Hello
The issue I am facing:
I have problem with rate-limit feature. I set PiHole DNS into Unifi router to set pihole at every connected to router device. Probably one of my devices spamming.
Currently my websites are loading slow probable cause of ratelimit.
I know that I can turn off rate limiting but I think it's not a fix just workaround. I just want to get healthy app with stable network filtering.
Details about my system:
PiHole LXC on Dell Wyse 5070 with Proxmox, Dream Router from Ubuquiti
What I have changed since installing Pi-hole:
Rate-limit from 1500/60 to 3000/50. Can exceed the limit in ~3sec...
Debug Token:
https://tricorder.pi-hole.net/TtQJl1Dw/
Your router is distributing itself as local DNS server via DHCP:
*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
Scanning all your interfaces for DHCP servers
* Received 305 bytes from eth0:192.168.1.1
Offered IP address: 192.168.1.122
DHCP options:
Message type: DHCPOFFER (2)
dns-server: 192.168.1.1
router: 192.168.1.1
--- end of options ---
This would suggest that your have configured your router to use Pi-hole as its upstream DNS resolver, i.e. clients talk to your router for DNS, and your router forwards any DNS requests it cannot answer itself to Pi-hole.
That is a valid configuration, but as your router aggregates DNS traffic from all of your network, you won't be able to attribute DNS requests to individual clients in Pi-hole's Query Log.
In such a scenario, it would not be unusual that you'd have to adjust the rate limit in order to accomodate peak loads from your network.
If your router allows it, you could consider to configure it to distribute your Pi-hole machine's IP as local DNS server, instead of using Pi-hole as its upstream.
1 Like
Fellow Unifi user here.
Here's what I did to cut back on the type of chatter you're seeing.
In your UDM configuration from the Settings/Internet screen, select your WAN or Internet connection, and after DNS Server you'll see boxes for Primary Server and Secondary Server. Enter the public DNS server(s) of your choice. I use 9.9.9.9 and 1.1.1.1, for example.
If you have any other Unifi network hardware, like switches, APs, etc., go to their Settings under Devices and specify your UDM's IP address as their Preferred DNS (no need to specify an Alternate).
Then in Settings/Networks, pick your LAN network name. Under "DHCP Service Management," click "Show Options." Here you can specify your Pihole's IP address under DHCP Server. Repeat this step for any additional VLANs you have configured.
This means your computers, phones, TVs, and other client devices use your Pihole for DNS. The UDM uses the specified public DNS (other Unifi or network hardware will use the UDM for DNS) and won't bombard your Pihole with "management" traffic generated by your network management hardware.
I hope that makes sense. I have used this setup for 6+ months and it works great for me.
1 Like
Thank you, your way is nice too but for me I leave DHCP as it was and just put Pi-hole DNS server into Settings -> Network -> Default -> DHCP Service Management -> DNS Server like my post above.
Pi-hole now see every each device and hopefully no more rate-limit notification.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.