Thank you, I found a discussion related to this issue on Reddit, I believe you commented there as well. I'll research this and try to get it resolved, the thing I'm confused about is why it just now started being an issue. Pi-Hole hadn't crashed before.
You likely did not have this query volume in the past.
I also run Apple devices (many) on my network and in 24 hours I get maybe a few hundred of this type of query in a day. Across my 5 Pi-holes there a total of 132 in the past 24 hours.
Nothing has changed in my network though, no new devices, no guest network, and no new users, and it's a private network. I guess that doesn't mean anything, something could have changed on the existing devices themselves via software/firmware updates, right?
I am also having an issue with two Pi Holes crashing due to over a million DNS queries from my router. Why would my router just now be overwhelming my PiHole with internal queries? Conditional formatting? I'll try disabling that.
It's definitely due to conditional formatting, I turned it off and mine hasn't crashed since.
Now the question is what happened that is causing it to crash now, considering there's been zero changes to my network config, no new devices, etc. I've definitely updated pi-hole any time I see a new update available so maybe there's some changes that broke this functionality.
Enabling CF may close a partial DNS loop if your router is configured to use Pi-hole as its upstream DNS server at the same time.
Configuring your router in that way may be required if your router does not allow to distribute Pi-hole as local DNS server via DHCP (but in such a configuration, trying to associate clinet IPs with hostnames by enabling CF would be useless anyway, as all DNS requests would originate from your router).
In your case, it would seem that clients are talking to Pi-hole directly, as your previous top-clients did include various client IP addresses (and not only that of your router).
This would suggest that using Pi-hole as your router's upstream wouldn't be strictly required.
If that would be true, then you could also consider to point your router to a public DNS server of your choice in order to avoid closing a DNS loop.
As mentioned, it is caused by a request for resolving lb._dns-sd._udp.sanchez.is.
As sanchez.is seems to be your local domain, Pi-hole's CF would forward that request to your router. Your router wouldn't know the answer, and hence would forward it to its upstream, and if that happens to be Pi-hole, then Pi-hole's CF would forward that request to your router, and so on and so forth, ad infinitum or time-out.
In contrast, forwarded requests for known names like nas-1.sanchez.is can be answered by your router directly, thus avoiding the loop.
The interesting question would be why your client at 10.0.0.1 started to request lb._dns-sd._udp.sanchez.is.
As 10.0.0.1 does seem to be your router:
Do some of your clients still use yor router for DNS, instead of Pi-hole?
Maybe a static configuration on some device?