Suddenly stop resolving DNS requests

Help
1

Log available here
Version Pi-hole Version v5.0 Web Interface Version v5.0 FTL Version v5.0, unbound installed

Step to reproduce:

  1. enter any URL in any web browser -- Pi Hole / Unbound has the only DNS server.

Expected Behaviour:

  1. DNS query is resolved
  2. Website is loading normally or partially

Actual Behaviour:

  1. every queries end up to time out
  2. Pi Hole Query log show the query resolved as normal
  3. Around every second a warning is added to /var/log/pihole-FTL.log
    [2020-06-01 10:24:09.148 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

Additional information
Used to work just fine, no change was made on PiHole or Gateway (Ubiquiti Unifi)
DNS query are working normally when DNS server is changed in the gateway for CloudFlare
Unable to send any debug token , likely to be a firewall issue

[✗] There was an error uploading your debug log.

  • Please try again or contact the Pi-hole team for assistance.
  • A local copy of the debug log can be found at: /var/log/pihole_debug.log
    ubuntu@ubuntu:~$ echo "hello developers" | pihole tricorder

[✗] Unable to connect to Pi-hole's Tricorder server

ubuntu@ubuntu:~$ echo "hello developers" | pihole tricorder

[✗] Unable to connect to Pi-hole's Tricorder server

ubuntu@ubuntu:~$

ubuntu@ubuntu:~$ echo "hello developers" | pihole tricorder

[✗] Unable to connect to Pi-hole's Tricorder server

ubuntu@ubuntu:~$ echo "some text" | nc tricorder.pi-hole.net 9999

nc: getaddrinfo for host "tricorder.pi-hole.net" port 9999: Temporary failure in name resolution

ubuntu@ubuntu:~$ echo "Information to send over SSL" | openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null

ubuntu@ubuntu:~$ echo "help me" | nc tricorder.pi-hole.net 9999

nc: getaddrinfo for host "tricorder.pi-hole.net" port 9999: Temporary failure in name resolution

ubuntu@ubuntu:~$

Firewall

  • 002 .Allow DNS Servers out : Accept TCP and UDP > SOURCE Groups:DNS Server DESTINATION Groups:Local VLAN, DNS Port
  • 2003 Allow DNS Servers : Accept TCP and UDP > SOURCE Groups:Local VLAN DESTINATION Groups:DNS ServerDNS Port
  • 2018 Block DNS Servers SOURCE Drop TCP and UDP Groups:DNS

attached screenshots

Screenshot 2020-06-01 at 11.50.37
Screenshot 2020-06-01 at 11.50.371980×1030 256 KB

Screenshot 2020-06-01 at 11.50.37
Screenshot 2020-06-01 at 11.50.372000×165 75.8 KB

Screenshot 2020-06-01 at 11.50.37
Screenshot 2020-06-01 at 11.50.372000×49 26.4 KB

2

Please provide a debug token.

And have a look in /var/log/pihole-FTL.log if FTL crashed.

3

It's seems I have a lot of warnings

[2020-06-01 10:24:07.462 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:07.464 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:09.148 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:11.063 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:12.068 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:14.070 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:14.075 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:14.076 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:14.958 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:14.959 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:15.104 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:15.105 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:15.942 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:15.943 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

[2020-06-01 10:24:18.074 1816] WARN: getOverTimeID(1591007100): 596 is too large: 1590649500

I'm trying to upload the log but I have an issue,

There was an error uploading your debug log.

  • Please try again or contact the Pi-hole team for assistance.
  • A local copy of the debug log can be found at: /var/log/pihole_debug.log
ubuntu@ubuntu:~$ echo "hello developers" | pihole tricorder
  [✗] Unable to connect to Pi-hole's Tricorder server

I'm looking after this.

4

Check the time on your device.

1 Like
5

log attached

regarding this issue:

WARN: getOverTimeID(1591009500): 600 is too large: 1590649500

it's seems that the Pi-Hole time is wrong , I'm located in Ireland, current time is 12:27 and not 11:27
timedatectl status

 Local time: Mon 2020-06-01 11:27:40 UTC
           Universal time: Mon 2020-06-01 11:27:40 UTC
                 RTC time: n/a                        
                Time zone: Etc/UTC (UTC, +0000)       
System clock synchronized: yes                        
              NTP service: active                     
          RTC in local TZ: no

I cannot install NTP (Temporary failure resolving 'ports.ubuntu.com) which was expected due to DNS failure

UPDATE regarding time zone :
Time zone is now correct on the Pi-Hole but the same warning message remain on /var/log/pihole-FTL.log and same DNS issues.

Current default time zone: 'Europe/Dublin'
Local time is now:      Mon Jun  1 12:33:37 IST 2020.
Universal Time is now:  Mon Jun  1 11:33:37 UTC 2020.

ubuntu@ubuntu:~$ timedatectl status
               Local time: Mon 2020-06-01 12:34:15 IST
           Universal time: Mon 2020-06-01 11:34:15 UTC
                 RTC time: n/a                        
                Time zone: Europe/Dublin (IST, +0100) 
System clock synchronized: yes                        
              NTP service: active                     
          RTC in local TZ: no
6 
ubuntu@ubuntu:~$ ping google.com

ping: google.com: Temporary failure in name resolution

ubuntu@ubuntu:~$ dig google.com

; <<>> DiG 9.16.1-Ubuntu <<>> google.com

;; global options: +cmd

;; connection timed out; no servers could be reached

ubuntu@ubuntu:~$ dig google.com @127.0.0.1 -p 5335

; <<>> DiG 9.16.1-Ubuntu <<>> google.com @127.0.0.1 -p 5335

;; global options: +cmd

;; connection timed out; no servers could be reached

ubuntu@ubuntu:~$
7

For information I just installed Pi-Hole on a second device, and it's work fine, so it's seems that something wrong with my Primary Pi Hole

8

Who is in your Group Local VLAN? I guess the rule is for the DNS server (Pihole) to go out to the internet to contact an upstream DNS Server. The destination should be any (or paricular Upstream DNS-Server IP) but not something local?

9

Sorry for the delay, I'm using the Raspberry PI 3 since work just fine but I have the 100Mbs limitation (I have a gigabit WAN, but surely DNS request don't require that much anyway)

DNS server group : 1.1.1.1 1.0.0.1 , PIHOLE1, PiHOLETemporary.

Local VLAN (all the local VLANs and LAN IP)

I changed to all but same result, still don't get it why PiHole seems to resolve the request on the UI

Screenshot 2020-06-10 at 15.13.46
Screenshot 2020-06-10 at 15.13.461000×112 13.4 KB

Screenshot 2020-06-10 at 15.14.09
Screenshot 2020-06-10 at 15.14.09952×572 18.9 KB

10

Try:

  • 2002 Allow Local DNS Servers out : Accept TCP and UDP > SOURCE Groups:Local DNS Server DESTINATION Groups: DNS Port
  • 2003 Allow DNS Servers : Accept TCP and UDP > SOURCE Groups: Local VLAN DESTINATION Groups:DNS Server DNS Port
  • 2018 Block DNS Servers SOURCE Drop TCP and UDP Groups:DNS

Groups:
Local DNS Server: PIHOLE1, PiHOLETemporary
DNS Server: 1.1.1.1, 1.0.0.1 , PIHOLE1, PiHOLETemporary
Local VLAN: all the local VLANs and LAN IP
DNS Port: 53

In 2003 you could substitute "DNS Server" with "Local DNS Server" if you want to allow DNS traffic from your clients only to the piholes but not 1.1.1.1 and 1.0.0.1. The (outside) upstream servers for your pihole (1.1.1.1, 1.0.0.1?) should be covered with rule 2002 already

11

Thank you, I did setup your rules but I have the same issue, also the Pi web interface seems to take a very long time when manually refresh (randomly)

I attached a screen-recording, (sorry for the quality, just changed my monitor for a 39:2 5K it's get blurry when you try to record only one part)

PS 192.168.1.59 = Raspberry PI 4 which have the issue, using Unbound
192.168.1.59 = Temporary Raspberry Pi 3 DoT

12

I can't see anything, to blurred :eyeglasses: :joy:

I'm quite confident in my rules as I use exactly those without issues. I suspect a general network issue at this point.

Do you have both at the same time in your network active? Same IP will result in strange behavior and failures.
I would remove one, and see if the issues persist. Also switching upstream DNS servers for testing purpose to something like Cloudflare or Google might be an additional try to eliminate potential points of failure (Unbound, DoT).

13

Sorry, I don't know why final cut uploaded a 360P version... anyway 4K uploading now but anyway I think I spotted the issue : unbound!

I just changed upstream DNS server from 127.0.0.1#5335 - ::1#5335 to CloudFlare and it's seems to work fine

Update
just reading your post properly yes you right, that's seems to be the issue (unbound)

14

If it's working with Cloudflare for a while we can walk through you unbound setup to make it working too.

15

Actually it’s seems to resolve every dns request but it’s not blocking anything.
I updated gravity, had a few errors but still not blocking anything.
I’m probably better off formatting and starting over!
Thank for your help anyway

16

Wrong group assignments?

17

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.