dnsmasq should run with normal CPU usage
dnsmasq consumes 100% cpu. The pi3 does nothing other than pi-hole. Local AP servers DHCP and uses pi-hole as its primary DNS with secondary posting to freaks public pi-hole. I ran the install script on pi-hole.net.
1f0v4ki6qo
I uninstalled pihole and manually removed packages. Fading memory reminded me that I had pivpn installed on here once. I suspect that there were permission issues as the block page didn't load properly. After reinstall everything appears to work.
I woke up this morning and found dnsmasq at 100% again. I restarted it and it is now fine. Also forced a log flush as pihole-FTL was at 100% due to log size. Changed logrotate to run hourly and with a size 100M parameter vs daily.
Appreciate any thoughts. New debug token:
1ep64qa89c
After I got dnsmasq not to consume 100% cpu, then pihole-FTL was pegged. I tried to force it manually and got this:
pi@strat0varius:/var/log $ sudo pihole -f
sed: can't read /etc/pihole/pihole-FTL.conf: No such file or directory
[i] Flushing /var/log/pihole.log ...Error: database is locked
[✓] Flushed /var/log/pihole.log
[✓] Deleted queries from database
Read some old Help threads and found a similar issue. Then I stopped logging and was able to flush OK.
pi@strat0varius:/var/log $ sudo pihole -f
sed: can't read /etc/pihole/pihole-FTL.conf: No such file or directory
[✓] Flushed /var/log/pihole.log
[✓] Deleted queries from database
pi@strat0varius:/var/log $
I also saw excessive queries to the following name while tailing the logs. I have since excluded logging for it:
_http._tcp.archive.raspberrypi.org
Lets see what happens...
Is the Pi publicly accessible? Where are the queries coming from?
It is not publicly accessible and in RFC 1918 address space. Serves my internal network and then for secondary DNS I point to Freaks free public pi-hole.
I mean, is there a specific client making the huge number of requests?
I suspect it was internal from the pi because at the time it would've been the only pi on the network. Unfortunately the logs have been rm'd.
I've since checkout FTLDNS and looks better so far.
FYI, this is most likely "apt" looking up mirrors:
pi@arcade:~ $ host -t srv _http._tcp.archive.raspberrypi.org
Host _http._tcp.archive.raspberrypi.org not found: 3(NXDOMAIN)
I had this behavior when I set my WAN DNS to be that of the pihole, as well as the LAN. But I was on FTLDNS when I did that, and using my router as an upstream resolver
Thanks for that slenk as it made me think about my own network setup.
I have a Disney Circle device and Google Wifi. The Circle is part of the wifi network and it essentially impersonates the default GW via arpspoofing to manipulate traffic for kid safety.
I moved pi-hole to the WAN side of Google Wifi using the ETH0 vs WLAN0,
Shut WLAN0 on the pi so it could not interfere with the ETH0 traffic.
This solved my problem. My logs are much more manageable, the Pi is not running hot and now at 0.03 load vs 1.2 before.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.