Pihole get Flooded with hits

Help
1

Please follow the below template, it will help us to help you!

Expected Behaviour:

Not Flooding my Pihole with local adresses, and not logging and showing them becouse on older Rsp thats throws tons of errors

Actual Behaviour:

My Pihole is Flooding with millions of .local adresses, and i dont know why, i already disbled wpad on windows machines in my network but that dont stoped it. i also geht tons of .in-addr.arpa hits.

pihole
pihole593×533 8.68 KB

Im using a Unifi USG were the DNS server is set to my pihole

Debug Token:

https://tricorder.pi-hole.net/7xfe47zegi

2

Pi-hole cannot stop incoming queries, but if you have a DNS loop then queries can amplify quickly.

The top domain is an DNS Discovery service request, commonly associated with the Apple Bonjour protocol. You have conditional forwarding enabled on your Pi-hole, and this is likely causing a loop.

    REV_SERVER=true
    REV_SERVER_CIDR=192.168.178.0/24
    REV_SERVER_TARGET=192.168.178.1
    REV_SERVER_DOMAIN=local

Client asks Pi-hole for the IP, Pi-hole forwards to the router, which sends back to Pi-hole, etc.

Not helping the situation is your use of local as your LAN domain name. This will conflict with mDNS services. You should not use local - pick a different LAN name.

Disable conditional forwarding and change your LAN domain name and the circular traffic should stop.

3

ok that works so far, no more flooding logs but now i dont get any names just ip in logs right? i MUST set the pihole to be the dhcp server to get that up without looping? not optimal but a "death" i can life with :slight_smile:

Thanks for the Quick and good response :slight_smile:

4

If you see IP's of individual network clients, you can map these IP's to client names using Local DNS records on the web admin GUI. These associations are stored in file /etc/pihole/custom.list. Typical entries in that file would look like this:

192.168.0.1     Router
192.168.0.100	Pi-3B
192.168.0.101	AirportExtreme
192.168.0.102   Printer
192.168.0.108	Sonos1L
192.168.0.109	Sonos1R
...

For this to work reliably, clients need to keep the same IP. This is typically done with reservations on your DHCP server.

Another option, as you noted, is to use Pi-hole as the DHCP server and then the IPs and names will be known to Pi-hole without using local hosts mapping.

5

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.