Pi-hole not sending the “in-addr.arpa” requests to an upstream provider.
Close to 90,000 of these requests per day sent to 22.214.171.124. (return: NXDOMAIN)
oh btw, 90% of these are from 2 iPhones and the rest from 2 iPads.
Router = DHCP server that shares the Pi-hole IP for DNS
Router itself uses Pi-hole as DNS
Pihole: v5.17.2 OFF: Conditional forwarding (tested with 'ON' - same result) ON: Never forward non-FQDN A and AAAA queries ON: Never forward reverse lookups for private IP ranges ON: Allow only local requests Upstream DNS: Quad9 (filtered, DNSSEC) Local DNS names: configured in Pi-Hole
Are Service Discovery queries different to PTR? I can't find a clear answer on this – it seems that PTR might be classed as a form of service discovery.
Is Pi-hole seeing actual PTR queries or is it interpreting what it sees as PTR queries?
Should the queries shown in the opening screenshot be sent upstream where they will natually receive a NXDOMAIN, when they relate to hosts on a private subnet?
Is Pi-hole sending these queries upstream, or is this a presentation 'bug', in that Pi-hole's presentation only deals with rendering all queries as blocked, returned from cache or sent upstream?
Basically I'm trying to clarify exactly what events are taking place here and whether the behaviour seen is correct. I'm so used to seeing local devices generate apparent PTR requests for local devices that I'd never considered if or why these might end up sent upstream or whether that should be happening.