Please explain what this means

General
1

Hi all,

I've noticed the following in Pi-Hole Diagnosis:

985×78 7.53 KB

And this in the query log:

972×1224 130 KB

Can someone please explain what this means and how it can be fixed?

TIA

3

Pi-hole limits how many queries a single client can send in a specific period. In your case, a client can query Pi-hole no more than a 1000 times per minute (60 seconds). The limitation is a protection to avoid exhausting system resources.

Rate limit can be configured and even disabled, but to suggest a fix we need to understand why this is happening.

I guess 192.168.10.1 is your router. I don't know why it's querying Pi-hole so many times, but my guess is you configured Pi-hole IP as router's upstream server and some device in your network is querying the router.

Rate limit usually happens when a client app queries a domain, don't receive the expected answer (because your Internet connection is down or the domain is blocked, for example) and retries, over and over again.
You need to find out which device and which app is generating the queries.

4

Thanks for your reply and the great explanation.

Yes, 192.168.10.1 is my pfSense Router, and like you I don't know why it would be querying Pi-hole that many times.

Pi-hole is not setup at the Router's upstream server. Pi-hole is the DNS Server for the LAN.

What I have done is set pfSense to catch any rogue apps/devices that try and bypass Pi-hole. These are redirected back to Pi-hole. But, I've checked the Firewall logs for that date and nothing usual.

5

Maybe you created a DNS loop. Pi-hole asks your router what is the IP for "." and your router is sending the query back to Pi-hole...

Did you enabled Conditional Forwarding in Pi-hole?

6

911×151 18.6 KB

7

Did you also configure the Pi-hole IP in the router WAN/Internet DNS settings?
If so, you closed a partial DNS loop causing DNS queries to bounce back and fort endlessly until rate-limiting kicks in or resources are depleted.

Pi-hole --[CF]--> Router --
   ^                       |
   |                       |
    -----------------------

Check below for the recommended method to advertise the Pi-hole IP via the routers DHCP service:

https://docs.pi-hole.net/main/post-install/

Or if the router doesnt allow you to set DHCP service DNS, you can try below:

8

Thanks for your reply.

Here is the DNS Settings in pfSense:

1142×500 66.6 KB

This is how Pi-hole (192.168.10.100) is setup in my pfSense DHCP Server:
1150×1004 100 KB

This is the re-direction of rogue devices/apps trying to bypass Pi-hole which redirects them back to Pi-hole:
1149×297 35.8 KB

I think all of this is correct, if not please let me know.

Thanks again for your help.

1 Like
9

Router settings look good.
You could populate all "DNS servers" fields in the DHCP service section with the Pi-hole IP: 192.168.10.100.
Its the default for the upcoming Pi-hole v6 release:

image

Did you create an exception for the Pi-hole host for that "NAT Redirect rogue devices back to pihole" rule?
If not, that would also close a DNS loop.

10

Will do, thanks.

No, I did not. Not sure I know how to do that.

11

Well you can imagine if Pi-hole tries to query one of its configured upstream DNS server(s), those queries getting NATed back again to Pi-hole.
You could start by disabling that rule and see if things improve.
And ask on the pfSense support forum etc how to exempt the Pi-hole host from such a rule.

12

Thanks again, will follow your suggestions.

13

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.