The issue I am facing:
Pi-hole reporting the maximum number of concurrent DNS queries reached.
Details about my system:
I am using unbound as my recursive DNS server with Pi-hole on Raspbian 10. My DHCP server is a pfSense router.
What I have changed since installing Pi-hole:
I think the issue is being caused by a test Linux box I've been playing with. I installed wazuh in a docker and installed client's on my home systems. I noticed when I powered down that system for a while, the queries went through the roof. I presume due to retries of the client's trying to reach the host, but it settled down once it was back online. I didn't notice the DNSMASQ_WARN message until today, so I can't be sure of when it started. I just want to confirm my suspicions so I'm not going down the wrong path.
legion.home.arpa is my Linux test server with the wazuh docker installed. I can't seem to resolve it locally anymore. I did recently change my DHCP server from the Pi-hole to the pfSense router, but I've set conditional forwarding in the DNS settings of Pi-hole.
Maximum number of concurrent DNS queries reached (max: NUMBER)
The configured maximum number of concurrent DNS queries for a given server is reached. The system is either very busy at the moment or not receiving queries from the configured upstream. Check your connectivity or the upstream DNS server status.
The warning can also be printed when being spammed with an excessive amount of duplicates or when the upstream server never replies for specific domains. Check your logs and try to identify similarities between the query directly preceding this warning and earlier queries in /var/log/pihole/pihole.log. Try to find out if your upstream does maybe never reply to specific domains and fix this.
This warning is printed at most once every five seconds (per upstream server) to help mitigate unlimited log file growth.
Yes, I looked over the document as it directed me to do that from the Pi-hole web GUI. I guess I'm just too ignorant to know what it's talking about. I'll dig through it and see if I can learn something.
"The configured maximum number of concurrent DNS queries for a given server is reached."
A given server is the DNS server that Pi-hole is forwarding requests to? That would be unbound on the Pi-hole itself if that's the case.
"The warning can also be printed when being spammed with an excessive amount of duplicates or when the upstream server never replies for specific domains."
Unbound wouldn't respond to my local domain of home.arpa, correct?
"Try to find out if your upstream does maybe never reply to specific domains and fix this."
So, looks like I need to check the unbound logs?
Sorry for the simple questions. Just trying to wrap my head around this.
Reviewing my unbound config, looks like I have some cleanup to do. The unbound-resolvconf.service is active where it shouldn't be. I'll make a backup of the pi before I start messing with stuff.