Installed Pihole on PiOS (latest as of this topic), ever single system in my lab setup is working fine that is Linux or non-Windows based. But Windows 11 query anything no in the local domain, query refused. It is like Pihole will just NOT forward anything.
Linux system, pihole or my isc-dhcp-server, resolves fine, say www.google.com. But Windows 11 using same DHCP server as other Linux systems, same configuration for DNS, i.e. point to pihole instance, query refused. I set static DNS on Windows system it works! Got back to DNS pointing to pihole, query refused.
Guess I create a local DNS server again, and bypass pihole until this is figured out? Any help appreciated.
There are a handful of Windows 11 systems on my network. Windows 11 Home/Pro both work just fine, as do other devices. Pi-hole should, I would think, be generally ignorant of the system requesting DNS resolution. Perhaps you have a domain blocked that is needed by Windows to function. Not sure about that, so just a guess.
I’d suggest you follow the template as indicated when creating a post., and provide a debug token for the development folks to review.
I would usually agree… but this is a recent development… my Windows 11 systems are 25H, just recently updated. Also, I have used PiHole for years with older versions of Windows 10 and 11 fine.
Just to evaluate and validate that whatever is going on, is in part related to PiHole in some fashion or not. I shutdown (stopped) PiHole and spun up a Bind9 DNS server on the same PiOS based instance. And DNS is consistently working on Windows 11 and as all Linux systems, forwarding correctly to internet and resolving locally as expected. So whatever is going on… PiHole is part of the scenario in some way. I am not pointing a finger at PiHole… only stating that for whatever reason I am getting “Query Refused’ returned to Windows 11 via PiHole for all queries, I am not getting the same refusal from Bind9 DNS server just established.
And yes, appears this is going to need the template and applicable analysis. Odd just odd. The Bind9 DNS server instance addresses the immediate impact, but much prefer to getting the issue resolved so I can return to using PiHole.
Current behavior…
Windows 11 only clients consistently getting ‘Query Refused’ from PiHole instance.
Edition Windows 11 Pro
Version 25H2
Installed on 11/26/2025
OS build 26200.7171
Experience Windows Feature Experience Pack 1000.26100.265.0
Expected behavior…
Name resolution working for both local and internet DNS queries.
Yes… 192.168.1.34 is the Windows device I am testing against, and is exhibiting the query refused scenario.
I understand that is warning is new feature… not the actual rate limit feature but the log warning its self. But what I am curious about is I have never tripped over this limit before, so has the limit become more aggressive over time? Change recently? I have had this Windows 11 and other Windows based system online for quite some time, and not experienced the impact of the limit before.
Also explains why when I switched to BIND9 for local DNS, until I can get this issue ironed out, my Windows system is not longer impacted, as such. In the middle of this scenario, my Windows system moved from H24 to H25, so for now I do not see that as material? But? Maybe someone knows if Microsoft changed something recently that would push the query frequency up significantly?
The Windows 11 system is used for email, random youtube content viewing, and some minor simple development work, all local based. My web surfing has not significantly changed. So wonder at what seems to have triggered the rate limit?
Not that new - diagnostic messages for Pi-hole's rate-limiting were introduced some five years ago when Pi-hole FTL v5.9, Web v5.6 and Core v5.4 released in September 2021, shortly after rate-limiting was introduced with Pi-hole FTL v5.7, and the default rate limit hasn't changed since it was introduced.
It would seem your particular Windows version is/was more chatty then previous ones.
If this persists, you could opt to change your Pi-hole's rate limit, but before you do so, you should attempt to control your client's behaviour.
Your milage may vary, but while Windows can be chatty as @Bucking_Horn mentions. Some of that chatter can also be attributed to apps/applications. Office, browsers, and all sorts of things can create traffic. My system has only a few apps related to what I use on a regular basis, and I do all I can to limit things like startup apps, and telemetry. The default Pi-hole rate limit setting is in place, and never gotten a rate limit message from the Windows system.
Yes… I really want to focus on reducing the ‘chatter’ if possible. The Windows 11 system, ultimately, I could re-install a clean copy of the OS, if needed.
I suspect that the migration to 25H has significantly changed the chatter scale, but I have yet to find any definitive discussion on this that is concrete, but just started looking last night.
Until now I never have hit this rate limit, must of my systems are Linux based now, and I have a lot of IoT projects, neither of these, of which I have much tighter control over, has ever been an issue… just Windows. Why am I not surprised.