OPNsense flooding pi-hole with .in-addr.arpa requests

Help
1

Hi,

I have OPNsense as router and pi-hole as DNS+DHCP in place. OPNsense is pretty clean installation without anything configured other then Vodafone Cable connection.
OPNsense is sending around 200k DNS querys per day to pi-hole and I dont even understand what OPNsense is doing or which configuration is responsible for this behavior.

image
image462×339 3.58 KB

This is a list of the permitted domains and I think these in-addr.arpa adresses somehow local adresses or something ?

image
image988×227 27.6 KB

As you can see these queries are a a huge chunk of the overall queries and I also see some error messages stating that pi-hole need to throttle opnsense.

This is my DHCP config with domain set up.

image
image984×342 11.3 KB

Advanced DNS settings:

image
image982×1123 74.9 KB

My network config is the following:

opnsense 10.10.4.4
pi-hole 10.10.4.5

If someone can tell me what is wrong here or paste me a link why OPNsense is doing this would be awesome.

Thanks in advance !

2

I use OPNsense and don't see this behaviour. However, OPNsense handles my DHCP, I only use PiHole (with Unbound) for DNS.

If you are using PiHole for your DHCP, you wouldn't need Conditional Forwarding. Maybe this is the source?