I setup cloudflared so that pi-hole is running DoH using the guide. Everything seems to be running normally but there has been a massive drop in the number of blocked queries. Before cloudflared was installed pi-hole was blocking around 50% of queries after, its blocking between 15-30%. Is this normal?
I find 50% blocked quite unusual.
My % lies between 10 & 16% with a mixture of Linux, MS, Apple & Android clients.
Your choice of upstream DNS server has no influence on your blocking. This is driven by the clients on your network, queries made by those clients (i.e. your browsing habits), and the domains in your gravity list.
When Pi-hole receives a query, it first checks to see if the query is in gravity. If so, it does not process the query any further, and returns 0.0.0.0 (by default) to the client.
If the query is not blocked, then Pi-hole needs to get the IP for the domain, so it forwards the query to your upstream DNS resolver (in your case Cloudlared). Cloudflared does its encryption, sends the request to it's upstream resolver (likely Cloudflare), then after it gets the answer it sends this answer back to Pi-hole. Pi-hole then returns the IP to the requesting client.
Take a close look in your dnsmasq log at /var/log/pihole/pihole.log and see if there are repeated queries forwarded to Cloudflared for the same domains, and also see if the IP's returned for any domain are the same IP's.
I marked jfb answer as the solution as it makes sense that upstream server has no affect on it.
Just for fun, I am putting below what I was seeing with queries in the first couple hours of cloudflared being installed until it figured itself out. This was in the middle of the day with both my partner and I on the network working.
As you can see there was a massive dip in blocked queries. I am going to assume at this point it was user error / misunderstanding as things seemed to have return to normal.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.