Domains get resolved.
pi@raspberrypi:~ $ uname -a
Linux raspberrypi 5.10.52-v7l+ #1441 SMP Tue Aug 3 18:11:56 BST 2021 armv7l GNU/Linux
pi@raspberrypi:~ $ pihole -v
Pi-hole version is v5.3.1 (Latest: v5.3.1)
AdminLTE version is v5.5.1 (Latest: v5.5.1)
FTL version is v5.8.1 (Latest: v5.8.1)
Actual Behaviour:
Works fine for some period of time (hours). Intermittently domains are no longer getting resolved. Check the logs and saw lines like:
Aug 27 19:13:32 dnsmasq[627]: query[PTR] 71.1.168.192.in-addr.arpa from 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: forwarded 71.1.168.192.in-addr.arpa to 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: query[PTR] 71.1.168.192.in-addr.arpa from 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: forwarded 71.1.168.192.in-addr.arpa to 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: query[PTR] 71.1.168.192.in-addr.arpa from 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: cached 71.1.168.192.in-addr.arpa is (null)
Aug 27 19:13:32 dnsmasq[627]: config error is REFUSED
Aug 27 19:13:32 dnsmasq[627]: reply error is REFUSED
Aug 27 19:13:32 dnsmasq[627]: query[SRV] _minecraft._tcp.mc.hypixel.net from 192.168.1.254
Aug 27 19:13:32 dnsmasq[627]: cached _minecraft._tcp.mc.hypixel.net is (null)
Aug 27 19:13:32 dnsmasq[627]: config error is REFUSED
Aug 27 19:13:33 dnsmasq[627]: query[A] mc.hypixel.net from 192.168.1.254
Aug 27 19:13:33 dnsmasq[627]: cached mc.hypixel.net is (null)
Aug 27 19:13:33 dnsmasq[627]: config error is REFUSED
There seems to be a flood of "query[PTR] 71.1.168.192.in-addr.arpa from 192.168.1.254" then the "REFUSED" errors? 192.168.1.254 is my telco provided router.
oh, it very well could be. I'll try disabling rate limiting and see if that makes a difference. Is this likely to be a configuration issue with my router?
I'd prefer to eliminate the cause of those excessive requests before adjusting the rate limit.
Do you have Pi-hole's Conditional Forwarding enabled?
EDIT: I see from your debug log that you actually do.
That may close a partial DNS loop if your router would use Pi-hole as an upstream DNS server.
Your router's LAN settings would commonly configure your router to tell its clients to talk to Pi-hole for DNS, instead of talking to your router.
Provided your router's LAN settings do that, your router doesn't receive any DNS requests from your clients anymore - except those sent by Pi-hole's CF.
Your router's WAN settting would configure the DNS service your router itself would forward its DNS queries to (hence upstream).
Your router may now pass those CF DNS requests received by Pi-hole back to Pi-hole, and Pi-hole will send them to your router, and so on and so forth, forever or until time-out.
You could try and set your router's upstream DNS to its default or a public DNS of your choice to avoid that DNS loop.
However, your debug log would indicate that your router isn't distributing Pi-hole as local DNS via DHCP:
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 328 bytes from eth0:192.168.1.254
DHCP options:
Message type: DHCPOFFER (2)
server-identifier: 192.168.1.254
dns-server: 192.168.1.254
domain-name: "home"
--- end of options ---
In that case, you'd have to disable CF instead to avoid those loops - if your router is still receiving all your clients' DNS requests, there would be no use for CF anyway.
Okay, I did try disabling rate limiting and saw hundreds of thousands of requests in the pihole logs. I've turned that off again. I've set the WAN DNS settings to:
But If I remember correctly, I set it to the pihole ip because I wasn't seeing any requests being sent to the pihole when I just set the LAN DNS to the pihole.
EDIT: This is the reddit post I found which suggested setting the WAN DNS settings. I followed the steps in the images posted.
Disabling Conditional Forwarding seems to have done the trick! Have had a few hours of heavy internet usage without any issues. Thanks very much @Bucking_Horn !
