Not sure...
Pi-hole makes numerous request to in-addr.arpa (for instance to itself, calling XX.XX.168.192.in-addr.arpa, where XX.XX.168.192 is the reverse ipv4 of the pi -- the router does too, but to external IPs) and even more so to addresses such as c.3.7.a.b.7.3.0.8.c.4.5.6.8.2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa.
These are all PTR type.
Any idea what to make of this?
Pi-hole is trying to get the names of network clients.
Feb 23 00:12:43 dnsmasq[1458912]: query[PTR] 2.8.168.192.in-addr.arpa from 192.168.8.2
Feb 23 00:12:43 dnsmasq[1458912]: config 2.8.168.192.in-addr.arpa is <PTR>
From the Pi terminal, what is the output of the following:
nslookup 192.168.8.2 127.0.0.1
Thanks @jfb. It gives me (expectedly so, I guess):
2.8.168.192.in-addr.arpa name = pi.hole.
That is the expected answer. The traffic you are seeing appears normal.
Fair enough, but is there a way to avoid such repeated calls? and what about the "c.3.7.a.b.7.3.0.8.c.4.5.6.8.2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa."-type ones?
This PTR is for an IPV6 address.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.