FTL crash when querying a domain in a custom dnsmasq list

Hello, I've noticed that my Pi-hole instance running in a docker container is getting DoSed by the host when I make a query to a domain in a custom dnsmasq list.

For example with this configuration in the dnsmasq.d directory:

# 99-nginx-proxy-manager.conf
server=/domain.tld/10.1.0.140

and by running this command on my workstation:

#$ dig @10.1.0.140 test.domain.tld

; <<>> DiG 9.10.6 <<>> @10.1.0.140 test.domain.tld
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

I get this in the pihole.log:

# pihole.log
Jul 19 20:46:04 dnsmasq[233]: query[A] test.domain.tld from 10.0.4.20
Jul 19 20:46:04 dnsmasq[233]: forwarded test.domain.tld to 10.1.0.140
Jul 19 20:46:04 dnsmasq[233]: query[A] test.domain.tld from 172.24.0.1
Jul 19 20:46:04 dnsmasq[233]: forwarded test.domain.tld to 10.1.0.140
Jul 19 20:46:04 dnsmasq[233]: query[A] test.domain.tld from 172.24.0.1
Jul 19 20:46:04 dnsmasq[233]: forwarded test.domain.tld to 10.1.0.140
Jul 19 20:46:04 dnsmasq[233]: query[A] test.domain.tld from 172.24.0.1
Jul 19 20:46:04 dnsmasq[233]: forwarded test.domain.tld to 10.1.0.140
Jul 19 20:46:04 dnsmasq[233]: query[A] test.domain.tld from 172.24.0.1
Jul 19 20:46:04 dnsmasq[233]: forwarded test.domain.tld to 10.1.0.140
... at least 5000 more ...
[2023-07-19 20:46:17.296 401M] WARNING: RAM shortage (/dev/shm) ahead: 94% is used (/dev/shm: 253.8MB used, 268.4MB total, FTL uses 253.8MB)
[2023-07-19 20:46:17.296 401M] Resizing "FTL-queries" from 253231104 to (4526080 * 56) == 253460480 (/dev/shm: 253.8MB used, 268.4MB total, FTL uses 253.8MB)

Here's a legend of IPs:

• 10.1.0.140 is the server running Pi-hole, but it also runs a reverse proxy and grafana
• 172.24.0.1 should be the docker ip for the host
• 10.0.4.20 is my workstation

As you can see every time I do a request to a subdomain of the domain setup in the dnsmasq config, the request from my workstation arrives to the Pi-hole, but then the host starts sending a lot of requests for the same subdomain until the FTL crashes, and my workstation never gets the response.

Can't figure out why this is happening, anyone has a clue?

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

Ah forgot to include it in the initial message, here's a debug log generated earlier today while trying to reproduce the issue: https://tricorder.pi-hole.net/GfOnsa1S/

Let me know if there is anything else that you need

Solved, this configuration is incorrect, server here means that Pi-hole will look up every query with the domain domain.tld and it's subdomains using 10.1.0.140, the loop happened because that happens to be the same IP where the Pi-hole is hosted.

What I wanted instead is to resolve every query with that domain to that IP, so to achieve that I changed the configuration to use the address directive instead:

# 99-nginx-proxy-manager.conf
address=/domain.tld/10.1.0.140

This can also (and perhaps more transparently) be handled by creating the respective Local DNS Records via Pi-hole's UI, which is a simple frontend for editing /etc/pihole/custom.list.

It all depends what you're looking for, I wanted every subdomain to resolve to a single IP, without going through the file or the UI every time I need to set up a new service, unless I'm missing something here

But if I just needed one or a few subdomains or if the subdomains needed to resolve to different IPs, then using that would be a good solution

Another use for the custom list is to override the dnsmasq config for a few exceptions, in my case there is a subdomain that I want to resolve to a different IP, and this works because Pi-hole checks first in the custom list and then in the dnsmasq list.

That subdomain bit of information was absent from your previous post.
Indeed, Local DNS Records only cover exact domains.