Router rate-limited

berlinde · January 10, 2024, 1:15pm

Expected Behaviour:

No timeouts or server errors.

Actual Behaviour:

I keep getting random timeouts or server errors that go away temporarily after I pihole restartdns
I've also raised the rate limit but on the numbers my log shows. My network in particular might be a bit weird since it's double-NATed but this was note the case any time before. I've read about conditional loopholes but I've never had conditional forwarding enabled that I can remember. I've also turned off wifi on my laptop as I've seen before that this could cause a recursive issue, but the problem remains.

I apologise for lack of clarity as English is not my first language.

Can someone point me in the right direction to diagnose/fix this?

Thank you in advance.

Debug Token:

https://tricorder.pi-hole.net/xX5pEU74/

Bucking_Horn · January 10, 2024, 1:56pm

Run from your Pi-hole host machine, what's the output of:

echo ">stats >quit" | nc localhost 4711

echo ">top-clients >quit" | nc localhost 4711

echo ">top-domains >quit" | nc localhost 4711

echo ">top-ads >quit" | nc localhost 4711

berlinde · January 10, 2024, 5:55pm

Hi,

Thank you for taking the time to check my issue.

Here you go

➜  ~ echo ">stats >quit" | nc localhost 4711
domains_being_blocked 147973
dns_queries_today 892593
ads_blocked_today 2103
ads_percentage_today 0.235606
unique_domains 3678
queries_forwarded 64634
queries_cached 784360
clients_ever_seen 26
unique_clients 26
dns_queries_all_types 892593
reply_UNKNOWN 60294
reply_NODATA 16626
reply_NXDOMAIN 5452
reply_CNAME 27362
reply_IP 781247
reply_DOMAIN 49
reply_RRNAME 41
reply_SERVFAIL 328
reply_REFUSED 0
reply_NOTIMP 0
reply_OTHER 0
reply_DNSSEC 0
reply_NONE 0
reply_BLOB 1194
dns_queries_all_replies 892593
privacy_level 0
status enabled

echo ">top-clients >quit" | nc localhost 4711

0 1006893 10.10.0.1
1 10257 10.10.0.4
2 1418 10.10.0.8
3 504 10.10.0.31
4 180 127.0.0.1 localhost
5 2 10.10.0.3 pi.hole
6 1 10.10.0.101 pi.hole
7 1 100.117.176.88 pi.hole
8 1 ::1 ip6-localhost
9 1 fdf4:f40:ef2e:5e45:5262:1cbe:fe5:8d24 pi.hole

echo ">top-domains >quit" | nc localhost 4711

0 633815 connectivity-check.ubuntu.com
1 160706 log.tailscale.io
2 6124 api.snapcraft.io
3 2984 ns1.pi-hole.net
4 2955 local
5 2943 derp10b.tailscale.com
6 2400 derp3b.tailscale.com
7 2254 eu-nw-courier-4.push-apple.com.akadns.net
8 2212 github.com
9 1683 derp19b.tailscale.com

echo ">top-ads >quit" | nc localhost 4711

0 407 app-measurement.com
1 146 browser.pipe.aria.microsoft.com
2 101 gum.criteo.com
3 69 www.google-analytics.com
4 66 googleads.g.doubleclick.net
5 65 ib.adnxs.com
6 61 dmtracking2.alibaba.com
7 58 www.googletagmanager.com
8 57 stats.g.doubleclick.net
9 54 cm.g.doubleclick.net

Bucking_Horn · January 10, 2024, 9:35pm

That connectivity-check.ubuntu.com accounts for the vast majority of your requests.
Pi-hole isn't blocking that domain (or it would be on top-ads), so it seems that at least one of the clients connecting through your router is excessively requesting that domain.

You should try to identify the offending devices and configure Ubuntu to tune down its frequency of connectivity checks.

berlinde · January 10, 2024, 9:49pm

thank you for your kind reply, disabling connectivity check seems to have solved it, I'll test it for a few more days but if it does I'll reenable it with much less frequent checks.

Thanks again.

system · January 31, 2024, 9:49pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.