Hi,
i have Pi-Hole 4.3.1 on my ReadyNAS server along with latest ReadyNAS OS 6.10.3
I am experiencing the following problem. No matter what i do, if I insert into ReadyNAS OS NTP timeserver's address as hostname, i am getting requests for its hostname translation from hostname to IP address on my Pi-Hole. These requests (A+AAAA)are very frequent, interval is 10 seconds, so daily around 20k requests daily.
This is what happens every 10 seconds on my DNS server Pi-Hole, with 1 (local) DNS server setup and 1 NTP server setup
Nov 24 18:55:53 dnsmasq[19136]: query[A] time.google.com from 192.168.1.4
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 216.239.35.0
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 216.239.35.8
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 216.239.35.4
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 216.239.35.12
Nov 24 18:55:53 dnsmasq[19136]: query[AAAA] time.google.com from 192.168.1.4
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 2001:4860:4806:4::
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 2001:4860:4806:8::
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 2001:4860:4806::
Nov 24 18:55:53 dnsmasq[19136]: cached time.google.com is 2001:4860:4806:c::
This is connmann.log
Nov 24 16:56:44 NAS connmand[2585]: ntp: adjust (slew): -0.000380 sec
Nov 24 16:57:48 NAS connmand[2585]: ntp: adjust (slew): -0.000607 sec
Nov 24 16:59:56 NAS connmand[2585]: ntp: adjust (slew): -0.000295 sec
Nov 24 17:04:13 NAS connmand[2585]: ntp: adjust (slew): -0.000316 sec
Nov 24 17:12:46 NAS connmand[2585]: ntp: adjust (slew): -0.000938 sec
Nov 24 17:29:51 NAS connmand[2585]: ntp: adjust (slew): -0.001276 sec
Nov 24 17:46:56 NAS connmand[2585]: ntp: adjust (slew): -0.002590 sec
Nov 24 18:04:01 NAS connmand[2585]: ntp: adjust (slew): +0.001719 sec
Nov 24 18:21:06 NAS connmand[2585]: ntp: adjust (slew): +0.002422 sec
Nov 24 18:38:11 NAS connmand[2585]: ntp: adjust (slew): +0.002185 sec
Nov 24 18:44:58 NAS connmand[2585]: ntp: adjust (slew): +0.000719 sec
Strange is, that connmann.log looks pretty normal. There is no timesync every 10 seconds.
But file pihole.log is completely spammed with DNS requests as well as my query log.
When i do insert NTP's address as IP address, not a hostname, there is no such a problem as described above.
Could you help? I am running Pi-hole on my ReadyNAS so their ip address is same.
Could it be something with these two advanced DNS settings (both are enabled by default)?
Never forward non-FQDNs --- ON
Never forward reverse lookups for private IP ranges --- ON
I have no bright ideas. I appreaciate any suggestions.
But i am getting the first log lines every 10 seconds. Which is really strange to me. Why should ReadyNAS should make every 10 seconds these requests? I was told (ReadyNAS forums) that interval of timesync is usually 2^x which never equals to 5 or 10 seconds as i described above. Only way how i am able to fix it(rather more "hack" it), is inserting NTP server's address as IP address, not as a hostname. But it is a pain in the ... because IP addresses of NTP servers change time by time.
And these DNS requests for NTP server's translation of hostname to IP address make around 70 percent of my local network DNS requests to Pi-Hole.
So Pi-Hole itself doesnt send any requests for server time update?
Today (18 hours) i have 16k requests for ReadyNAS NTP server address translation (time.google.com) to ip address. Most of them cached, but still pain in the..... and most of DNS traffic to my Pi-Hole server, doing mess in my query stats.
Ok, i have tried different DNS server software called Simple DNS Plus running on my Windows 7 PC.
I can say, there are no more than 1 DNS request for NTP server's translation hostname to IP address.
I have monitored DNS log and cache and there are no more requests. So it has to do something with Pi-Hole IMHO.
Well, that's the cause. connman may be updaing the time once a minute but it has to ask the remote timeservers for their information multiple times during that minute to be able to determine skew/slew. Find the connman general configuration file and use IP addresses instead of names for remote NTP servers. (And no, I don't know where that configuration file is.)
I was already told at ReadyNAS forums, that connman has no options available, time delays between adjusts and other steps are set by some mathematical algoritms that cant be changed or setup.
I have checked the config file myself and its true.
Only option is AllowHostnameUpdates, which to be honest, i dont understand what exactly it does or represents. There is also timeservers address selection line, timezone selection line and thats all.
I can't help with connmann, don't even know what it is. However:
The ntpd or chronyd time servers will do a lot of DNS lookups when starting, once sync is achieved they are done a lot less often. If sync fails, for example the local clock is too far off to allow a correction or the NTP packets are blocked, the requests stay at the rapid rate.
If you have an ntp status program running, like chronyc it will do a lookup of all configured servers at every update. If I set it to 300 seconds refresh it moves my NTP Pi up onto the top list for lookups. Set to a low value I see floods of queries like you are seeing.
I can see my pi-hole machines connecting to my NTP servers in the Pi-hole logs, when using the names instead of the IP and they aren't doing it often enough to matter. I use the IP instead of names in my DHCP, DHCP6 and RA NTP server fields locally. For the NTP server sources I use a GPS local clock, a couple IP only (unnamed) servers and as further backup a pool, the pool generates most DNS queries..
My suggestion would be to add an chrony ntp server (ntpd as a second choice) to your Pi or another system and get it working properly there. Once you have that you can compare what it is doing to what you see from your NAS.