Too many queries made when 'Conditional Forwarding' is enabled

Please follow the below template, it will help us to help you!

Expected Behaviour:

No additional queries should be made, certainly not hundreds, if not thousands every second.

Actual Behaviour:

Too many queries are being made every second, when Conditional Forwarding is turned on.

My router's IP is 10.0.0.1 and the Pi's IP is 10.0.0.6, with the local domain name being RT-AC87U.

Screenshots:

Debug Token:

I uninstall and re-installed after too many queries were flooding the dashboard and possibly performance. Debug token of fresh install: 5drm4rvoya

Do you have your WAN DNS settings pointed to the PiHole in your router?

I noticed this behavior when I had that setup enabled in my RT-AC3100.

I now point my WAN DNS to 1.1.1.1, 1.0.0.1, and use the LAN DHCP server to assign my clients the PiHole address for DNS for blocking purposes. This stopped the flood of DNS queries.

Yes it does as a matter of fact.

Changing that, clear your logging and reboot. It stills start to function as expected.

Not sure if it's a conditional forwarding issue or not. That is a workaround I found for now, I'm following CF tickets myself to see if any other light is shed on it.

Hope this helps a bit.

Alright. Now I can't open http://pi.hole

Use it's IP address.

Make sure that you client got PiHole address for DNS from the router in DHCP.

On Linux and Mac client PC's, whats outcome for below one ?

cat /etc/resolv.conf

Or if its Windows client PC, what does the DNS section display when run below one in a CMD prompt ?

ipconfig /all

Like @Therion87 mentions, you want clients to query the Pi-hole IP address directly and not via your router first.

You can test DNS lookups and blocking on a Linux/Mac/Windows client PC with below ones:

nslookup doubleclick.com

nslookup doubleclick.com <PIHOLE_IP_ADDRESS>

nslookup doubleclick.com 8.8.8.8

A restart of router and Pi solved that issue.

So ASUS routers send a few DNS queries every second to check if an internet connection is active or not... After I changed the WAN DNS from my Pi's IP to 8.8.8.8, 8.8.4.4, I noticed a downward spike in the graphs, but shortly, a spike in queries from localhost:

So I'm assuming that any DNS query the router will be making (like NS resolution for ping/traceroute) will be forwarded to the IPs set in WAN DNS settings?

For cat /etc/resolv.conf:

MacBook-Pro:~ Agneev$ cat /etc/resolv.conf

macOS Notice

This file is not consulted for DNS hostname resolution, address
resolution, or the DNS query routing mechanism used by most
processes on this system.

To view the DNS configuration used by this system, use:
scutil --dns

SEE ALSO
dns-sd(1), scutil(8)

This file is automatically generated.

domain RT-AC87U
nameserver 10.0.0.6
nameserver 10.0.0.1

For nslookup doubleclick.com:

MacBook-Pro:~ Agneev$ nslookup doubleclick.com
Server: 10.0.0.6
Address: 10.0.0.6#53

Name: doubleclick.com
Address: 0.0.0.0

The Mac has got two DNS servers configured.
This Mac will sometimes also query the not Pi-holed DNS server 10.0.0.1 resulting in the "pi.hole" name not resolving and ads leaking through.

Yeah.

As @Therion87 suggested as a workaround, I had to point my WAN DNS towards 8.8.8.8 and 8.8.4.4.

I can change the DNS servers on my Mac to 10.0.0.6 only.
But what about other devices in the household?; It's not possible to change DNS everywhere.

@Therion87 posted this bit:

He probably configured his routers DHCP service to push the Pi-hole IP address to his clients for DNS resolution
Can you post screenshots of your router's DHCP settings ?
If settings lacking/missing, you can disable the DHCP service on the router and use Pi-hole's own DHCP service as a replacement:

So did I.

My WAN DNS currents points to 8.8.8.8 and 8.8.4.4.

But the thing is that the router advertises it's own server, and there is no way to disable that unless you turn off DHCP. I do not want to use pi hole as my DHCP server.

Aha Asus.
Read below posting.
Best bet, disable the DHCP service on the router and enable the one on Pi-hole.

EDIT: our postings crossed but I believe this is the only option.

Alright. So if I use pi hole as my DHCP server, how does it deal with guest networks?

If the router doesnt block DHCP and/or DNS for those network segments, it should work.

EDIT: worst case, you can configure a bridge interface on Pi-hole that has a leg/connection to both networks.

EDIT2: below posting describes a bridge setup.
Though I made a mistake and the WiFi SSID and password should be configured in the wpa_supplicant config file.

What happens to my existing DHCP reservations set in the router, and can I still set reservations in the router's web UI?

DHCP reservations on the router will be lost.
The only place to set reservations is on the Pi-hole web GUI.

Android phones have weird hostnames. Is it possible to change hostnames of devices so it appears properly in the stats dashboard?