14:41:26: query [A] BRWSCE99497F86F.myrouter.net from 192.168.1.10
14:41:26: query [A] HP3FF41E.myrouter.net from 192.168.1.10
Router IP=192.168.1.10
I have blocked BRWSCE99497F86F and HP3FF41E since. I have a Brother printer but the BRW.. does not match the node of the printer. The HP3.. resembles a HP product but I do not have and HP.
How can I prevent these 2 queries from sending out pings so often? What's the best solution?
You will need to find the software that is doing this, and stop it at the source. This is not something you can do with Pi-hole, although Pi-hole revealed the queries.
This will likely take some methodical troubleshooting on your part, and a visit to the forums for your router, etc.
My approach would be to turn off the suspect devices and see if the activity stops. If it does, you know what devices are the cause and can start troubleshooting those devices (such as search forums/knowledge base articles to mitigate the behavior by altering settings, etc.).
If turning the devices off doesn't stop the excessive pings, you'll know it's another device and can keep searching until you isolate it.
All Wireshark is going to tell you is what traffic the devices are sending, not how to stop it. You already know the devices are making DNS queries (otherwise Pihole wouldn't be logging them).
What make and model of router is it? This domain myrouter.net gives odd results depending on where it's queried. It seems like one of those domains that is used to track down your own router on a network, used by the likes of Netgear.
Try pinging the hostnames on your network and see if anything responds.
I have seen similar behaviour on a friend's network. IIRC they have a brother printer, and there is some bloatware on their PC (which gets installed when installing the driver package) that is very chatty and causes many lookups like this.
Is your router making those requests on behalf of a client, i.e. is it configured to use Pi-hole as upstream?
Or do you distribute Pi-hole as local DNS server via DHCP (which would then suggest that you are observing genuine router requests)?
Run from your Pi-hole machine, what's the output of: