Already found an issue. Three of my piholes are being flooded with maximum concurrent DNS request 150 are being met. Two of the piholes were spammed this 23 -30 times immediately after upgrade.
Is the issue that you are being warned of a limit being reached, where before you weren't? This is a new addition to Pi-hole in this update. The operation of Pi-hole has not changed, but this warning for things happening under the hood was added. This new feature is referenced in the release notes.
yep it is a new warning. Everything seems functional still. I guess i need to raise the size of --dns-forward-max= I think setting it to a adequate value of 1024 should resolve this issue.
The warnings have always been there, somewhat hidden in /var/log/pihole.log, a recent addition just made them more visible by also printing them into /var/log/pihole-FTL.log and showing them on the dashboard:
I don't think rising the limit will help. If an upstream server has issues to respond to queries and there are more than 150 queries awaiting reply from the server, this rather suggests something is wrong with your upstream server.
Please have a look into your /var/log/pihole.log file and look for said
Maximum number of concurrent DNS queries reached (max: 150)
messages.
Questions:
- What query happened exactly above?
- Is it the same domain that is queried very often?
- If 2 is yes: Did the upstream server this was sent to reply a single time for such a query?
1 Like
It appears I have some very Noisy clients on my network causing the problem. Every thing still appears to be fully functional. If it were breaking DNS i would see it as a cause for concern. If the only thing I have to get use to is a bouncing exclamation point on the GUI, then i am fine. If i know of a way to resolve it, I would though.
Answers to the three questions may help us help you.
Answer to number 1, there appears to be failed reverse lookups for few clients on my network. Pihole continues to attempt the lookups.
Answer to number 2, Yes it is the same lookups attempted over and over again over a long period of time as pihole must be trying to attempt to find a hostname for this device. It keeps getting served as refused. Pihole continues to try to resolve the clients hostname.
Here a sample of some of the Pihole-ftl.log
-----tail of pihole-FTL.log------
[2021-12-24 19:50:53.001 5366/T5369] Listening on Unix socket
[2021-12-24 19:50:53.008 5366M] Reloading DNS cache
[2021-12-24 19:50:55.046 5366/T5370] Resizing "FTL-per-client-regex" from 4096 to (1 * 8192) == 8192 (/dev/shm: 13.5MB used, 4.1GB total, FTL uses 13.5MB)
[2021-12-24 19:50:56.217 5366/T5370] Compiled 34 whitelist and 31 blacklist regex filters for 126 clients in 1208.6 msec
[2021-12-24 19:50:56.221 5366M] Blocking status is enabled
[2021-12-24 19:50:56.786 5366M] Resizing "FTL-strings" from 122880 to (163840 * 1) == 163840 (/dev/shm: 13.5MB used, 4.1GB total, FTL uses 13.5MB)
[2021-12-24 19:51:01.322 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:11.540 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:11.642 5366M] Resizing "FTL-per-client-regex" from 8192 to (1 * 12288) == 12288 (/dev/shm: 13.5MB used, 4.1GB total, FTL uses 13.5MB)
[2021-12-24 19:51:21.407 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:30.802 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:36.009 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:42.830 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:49.433 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:51:58.217 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 19:52:20.741 5366M] Resizing "FTL-dns-cache" from 4096 to (512 * 16) == 8192 (/dev/shm: 13.5MB used, 4.1GB total, FTL uses 13.5MB)
[2021-12-24 19:52:36.426 5366M] Resizing "FTL-queries" from 12435456 to (286720 * 44) == 12615680 (/dev/shm: 13.5MB used, 4.1GB total, FTL uses 13.5MB)
[2021-12-24 19:56:04.851 5366M] Resizing "FTL-dns-cache" from 8192 to (768 * 16) == 12288 (/dev/shm: 13.7MB used, 4.1GB total, FTL uses 13.7MB)
[2021-12-24 19:58:33.489 5366M] Resizing "FTL-dns-cache" from 12288 to (1024 * 16) == 16384 (/dev/shm: 13.7MB used, 4.1GB total, FTL uses 13.7MB)
[2021-12-24 20:00:05.173 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:00:06.364 5366M] Resizing "FTL-queries" from 12615680 to (290816 * 44) == 12795904 (/dev/shm: 13.7MB used, 4.1GB total, FTL uses 13.7MB)
[2021-12-24 20:00:11.090 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:00:18.540 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:00:26.260 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:01:26.408 5366M] Resizing "FTL-dns-cache" from 16384 to (1280 * 16) == 20480 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:04:30.936 5366M] Resizing "FTL-dns-cache" from 20480 to (1536 * 16) == 24576 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:04:57.701 5366M] Resizing "FTL-domains" from 45056 to (3072 * 16) == 49152 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:07:12.146 5366M] Resizing "FTL-dns-cache" from 24576 to (1792 * 16) == 28672 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:09:01.532 5366M] Resizing "FTL-dns-cache" from 28672 to (2048 * 16) == 32768 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:10:56.188 5366M] Resizing "FTL-queries" from 12795904 to (294912 * 44) == 12976128 (/dev/shm: 13.9MB used, 4.1GB total, FTL uses 13.9MB)
[2021-12-24 20:10:56.260 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:11:06.310 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:11:21.523 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:11:27.014 5366M] WARNING in dnsmasq core: Maximum number of concurrent DNS queries reached (max: 150)
[2021-12-24 20:12:04.087 5366M] Resizing "FTL-dns-cache" from 32768 to (2304 * 16) == 36864 (/dev/shm: 14.1MB used, 4.1GB total, FTL uses 14.1MB)
Please have a look into pihole.log not pihole-FTL.log as the former contains details about the queries leading to this.
Pi-hole only tries once and then tries again once an hour. The queries are likely coming from some other application on the system, however, with a log snippet from pihole.log we may know more.
REFUSED is interesting, do you use conditional forwarding?
yes conditional forwarding is used. Pihole appears to be continuously trying to request a hostname for a device that is coming back with a refused response. (No I have no DNS-rebind on either, already thought about that).
Short from turning off conditional forwarding, I haven't had much luck at making the warnings go away.
My other solution was to define a host name for the client locally on the pihole. It appears to be a temporary fix.
I wouldn't call it "temporary fix". This indeed seems to be the proper solution when your configured upstream does not respond properly to the forwarded request.
After further digging, the request were going through a conditional forwarding to a dnsmasq instance that had rebind protection enabled by default. a quick solution was to add
rebind-domain-ok=
for the domain it was requesting. Solved the issue.
Hi,
How were you able to sucessfully to increase the --dns-forward-max=1024. i am unable to do it, please help.
Thanks
1 Like
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.