I want to add that I'm just some dude. I have very little technical knowledge outside of being a user. So if you have suggestions for troubleshooting, I ask that you provide specific instructions on how to do or how to get to something you refer to.
I just installed a brand new Raspberry Pi 3 Model B+ and put the July 2019 (Kernel 4.19) version of Buster Lite on it.
I followed this guide to set up my Pi Hole. The device is connected via ethernet cable to my Netgear Nighthawk R7800 router (firmware version V1.0.2.62).
Below are some settings that might help in troubleshooting:
Upstream DNS Servers: OpenDNS (ECS) - IPv4 only
Interface Listening Behavior: Listen on all interfaces
Advanced DNS Settings: None selected
DHCP Server: NOT enabled
Your debug log shows that Pi-Hole is receiving and processing requests. One client will be the Pi, the other is likely the router (and all your DNS queries from the clients are being shown as coming from the router). The output below shows the activity in the 24 hours prior to running the debug log.
[2019-08-25 15:19:36.573 7676] Imported 72296 queries from the long-term database
[2019-08-25 15:19:36.574 7676] -> Total DNS queries: 72296
[2019-08-25 15:19:36.574 7676] -> Cached DNS queries: 658
[2019-08-25 15:19:36.574 7676] -> Forwarded DNS queries: 71279
[2019-08-25 15:19:36.574 7676] -> Exactly blocked DNS queries: 359
[2019-08-25 15:19:36.574 7676] -> Unknown DNS queries: 0
[2019-08-25 15:19:36.574 7676] -> Unique domains: 399
[2019-08-25 15:19:36.574 7676] -> Unique clients: 2
[2019-08-25 15:19:36.574 7676] -> Known forward destinations: 4
Here is some basic troubleshooting. Run these commands and post the output here (copy and paste will work fine).
From the Pi terminal in Linux:
dig cnn.com
dig flurry.com
echo ">top-domains" | nc 127.0.0.1 4711
echo ">top-ads" | nc 127.0.0.1 4711
tail -n20 /var/log/pihole.log
From a client with a command line (Windows, as an example)
Looking at your original debug log, there were a number or repeated requests for this domain, which may have overloaded Pi-Hole. This may be causing the error seen in your tail of the pihole.log.
-----head of pihole.log------
Aug 25 01:17:08 dnsmasq[10479]: query[A] cf4ad3672c07a9d5836235778572287a.api.appsee.com from 192.168.1.1
Aug 25 01:17:08 dnsmasq[10479]: forwarded cf4ad3672c07a9d5836235778572287a.api.appsee.com to 1.0.0.1
Aug 25 12:45:20 dnsmasq[607]: Maximum number of concurrent DNS queries reach (max: 150)
What appears to be happening is that your Pi-Hole is being flooded with DNS requests from network client(s), and your upstream DNS resolver is not resolving this, causing an error.
Try these steps to troubleshoot and resolve.
From the Pi terminal: ping -c3 1.0.0.1
Change your upstream DNS server in Pi-Hole from OpenDNS to one or two of the other choices.
I looked up this appsee and it's a "visual mobile analytics platform that enables app developers and publishers to measure, understand and improve the user experience (UX) in their mobile app." I wonder if my Nest Thermostat E is constantly sending DNS requests so it can stay up to date?
I'll try disabling the Nest's Wi-Fi connection and see if that changes anything. If not, I'll switch the DNS settings like you suggested. I'll report back.
I did a reconfigure. Here are the answers I gave during the process when given an option.
This installer will transform your device into a network-wide ad blocker!
Yes
Choose An Interface (press space to select)
enxb827eb0559c3 - (I have no idea what this is. The first time I did this the option was called "eth0"
Select an Upstream DNS Provider. To use your own, select Custom.
OpenDNS (ECS)
Pi-hole relies on third party lists in order to block ads...
left all options selected
Select Protocols (press space to select)
left IPv4 and IPv6 selected
Do you want to use your current network settings as a static address?
Yes
Do you wish to install the web admin interface?
On
Do you wish to install the web server (lighttpd)?
On
Do you want to log queries?
On
Select a privacy mode for FTL
Show everything
I then rebooted the Pi for good measure.
I am still not able to resolve domains. Strangely though, while the Pi was my DNS, I was successfully able to upload the newest debug log. All the other times I tried to do this with the Pi as my DNS, it failed (hence me copy and pasting it).
The log file isn't appending data. Check the permissions, sudo ls -lah /var/log/pihole.log and then try sudo tail -f /var/log/pihole.log while attempting to resolve domains. You should see logs scrolling with information on what is being attempted.
@jfb I tried that earlier as one of your suggestions to no avail. I changed it from OpenDNS to something else. When I reconfigured, I selected OpenDNS again.
That's not quite the command. You already have the IP, you now want to direct a dig to that IP and see if the DNS resolver at the other end will resolve the query. Try these:
@jfb Thanks for the correction. I will run those if need be, but something interesting just happened.
I had a hunch and ran a test. I turned set the Pi as my DNS in my router settings, selected all the upstream DNS servers (because why not), and restarted my DNS resolver. This worked! At least for a time. After testing a few sites (google, facebook, cnn, etc.), I though "Why not turn off query logging and flush the logs so I don't fill up space without reason?"
This was a mistake. As soon as I did this from the console UI, the Pi began failing to resolve domains again.
So I started over. I turned query logging back on, ensured the Pi was still set as my DNS in my router, and then restart my DNS resolver again. As I type this, I am resolving queries through my Pi.
Why would turning off query logging and flushing logs have this impact? It may just be a coincidence, but I've done this twice with the same results.
EDIT
I spoke too soon. Now I'm thinking it has nothing to do with turning off query logging. After I posted the original version of this comment, I stopped being able to resolve queries after having successfully resolved numerous websites. It seemed to work for a couple minutes and then died again.
Regarding those dig commands, the first (208.67.222.222) succeeded in over two seconds, the second (208.67.222.220) timed out, and the last (flurry.com) succeeded in 951 msec).