Pi-hole on RPi 2 with DD-WRT as DHCP -- Figuring out loop to router

My Pi-hole has tons of random PTR queries that end in my LAN domain (.ff). This image shows the last half an hour:

I cannot figure out why something like "spectrum.s3.amazonaws.com" would be given my LAN domain --> " spectrum.s3.amazonaws.com.ff"

Current setup:
I have Pi-hole running on a Raspberry Pi 2 with the Pi-hole set to serve as my DNS provider to my Linksys WRT1900ACSv2 router running DD-WRT and serving as my DHCP server. I would like to keep it this way.

My router IP is My Pi-hole is I have a lot of static IPs I don't want to migrate to the Pi-hole as I add new devices frequently.

Pi-hole setup:
I have "Conditional forwarding" currently turned on but I have "Never forward non-FQDNs" and "Never forward reverse lookups for private IP ranges" turned off.

I have specified a domain of "ff" on the pihole.

DD-WRT setup:
DNSMasq is turned on but is using Pi-hole as its DNS server.

Additional Dnsmasq Options: (I could use some help with these if they look wrong)

Current firewall rules (I am bypassing as it is a second router for other purposes).

#####Keep network on pi-hole
iptables --table nat --insert PREROUTING --in-interface br0 --protocol tcp --source !, --destination-port 53 --jump DNAT --to-destination
iptables --table nat --insert PREROUTING --in-interface br0 --protocol udp --source !, --destination-port 53 --jump DNAT --to-destination
#####Punch DNS hole for pi-hole
iptables --table nat --insert PREROUTING --in-interface br0 --protocol tcp --source, --destination-port 53 --jump ACCEPT
iptables --table nat --insert PREROUTING --in-interface br0 --protocol udp --source, --destination-port 53 --jump ACCEPT

Could anyone tell me how to fix this ?

(None of your external imgur images is displaying for me.
In this forum, you can paste images into a post directly

That's normal behaviour - DNS searches routinely expand the domain name search by the local search suffix (ff in your case), see also existing posts like External Domain Queries

Golly. I fixed it rather easily. It was my router dnsmasq options. server= screwed things up. Dumping that and replacing it with local=/ff/ did the needful.






link #1 - dashboard (if you can't see the image)

link #2 - last 7 days

link #3 - since I set Pi-hole up