PiHole-FTL service times out and will not start up - RaspberryPi 4

Help
1

PiHole has been running with no issues for well over six months on this RPi. The exact same issue is occurring on both my RPi's (2). I have two RPi's set up with PiHole/Unbound. After about 10 minutes PiHole-FTL suddenly starts up on its own.

Expected Behaviour:

PiHole to start up
RaspberryPi 4

Actual Behaviour:

PiHole service refuses to start up also knocking out internet access. Access to router and LAN still works

Debug Token:

Because internet is knocked out to the RPi 4, a debug log is not uploaded and a token is not created.

[✓] ** FINISHED DEBUGGING! **

* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[i] Debug script running in automated mode
* Using curl for transmission.
* curl failed, falling back to netcat for transmission.
[✗] There was an error uploading your debug log.

  • Please try again or contact the Pi-hole team for assistance.
  • A local copy of the debug log can be found at: /var/log/pihole_debug.log

After PiHole-FTL magically starts up on its own ten minutes after a reboot I can generate a debug token: https://tricorder.pi-hole.net/enbjd5vr9r

2

This will temporarily reset the nameserver on the Pi to bypass Pi-Hole DNS.

sudo nano /etc/resolv.conf

Edit the nameserver line to nameserver 9.9.9.9 or your preferred third party DNS service, save and exit

Run

pihole -d

and upload the debug log.

3

Have you been having difficulties with the time on the Pi? This section of the debug log indicates that the time on the Pi was recently changed:

   -----tail of pihole-FTL.log------
   [2021-03-16 09:06:44.864 3811M] WARN: getOverTimeID(1615899900): 150 is too large: 1615809900

Are you running any memory management software? It is very unusual for Pi-hote to use 2GB of RAM.

[2021-03-16 09:07:16.321 3811M] Resizing "FTL-strings" from 45056 to (49152 * 1) == 49152 (/dev/shm: 2.0GB used, 4.1GB total, FTL uses 2.0GB)

What is the output of the following commands from the Pi terminal:

echo ">stats >quit" | nc localhost 4711

echo ">top-clients >quit" | nc localhost 4711

4

Once the pihole-FTL service finally restarted I was able to upload the debug log here is the token: https://tricorder.pi-hole.net/enbjd5vr9r

5

I have not had any problems with the time on both my RPi's that I am aware of. The time is correct on both of them.

I am not running any memory management software, Both my RPI's are "stock" Raspbian installations with no modifications.

6 
pi@raspberrypi1:~ $ echo ">stats >quit" | nc localhost 4711
domains_being_blocked 282413
dns_queries_today 35537281
ads_blocked_today 3050
ads_percentage_today 0.008583
unique_domains 1909
queries_forwarded 34775888
queries_cached 9509
clients_ever_seen 32
unique_clients 32
dns_queries_all_types 35537281
reply_NODATA 131
reply_NXDOMAIN 8
reply_CNAME 603
reply_IP 612
privacy_level 0
status enabled

pi@raspberrypi1:~ $ echo ">top-clients >quit" | nc localhost 4711
0 35508435 192.168.1.1 unifi.localdomain
1 13262 127.0.0.1 localhost
2 5102 192.168.1.46 QuadsLaptop.localdomain
3 3364 192.168.1.28 Kellys-Laptop.localdomain
4 2439 192.168.1.214 L5CG8455L20.localdomain
5 1547 192.168.1.191 Pixel-3-XL.localdomain
6 699 192.168.2.222 localhost.CastleIoT
7 429 192.168.2.215 
8 324 192.168.2.249 
9 278 192.168.1.168 QuadFather.localdomain
8

This may be the root of the problem. That's a lot of DNS queries in 24 hours (35+ million). When Pi-hole starts up, FTL has to read all of this from the long term database to populate the 24 hour dashboard.

The problem is likely due to conditional forwarding causing a loop. Please post the output of these commands from the Pi terminal:

echo ">top-domains >quit" | nc localhost 4711

echo ">top-ads >quit" | nc localhost 4711

9

We recently had the time change here in the United States (Back one hour).

I also run Weewx weather station server on this particular Rpi. My other Rpi is running only pihole and unbound

10 
pi@raspberrypi1:~ $ echo ">top-domains >quit" | nc localhost 4711
0 35242114 lb._dns-sd._udp.localdomain
1 245717 localdomain.localdomain
2 11812 lb._dns-sd._udp.0.1.168.192.in-addr.arpa
3 4272 trunking.svc.ui.com
4 4039 api.weatherlink.com
5 2973 home128778764.1and1-data.host
6 2014 weatherstation.wunderground.com
7 2010 www.pwsweather.com
8 1104 ping.ubnt.com
9 893 ips1.unifi-ai.com

pi@raspberrypi1:~ $ echo ">top-ads >quit" | nc localhost 4711
0 601 secure-dcr.imrworldwide.com
1 444 secure-drm.imrworldwide.com
2 416 browser.pipe.aria.microsoft.com
3 414 trace.svc.ui.com
4 253 win8.ipv6.microsoft.com
5 174 mobile.pipe.aria.microsoft.com
6 58 nexus.officeapps.live.com
7 46 settings-win.data.microsoft.com
8 43 api.apptentive.com
9 33 kvinit-prod.api.kochava.com
12

This is the cause of the massive traffic volume. DNS Discovery service requests, likely amplified in volume by the conditional forwarding.

Turn off conditional forwarding, restart FTL and see if the traffic volume decreases significantly.

13

OK, doing so now. will respond with results in a few minutes

15

I have turned off conditional forwarding on both of my RPi PiHole installations. It still takes more than 10 minutes for FTL to finally start up though.

Is there a way to purge the list so FTL doesn't have to read all the entries and start up as it did in the past (quickly)?

I appreciate all your assistance.

16

Stop FTL, remove the database, start FTL. FTL will start up with a new database. This will clear your dashboard, which will rebuild over the next 24 hours. If you want to keep your old database for reference, use the optional command in place of the remove command:

sudo service pihole-FTL stop

sudo rm /etc/pihole/pihole-FTL.db

sudo service pihole-FTL start

Optional command to use instead of remove to store the database:

sudo mv /etc/pihole/pihole-FTL.db /etc/pihole/pihole-FTL-old.db

17

That worked perfectly. Thank you for your assistance, I learned a lot from my interactions with you.

Cheers!

2 Likes
18

Glad to help, and have a great day.

1 Like
19

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.