I got the error "Client 2600:8801:aa00:1d8::2b2 has been rate-limited (current config allows up to 1000 queries in 60 seconds)." When I looked up the ipv6 address, it showed it was my ISP's address in Virgina (I'm in California). They use DHCPv6 protocol for IPV6. I have a UDM Pro with the both the IPV4 and IPV6 DNS pointing toward the pihole server. Pihole is configured with unbound as a recursive dns server. I have 127.0.0.1#5335 as the upstream ipv4 and 1::#5335 as the upstream ipv6 (this ipv6 configuration may be incorrect as I was uncertain of the config). I made sure to enable IPV6 in the unbound config.
Your router is distributing its own IPv4 address as DNS server:
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 305 bytes from enp0s3:192.168.1.1
Offered IP address: 192.168.1.76
DHCP options:
Message type: DHCPOFFER (2)
dns-server: 192.168.1.1
router: 192.168.1.1
--- end of options ---
This would imply that you have configured your router to use Pi-hole as its upstream DNS server.
This is a valid configuration, but as your router would aggregate DNS requests of all of its clients and forward them to Pi-hole, that may trigger Pi-hole's default RATE_LIMIT if you have quite a few and/or active clients.
If your router supports it, you could consider to distribute Pi-hole's IPv4 address as local DNS server via DHCP instead, and you'd also had to find a way to configure your Pi-hole's IPv6 address as local DNS server via DHCPv6 as well as Router Advertisements (RA).
It would depend on your router whether and how well it would support IPv6 DNS configuration.
You'd have to consult your router's documentation and support channels for details.
Provided you can configure your router in such a way for both IPv4 and IPv6, clients would then send their DNS queries directly to Pi-hole instead of your router, making it far less likely to trigger the rate limit. (This configuration would also allow you to attribute queries to individual clients, and thus to make us of Pi-hole's client-specific filtering via its Group Management.)
If you have to stick with your current configuration, you could try to adjust Pi-hole's RATE_LIMIT.
Thank you. I have now enabled "DHCP DNS server management" in my router and put in the piholes ipv4 address. For IPV6, I already had configured "DHCPv6/RDNSS DNS Control" as well as had RA enabled.
Your router's upstream DNS servers are what your router would use for its own DNS requests.
As your clients are talking to Pi-hole for DNS now, I'd probably point router upstreams to a set of public DNS servers, or just accept my IPS's defaults.
If your router would allow to configure a guest network, and you'd want that to be filtered as well, it may be worth considering to keep Pi-hole as your router's upstream, as some routers wouldn't allow explicit configuration of local DNS servers for their guest network.