The issue I am facing:
Currently my query amount went up by 10-15 times from 5-10 to 100k. A look in the logs shows that the system tries to return a nxdomain which will offcourse not work.
Details about my system:
See log
https://tricorder.pi-hole.net/z1wge1ky8y
What I have changed since installing Pi-hole:
Regularly updating the pihole, restarted gravity once and raspberry died few days ago - so I had to do a hard restart.
Thank you for help
Your debug log looks normal.
NXDOMAIN is a perfectly valid reply.
Pi-hole doesn't initiate DNS queries - your clients do that.
What client issues those excess queries?
Are they always for the same domain or set of domains?
Edit: Please provide some examples from your logs.
It's pihole itself
May 23 21:22:25 dnsmasq[24292]: forwarded setolkvwxuxqn to 8.8.8.8
May 23 21:22:25 dnsmasq[24292]: reply setolkvwxuxqn is NXDOMAIN
May 23 21:22:26 dnsmasq[24292]: reply rymcnqymeqvao.fritz.box is NXDOMAIN
May 23 21:22:26 dnsmasq[24292]: query[A] rymcnqymeqvao from 192.168.178.16
May 23 21:22:26 dnsmasq[24292]: forwarded rymcnqymeqvao to 8.8.8.8
May 23 21:22:26 dnsmasq[24292]: reply rymcnqymeqvao is NXDOMAIN
May 23 21:22:27 dnsmasq[24292]: reply lcpmitkmcmuazmy.fritz.box is NXDOMAIN
May 23 21:22:27 dnsmasq[24292]: query[A] lcpmitkmcmuazmy from 192.168.178.16
May 23 21:22:27 dnsmasq[24292]: forwarded lcpmitkmcmuazmy to 8.8.8.8
May 23 21:22:27 dnsmasq[24292]: reply lcpmitkmcmuazmy is NXDOMAIN
May 23 21:22:30 dnsmasq[24292]: query[A] cnnkvaj.fritz.box from 192.168.178.16
May 23 21:22:30 dnsmasq[24292]: forwarded cnnkvaj.fritz.box to 8.8.8.8
May 23 21:22:30 dnsmasq[24292]: query[A] dfmudhnxln.fritz.box from 192.168.178.16
May 23 21:22:30 dnsmasq[24292]: forwarded dfmudhnxln.fritz.box to 8.8.8.8
May 23 21:22:30 dnsmasq[24292]: query[A] ayeqitrxpt.fritz.box from 192.168.178.16
May 23 21:22:30 dnsmasq[24292]: forwarded ayeqitrxpt.fritz.box to 8.8.8.8
May 23 21:22:30 dnsmasq[24292]: reply cnnkvaj.fritz.box is NXDOMAIN
May 23 21:22:30 dnsmasq[24292]: query[A] cnnkvaj from 192.168.178.16
May 23 21:22:30 dnsmasq[24292]: forwarded cnnkvaj to 8.8.8.8
-------- Oorspronkelijk bericht --------
Aan 23 mei 2021 20:43, Bucking_Horn via Pi-hole Userspace < noreply@discourse.pi-hole.net> schreef:
Pi-hole isn't issuing those DNS requests.
What device is 192.168.178.16?
Also, please upload a debug log and post just the token that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
pihole -d
or do it through the Web interface:
Tools > Generate Debug Log
Hello,
Please find the link
Device 192.168.178.16 is pihole (raspberry)
https://tricorder.pi-hole.net/ebez3105mw
Best regards
T
Are you using the server that Pi-hole is installed on as a desktop? Are you using Chrome?
All the NXDOMAIN responses are correct, something on that server is sending queries for random strings and those random strings are not valid domain names.
Hi Dan,
It's s raspberry with chromium. I did have it open in state of hard stop - in the window of "do you want to retrieve your last session"
I did close chromium, I did restart pi yesterday and also my Fritzbox.
since than the requests went back to normal.
Thank you for help! Have a great evening
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.