My Pi-hole is running fine into a docker container but looking into the Query-log there is a lot of queries from just a single dot '.' as domain. The query is coming from the container itself but what is querying and why?
This started very recently with me as well, running Pi-Hole in Docker on DietPi.
I found this post: Single dot domain/DNS root zone query issue with containerized wireguard - #29 by armujahid which I've now implemented, I'll report back if this solves the issue.
Are you running any other docker container with pihole?
For me this problem only occurs if I run additional containers with containerized pihole. Accepted solution has a limitation mentioned at Single dot domain/DNS root zone query issue with containerized wireguard - #30 by armujahid
Thanks for the input @armujahid .
I've tried the suggested solution for a short while and the problem persists.
Given that it introduces the limitation you mention, I reverted to my initial docker-compose config.
I am indeed running Unbound in docker.
My docker-compose file can be seen below, and has not been altered for months. Also, the Unbound docker image has not been updated for weeks.
version: "2.1"
services:
pihole:
container_name: pihole
image: pihole/pihole:dev
hostname: *HIDDEN*
networks:
default:
ipv4_address: 172.16.0.2
environment:
TZ: 'Europe/Brussels'
DNS1: '172.16.0.3'
DNS2: '172.16.0.3'
WEBPASSWORD: '*HIDDEN*'
volumes:
- '/data/pi-hole/unbound:/opt/unbound/etc/unbound:rw'
- '/data/pi-hole/etc-pihole:/etc/pihole'
- './etc-dnsmasq:/etc/dnsmasq.d'
- '/etc/localtime:/etc/localtime:ro'
restart: unless-stopped
unbound:
container_name: unbound
hostname: unbound
image: klutchell/unbound:latest
volumes:
- ./unbound-conf:/etc/unbound/custom.conf.d
networks:
default:
ipv4_address: 172.16.0.3
ports:
- 5335:5335/tcp
- 5335:5335/udp
restart: unless-stopped
networks:
default:
driver: bridge
ipam:
config:
- subnet: 172.16.0.0/24
I've discovered the source: to identify if certain devices are 'online' on the home network, I started pinging these devices on a regular basis. To do so, I used their local domain name (e.g. laptop.lan) instead of their IP address, to ensure I still reach the right devices even if their IP address would change. Since changing that to pinging their IP addresses, the "." queries in my case disappeared. Is it normal in case of domain name pings for the dot to be queried?
I also am running Wireguard and stopping this docker, eliminated the problem. I've read your post and will look further into this problem. Haven't got Wireguard operational yet and I'm beginning to think both bugs have the same source.
I added these lines in my Wireguard docker-compose.yml
dns:
- 172.21.0.2
(where 172.21.0.2 is my Pihole IP address) and all mysterious . searches disappeared.
Thank you [ChurchOfNoise]&[armujahid]!
This will also happen if you have DNSSEC enabled. You'd see a lot more than just NS queries though, there would be DNSKEY and DS queries as well.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.