Pihole graph not showing blocks correctly for SERVFAILs
I am currently using an upstream block/filter and using pihole primarily for faster response times. What I've observed is that pihole recognizes a blocked domain but isn't correctly showing it on the graph as such.
The expected behavior is on the left when I was using gravity, the actual behavior is on the right when I switched off ad lists and set the upstream dns to adguard dns. The websites are being blocked by SERVFAILs it seems and is being recognized by pihole as a blocked domain ("Top Blocked Domains" on the bottom), but it's not showing as such in the graph above.
Ah, this is definitely an inconsistency, thank you for your heads-up.
Technically, those requests aren't blocked by Pi-hole, but rather forwarded and processed as any allowed query.
There are probably arguments to do so this one way or the other, but I agree that either the graph or the Top Blocked Domains list should be fixed for a consistent output.
The Top Blocked is an aggregation over the last 24 hours. Initially, Pi-hole itself was blocking (assuming even this domain) and then you disabled all adlists. I would expect the "TOP BLOCKED DOMAINS" to be empty 24h after you disabled the adlists. (Meaning there would be no inconsistency here)
As @yubiuser said the top blocked domains are now only filled with first class pi-blocked domains such as mask.icloud.com. I was wondering though if you guys thought it would provide value to include SERVFAIL responses as blocks? I know this isn't the technical implementation of that response but maybe it could be an option if not by default?
I don't think this would be appropriate. A SERVFAIL is not a block. For the domain to get to the upstream DNS server in the first place, it was not blocked by Pi-hole.
Thank you @jfb and @yubiuser for your input on this. Reading your responses now it makes more sense why you wouldn't mark a response as blocked regardless of the result. Appreciate you guys!
