Slow response for pi-hole

ouafnico · March 15, 2019, 4:15pm

Hi all,

Im' using pi-hole on debian 9.

Because I don't want to use the embedded dnsmasq from pihole, I'm using my unbound DNS server to ask pi-hole dnsmasq's DNS as a forwarder.

I've seen the pi-hole is quite slow to respond. It add above 80ms of time for a resolution.

Any way to try to understand why?

I got a debug file here: https://tricorder.pi-hole.net/tht6wl06yl

Thanks

jfb · March 15, 2019, 5:34pm

How do you have your Pi connected to your network and what is it's assigned IP address on the network? In your debug log you have Pi-Hole listening on the Pi loopback address (127.0.0.1).

What port is unbound listening on?

I don't quite understand what you are doing here. Why don't you want to use embedded dnsmasq?

What is the flow path for a DNS request from a client to a final return of an IP address?

Is it client > unbound > Pi-Hole > DNS resolver (in your case 9.9.9.9, etc.)

ouafnico · March 15, 2019, 9:08pm

Hi.

My router is not a raspberry but a apu from pcengines. But quite same.

I use from years an unbound dns server with a lot of local entries configuration. I just made pihole running on localhost only on port 5353, modifying the dnsmasq conf (which is lost at every updates)

I use the pihole dns as a forwarder on unbound server, in place of classic internet dns.

It's running very well but quite slow.

For a client, the dns is the router. The unbound responds (for local entries) or ask pihole on localhost:5353 for internet entries.

Technically it's not different as standard usage. Normally its :
Client -> unbound (router) -> internet dns forwarder (9.9.9.9)
Here it's :
Client -> unbound (router) -> pihole (router) - > internet dns forwarder (9.9.9.9).

It just seems this add 80ms ton resolution time :s

deHakkelaar · March 16, 2019, 11:47am

How did you diagnose ?

dig pi-hole.net @9.9.9.9

dig pi-hole.net @$(hostname -I)

dig pi-hole.net @$(hostname -i) -p 5353

Do mind that caching might influence results!

ouafnico · March 16, 2019, 8:10pm

I saw it on my monitoring.
I made some continuous ping to internet.
Normally I'm above 20-30ms. With pihole it add 80ms for dns resolution.

-> on router
dig pi-hole.net @9.9.9.9 |grep Query
;; Query time: 14 msec

-> Unbound only (using 9.9.9.9 as forwarder):
dig pi-hole.net @localhost |grep Query
;; Query time: 15 msec

(after other tries are 0ms, because of cache)

-> pihole :
dig pi-hole.net @localhost -p 5353 |grep Query
;; Query time: 180 msec

-> unbound + pihole (localhost:5353 as forwarder):
dig pi-hole.net @localhost |grep Query
;; Query time: 80 msec

jfb · March 16, 2019, 8:21pm

With Pi-Hole and unbound as an upstream resolver on a Pi-3B+, I get this response, which is typical:

dig pi-hole.net @localhost -p 5353 |grep Query
;; Query time: 20 msec

Have you considered reversing the order of Pi-Hole and unbound? Put Pi-Hole on port 53 and unbound on 127.0.0.1#5353.

DNS queries go to Pi-Hole first, then to unbound if upstream resolution is needed.

Changing the Pi-Hole port back to normal would also solve this problem.

system · April 6, 2019, 8:21pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.