0 whitelist and 0 blacklist regex filters for 17 clients in 0.3 msec

After restart of the container I noted FATAL ERROR in dnsmasq core: failed to bind DHCP server socket: Address already in use int the log. I guess this one is relevant...

6

It's me again. By now I think the FATAL ERROR came from the fact, that I had router DHCP turned on when i startet pihole. A pihole restart when router DHCP was turned off eliminated the error.

Yet I got another one in pihole-FTL.log

FATAL: realloc_shm(): Failed to open shared memory object "FTL-queries": No such file or directory

I will report any additional odd behaviour when it occurs again. In the meantime I hope it is running stable.

7

Issue still occurs. Any ideas how to proceed?

8

What do the logs show?

9

I'm traveling. Will post logs as soon as possible.

10

Mmh, pihole.log (20Mb) only has entries of today (althoug log file is persistant). Other log seem uninteresting, content mirrors the already posted logs.
Since I'm travelling I will not disable router-dhcp to keep the system stable. Will test further once I'm home again in two weeks.
Thanks for your help so far.

11

Previous day logs are with numbers appended. Yesterday is .1, etc. Older logs are gzip format, so you will need to use slightly different commands to read them. zcat, zgrep, etc.

ls -lha /var/log/pihole.log*

-rw-r--r-- 1 pihole pihole 2.2M Aug 29 13:59 /var/log/pihole.log
-rw-r--r-- 1 pihole pihole 3.9M Aug 29 00:00 /var/log/pihole.log.1
-rw-r--r-- 1 pihole pihole 258K Aug 28 00:00 /var/log/pihole.log.2.gz
-rw-r--r-- 1 pihole pihole 226K Aug 27 00:00 /var/log/pihole.log.3.gz
-rw-r--r-- 1 pihole pihole 270K Aug 26 00:00 /var/log/pihole.log.4.gz
-rw-r--r-- 1 pihole pihole 244K Aug 25 00:00 /var/log/pihole.log.5.gz
12

thank you for the hint. No such luck. I only have one pihole.log. Is that a setting that needs to be enabled in order to keep logfile more that one day in the past?

13

This should be part of the logrotate script, and no setting is needed to enable this.

14

I suppose I know where this comes from. As part of the backup process all docker containers are downed and uped again. Only pihole.log is made permanent. I will add a copy job to cron before shutting down the containers... let you know how this works asap.

15

Back from vacation and a challenging week in RL with kiddies...

I turned off DHCP on router and exaclty after the 24h lease time (08:43:14) was over the system went haywire. When I turned DHCP on again on router eveything went back to normal (09:24:52):

pihole log

Sep 19 08:43:17 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:43:17 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:43:47 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:43:47 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:44:17 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:44:17 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:44:47 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:44:47 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:45:17 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:45:17 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:45:47 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:45:47 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:46:18 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:46:18 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:46:48 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:46:48 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:47:18 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:47:18 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:47:48 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:47:48 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:48:18 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:48:18 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:48:48 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:48:48 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:49:18 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:49:18 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:49:48 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:49:48 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:50:19 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:50:19 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:50:49 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:50:49 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:51:19 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:51:19 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:51:49 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:51:49 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:52:19 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:52:19 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:52:49 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:52:49 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:53:19 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:53:19 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:53:50 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:53:50 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:54:20 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:54:20 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:54:50 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:54:50 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:55:20 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:55:20 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:55:50 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:55:50 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:56:20 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:56:20 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:56:51 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:56:51 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:57:21 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:57:21 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:57:51 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:57:51 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:58:21 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:58:21 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:58:51 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:58:51 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:59:21 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:59:21 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 08:59:51 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 08:59:51 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 13.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 13.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 9.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 9.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 4.176.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 4.176.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 139.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 139.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 116.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 116.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 10.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config 10.0.168.192.in-addr.arpa is <PTR>
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 17.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 17.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 172.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: DHCP 192.168.0.172 is Galaxy-Tab-A7.lan
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 145.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 145.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 177.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 177.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 158.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: DHCP 192.168.0.158 is Galaxy-A5-2017.lan
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 132.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: DHCP 192.168.0.132 is GamingMachine.lan
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 6.176.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 6.176.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 8.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 8.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 4.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 4.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 2.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 2.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 5.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 5.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 8.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 8.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 12.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 12.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 11.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 11.90.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 11.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 11.0.21.172.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 159.0.168.192.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: DHCP 192.168.0.159 is LAPTOP-G0MIEEE6.lan
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 1.0.0.1.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 1.0.0.1.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 1.1.1.1.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:00 dnsmasq[427]: query[PTR] 1.1.1.1.in-addr.arpa from 127.0.0.1
Sep 19 09:00:00 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:00:21 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:00:21 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:00:52 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:00:52 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:01:22 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:01:22 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:01:52 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:01:52 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:02:22 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:02:22 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:02:52 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:02:52 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:03:22 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:03:22 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:03:52 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:03:52 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:04:23 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:04:23 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:04:53 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:04:53 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:05:23 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:05:23 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:05:53 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:05:53 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:06:23 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:06:23 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:06:53 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:06:53 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:07:23 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:07:23 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:07:54 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:07:54 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:08:24 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:08:24 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:08:54 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:08:54 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:09:24 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:09:24 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:09:54 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:09:54 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:10:24 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:10:24 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:10:54 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:10:54 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:11:25 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:11:25 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:11:55 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:11:55 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:12:25 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:12:25 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:12:55 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:12:55 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:13:25 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:13:25 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:13:55 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:13:55 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:14:25 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:14:25 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:14:55 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:14:55 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:15:26 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:15:26 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:15:56 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:15:56 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:16:26 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:16:26 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:16:56 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:16:56 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:17:26 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:17:26 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:17:56 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:17:56 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:18:26 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:18:26 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:18:57 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:18:57 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:19:27 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:19:27 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:19:57 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:19:57 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:20:27 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:20:27 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:20:41 dnsmasq[427]: query[AAAA] livepatch.canonical.com from 127.0.0.1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[A] livepatch.canonical.com from 127.0.0.1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[AAAA] livepatch.canonical.com from ::1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[A] livepatch.canonical.com from ::1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[AAAA] livepatch.canonical.com from 127.0.0.1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[A] livepatch.canonical.com from 127.0.0.1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[AAAA] livepatch.canonical.com from ::1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:41 dnsmasq[427]: query[A] livepatch.canonical.com from ::1
Sep 19 09:20:41 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:20:57 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:20:57 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:21:11 dnsmasq[427]: query[A] livepatch.canonical.com from 127.0.0.1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[AAAA] livepatch.canonical.com from 127.0.0.1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[A] livepatch.canonical.com from ::1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[AAAA] livepatch.canonical.com from ::1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[A] livepatch.canonical.com from 127.0.0.1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[AAAA] livepatch.canonical.com from 127.0.0.1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[A] livepatch.canonical.com from ::1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:11 dnsmasq[427]: query[AAAA] livepatch.canonical.com from ::1
Sep 19 09:21:11 dnsmasq[427]: config error is REFUSED (EDE: network error)
Sep 19 09:21:27 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:21:27 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:21:57 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:21:57 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:22:27 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:22:27 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:22:58 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:22:58 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:23:28 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:23:28 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:23:58 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:23:58 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:24:28 dnsmasq[427]: query[A] pi.hole from 127.0.0.1
Sep 19 09:24:28 dnsmasq[427]: internal pi.hole is 192.168.0.10
Sep 19 09:24:52 dnsmasq[427]: query[A] pool.ntp.org from 192.168.0.139
Sep 19 09:24:52 dnsmasq[427]: forwarded pool.ntp.org to 1.1.1.1
Sep 19 09:24:52 dnsmasq[427]: reply pool.ntp.org is 46.165.252.57
Sep 19 09:24:52 dnsmasq[427]: reply pool.ntp.org is 185.125.24.59
Sep 19 09:24:52 dnsmasq[427]: reply pool.ntp.org is 212.51.144.44
Sep 19 09:24:52 dnsmasq[427]: reply pool.ntp.org is 91.235.212.22
Sep 19 09:24:52 dnsmasq[427]: query[A] time1.google.com from 192.168.0.177
Sep 19 09:24:52 dnsmasq[427]: forwarded time1.google.com to 1.1.1.1
Sep 19 09:24:52 dnsmasq[427]: reply time1.google.com is 216.239.35.0
Sep 19 09:24:52 dnsmasq[427]: query[A] www.bing.com from 192.168.0.145
Sep 19 09:24:52 dnsmasq[427]: cached www.bing.com is <CNAME>
Sep 19 09:24:52 dnsmasq[427]: forwarded www.bing.com to 1.1.1.1
Sep 19 09:24:52 dnsmasq[427]: query[A] teams.events.data.microsoft.com from 192.168.0.145
Sep 19 09:24:52 dnsmasq[427]: cached teams.events.data.microsoft.com is <CNAME>
Sep 19 09:24:52 dnsmasq[427]: forwarded teams.events.data.microsoft.com to 1.1.1.1
Sep 19 09:24:52 dnsmasq[427]: query[A] config.teams.microsoft.com from 192.168.0.145

Nothing useful in pihole-FTL.log.

Here the ammended docker-compose section for pihole:

pihole:
        image: pihole/pihole:latest
        container_name: pihole
        domainname: $DOMAINNAME
        hostname: pihole
        network_mode: "host"
        security_opt:
            - no-new-privileges:true
        environment:
            - ServerIP=192.168.0.10
            - TZ=${TZ}
            - WEBPASSWORD=${PW1}
            - PROXY_LOCATION=pihole
            - DHCP_ACTIVE=true
            - DHCP_START=192.168.0.100
            - DHCP_END=192.168.0.200
            - DHCP_ROUTER=192.168.0.1
            - DHCP_LEASETIME=168
            - WEB_PORT=9050
            - DHCP_rapid_commit=true
            - PIHOLE_DNS_=1.0.0.1;1.1.1.1
        dns:
            - 127.0.0.1
            - 1.1.1.1
        ports:
            - 53:53/tcp #DNS
            - 53:53/udp #DNS
            - 67:67/udp #DHCP
            - 80:80/tcp
        volumes:
            - $APPDATADIR/pihole/etc-pihole:/etc/pihole
            - $APPDATADIR/pihole/etc-dnsmasqd:/etc/dnsmasq.d
            - $APPDATADIR/pihole/logs/lighttpd:/var/log/lighttpd
            - $APPDATADIR/pihole/logs/pihole.log:/var/log/pihole.log
            - $APPDATADIR/pihole/logs/pihole-FTL.log:/var/log/pihole-FTL.log
            - $APPDATADIR/pihole/logs/pastdays:/var/log/pihole
        cap_add:
            - NET_ADMIN
        restart: unless-stopped

Again thanks for your help.

16

Well, yes, this suggests the machine didn't had a network connection at that time.

17

Changed tiltle as we know the problem now. I just don't know how to get it to work. Hints would be appreciated. Will continue looking for solutions.