Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
pihole -d
or do it through the Web interface:
Tools > Generate Debug Log
Your debug log expired. Please upload a new one.
here is a new debug post: https://tricorder.pi-hole.net/iM3mJHx1/
I want to add i did increase the cache size and what i did see is that all weekend the connectivity was fine until this morning.
I don't see any error in your debug log that would explain what you are experience.
Why do you suspect that this is due to insufficient cache size?
What is the output of
echo ">stats >quit" | nc 127.0.0.1 4711
echo ">cacheinfo >quit" | nc 127.0.0.1 4711
Hey Yubi,
I am suspecting that the DNS cache is not removing old records and I would have over 10,000 cached records. When I flush the DNS cache things seem to return to normal. That is also the reason I bumped up the cache size to 100k
domains_being_blocked 100077
dns_queries_today 29199
ads_blocked_today 1688
ads_percentage_today 5.781020
unique_domains 3174
queries_forwarded 19476
queries_cached 6748
clients_ever_seen 33
unique_clients 25
dns_queries_all_types 29199
reply_NODATA 2045
reply_NXDOMAIN 1010
reply_CNAME 16987
reply_IP 7369
privacy_level 1
status enabled
cache-size: 100000
cache-live-freed: 0
cache-inserted: 76193
ipv4: 126
ipv6: 21
srv: 0
cname: 358
ds: 0
dnskey: 0
other: 26
expired: 1197
immortal: 40
Not a single cache entry needed to be removed although it hadn't expired so far.
To find out if the cache is really the issue here, please decrease it again to the default 10000 and wait until you experience the issue. Then run the command again and check the cache-live-freed
Hi Yubi,
I have isolated the issue to another part of my network. I have a question though im seeing a lot of DNSMASQ warnings. In particular the warning message is ignoring query from non local network. Can you advise if there is a way I can see what non local network is trying to query my network?
Regards,
Jonathan
The next version of Pi-hole will contain the requesting IP. This version is already at the horizon....
I have had the issue again I am 10,000 set as the cache size but i have over 300,000 records in the cache live freed command where do i run that command from?
Please post a new output of the following command from the Pi terminal:
echo ">cacheinfo >quit" | nc 127.0.0.1 4711
cache-size: 10000
cache-live-freed: 0
cache-inserted: 2488
ipv4: 74
ipv6: 9
srv: 0
cname: 145
ds: 0
dnskey: 0
other: 23
expired: 507
immortal: 40
The cache live freed since that is 0 does that mean that old records are not being removed?
Cache entries are not being forcibly removed prior to the end of their TTL in order to make space for new entries. Cache entries are expiring from the cache naturally at the end of the TTL.
In your original output, none of the entries in the cache were forcibly evicted. The data shown is cumulative from the last time that FTL was restarted. In that time, you had 76193 entries into the cache. But, even with a cache size of 10000, it is highly unlikely (given your network query traffic volume) that any of these would be forcibly evicted from the cache.
It is quite normal to have the number of cache insertions much greater than the cache size, depending on how long FTL has been running. The parameter that tells you if the cache is overflowing is cache-live-freed. If that is zero, you don't need a larger cache (nor do you want one, as this consumes memory unnecessarily).
This is similar in concept to putting gas into your car's tank. The tank may hold 10 gallons, and in a year you may consume 500 gals, but the tank never overflows. Gas is consumed faster than you put it in.
2 Likes
This functionality is in our latest release that was issued today.
Listed in Commits on Jan 12, 2022 - Log source of ignored query when local-service is used
Morning jfb,
Thanks for your reply. The strange thing is I have very random hiccups which seem to disappear upon restarting the DNS resolver.
The funny thing its only the part of my network which is currently operating over a home plug until I can run a new network cable. Could this randomness be caused by dnsmasq in some way? Are there any other logs I can check to see any potential errors?
I don't think so in this case. Your common problem area in the network is the home plug, and that is likely the root of the problem.
All the Pi-hole log entries are made in /var/log/pihole-FTL.log and /var/log/pihole.log. The dnsmasq warnings are also carried in the diagnostics page in the web admin GUI.
I have updated ot the latest version. I will have to wait until it happens again and those warning surface again.
Will have to provide feedback on this thread once it happens again.
1 Like
Had another network hiccup now and it seems like a different segment of my lan is causing these to be generated:
ignoring query from non-local network 192.168.113.2 (logged only once), did a bit of digging on this ip and this is the ip address given out by my vpn to my machine. What about this is making DNSMASQ unhappy?
I am not sure why this is starting to be logged now and these hiccups are occuring. When these hiccups occur i cannot load any website. This happened to me and im outside the home network connected to vpn.
Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
pihole -d
or do it through the Web interface:
Tools > Generate Debug Log
It has been logged always, but only to the log file. Recently, we made them appear in the web interface as well. This is when users started to notice them.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.