Hello,
is it possible to modify the ttl of the local dns domains?
now it's 0 which makes the amount of dns requests to my internal site crazy high.
Hello,
is it possible to modify the ttl of the local dns domains?
now it's 0 which makes the amount of dns requests to my internal site crazy high.
The default TTL for locally resolved domains is 2 seconds.
You can change it here, but from what I understand when you update pihole it will be wiped.
/etc/dnsmasq.d/01-pihole.conf
local-ttl=60
You might be interested in this thread ( source of the above )
You may set the local-ttl
value to anything you like you should just not do it in any of the files Pi-hole will overwrite. However, you can simply create a custom file yourself, like /etc/dnsmasq.d/99-local-ttl.conf
and add the setting there. Don't forget to do a pihole restartdns
afterwards.
This thread is four years old and outdated. The local-ttl
isn't responsible for blocked queries any longer. This is now independently controlled by the FTL setting BLOCK_TTL
.
With this new info I decided to update my files and added /etc/dnsmasq.d/99-local-ttl.conf
with the line BLOCK_TTL=120
Though it's being reported as invalid?
"FTL failed to start due to bad option at line 1 of /etc/dnsmasq.d/99-local-ttl.conf"
You've edited the wrong file:
At the top of the linked page for FTL's configuration:
You can create a file
/etc/pihole/pihole-FTL.conf
that will be read by FTL DNS on startup.
thank you all,
strange thing for me is that default the ttl is 0 not 2, as was expected. (see line 38)
Server: pi.hole
Address: 192.168.180.10
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
<mydomain>.duckdns.org.lan, type = A, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
<mydomain>.duckdns.org.lan, type = AAAA, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
<mydomain>.duckdns.org, type = A, class = IN
ANSWERS:
-> <mydomain>.duckdns.org
internet address = 192.168.180.13
ttl = 0 (0 secs)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
<mydomain>.duckdns.org, type = AAAA, class = IN
------------
Name: <mydomain>.duckdns.org
Address: 192.168.180.13
I tried some configs
changing
/etc/pihole/pihole-FTL.conf
didn't help.
adding BLOCK_TTL=60
to 99-local-ttl.conf
made the complete dns fail, however it says it started correctly.
[✓] Restarting DNS server
but adding local-ttl=60
to /etc/dnsmasq.d/99-local-ttl.conf
works.
edit:
now I see, local-ttl and block-ttl are 2 separate settings
Wrong file for that option - see my post above.
Pi-hole may not be involved here:
That looks very much like a public domain.
Your domain hoster would control the TTL of the respective DNS records.
Depending on your hoster, you may or may not be able to configure TTLs for your domains.
If you've instead configured Pi-hole with a local DNS record for that public domain name, note that you would be seeing the remaining TTL with a DNS reply, i.e. the time that a requesting client may hold on to the DNS reply before it should be considered stale and should be requested anew.
With a low 2 seconds TTL, it wouldn't be unusual to see that reduced to zero.
EDIT: And of course, if you don't block that domain, its TTL would be controlled by dnsmasq
's local-ttl
as usual instead of pihole-FTL
's BLOCK_TTL
- but you've figured that already.
I did, because I don't need to go out to contact to my internal website. Also for some reason my new modem does not accept requests to my own external ip.
But now I know,
TTL of local dns default = 0
TTL of blocked DNS by default = 2
QUESTIONS:
ms.applvn.com, type = A, class = IN
ANSWERS:
-> ms.applvn.com
internet address = 0.0.0.0
ttl = 2 (2 secs)
and there are 2 different settings to change the different values.
2 on block_ttl is fine for me, I only needed to change local_ttl
Ahh good catch, thanks!
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.