Hi there,
Hoping for some advice on my issue, detailed below.
If you need any further details, please let me know.
The issue I am facing: Recently I've been having issues with my pi-hole setup, websites timing out or not loading.
Details about my system: Pi-hole via Docker running on a win11 Intel Nuc
What I have changed since installing Pi-hole: win11 updates have been running, thats the only thing I can attribute it to. I've tried fresh installs and checking router and networking settings, but have not found a solution yet.
Your debug log shows that 127.0.0.1 was repeatedly getting rate-limited:
-rw-r--r-- 1 pihole pihole 94K May 20 13:45 /var/log/pihole/FTL.log
-----head of FTL.log------
[2023-05-20 00:00:58.077 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:01:01.887 22331M] Rate-limiting 127.0.0.1 for at least 57 seconds
[2023-05-20 00:01:58.159 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:02:12.206 22331M] Rate-limiting 127.0.0.1 for at least 46 seconds
[2023-05-20 00:02:58.240 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:03:43.841 22331M] Rate-limiting 127.0.0.1 for at least 15 seconds
[2023-05-20 00:03:58.320 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:04:00.956 22331M] Rate-limiting 127.0.0.1 for at least 58 seconds
[2023-05-20 00:04:58.401 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:13:11.146 22331M] Rate-limiting 127.0.0.1 for at least 47 seconds
[2023-05-20 00:13:58.149 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:14:10.108 22331M] Rate-limiting 127.0.0.1 for at least 48 seconds
[2023-05-20 00:14:58.227 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:15:43.121 22331M] Rate-limiting 127.0.0.1 for at least 15 seconds
[2023-05-20 00:15:58.303 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:15:58.736 22331M] Rate-limiting 127.0.0.1 for at least 60 seconds
[2023-05-20 00:16:58.377 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:16:59.081 22331M] Rate-limiting 127.0.0.1 for at least 59 seconds
[2023-05-20 00:17:58.457 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:18:11.181 22331M] Rate-limiting 127.0.0.1 for at least 47 seconds
[2023-05-20 00:18:58.533 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:19:10.139 22331M] Rate-limiting 127.0.0.1 for at least 48 seconds
[2023-05-20 00:19:58.644 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:19:59.376 22331M] Rate-limiting 127.0.0.1 for at least 59 seconds
[2023-05-20 00:20:58.722 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:21:00.868 22331M] Resizing "FTL-dns-cache" from 8192 to (768 * 16) == 12288 (/dev/shm: 63.7MB used, 67.1MB total, FTL uses 63.7MB)
[2023-05-20 00:21:00.868 22331M] WARNING: RAM shortage (/dev/shm) ahead: 94% is used (/dev/shm: 63.7MB used, 67.1MB total, FTL uses 63.7MB)
[2023-05-20 00:21:01.074 22331M] Rate-limiting 127.0.0.1 for at least 57 seconds
[2023-05-20 00:21:58.802 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:22:36.346 22331M] Rate-limiting 127.0.0.1 for at least 22 seconds
[2023-05-20 00:22:58.883 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:22:59.533 22331M] Rate-limiting 127.0.0.1 for at least 59 seconds
[2023-05-20 00:23:58.965 22331/T22368] Ending rate-limitation of 127.0.0.1
[2023-05-20 00:24:00.957 22331M] Rate-limiting 127.0.0.1 for at least 58 seconds
[2023-05-20 00:24:58.038 22331/T22368] Ending rate-limitation of 127.0.0.1
127.0.0.1 is the localhost address.
As you are running Pi-hole in Docker, that means that the Docker conatiner itself is generating an excessive amount of DNS requests.
Some of those are also documented in excerpts from /var/log/pihole/pihole.log:
-rw-r--r-- 1 pihole pihole 260M May 20 13:46 /var/log/pihole/pihole.log
-----head of pihole.log------
May 20 00:00:07 dnsmasq[22331]: query[SOA] 1.0.17.172.in-addr.arpa from 172.17.0.1
May 20 00:00:07 dnsmasq[22331]: forwarded 1.0.17.172.in-addr.arpa to 1.1.1.1
May 20 00:00:07 dnsmasq[22331]: reply 1.0.17.172.in-addr.arpa is NXDOMAIN
May 20 00:00:07 dnsmasq[22331]: query[ANY] 1.0.17.172.in-addr.arpa from 172.17.0.1
May 20 00:00:07 dnsmasq[22331]: config 172.17.0.1 is NXDOMAIN
May 20 00:00:09 dnsmasq[22331]: query[A] 1.0.17.172.in-addr.arpa from 172.17.0.1
May 20 00:00:09 dnsmasq[22331]: forwarded 1.0.17.172.in-addr.arpa to 127.17.0.1
May 20 00:00:09 dnsmasq[22331]: forwarded 1.0.17.172.in-addr.arpa to 1.1.1.1
May 20 00:00:09 dnsmasq[22331]: query[A] 1.0.17.172.in-addr.arpa from 127.0.0.1
May 20 00:00:09 dnsmasq[22331]: config error is REFUSED (EDE: blocked)
May 20 00:00:09 dnsmasq[22331]: Rate-limiting 1.0.17.172.in-addr.arpa is REFUSED (EDE: blocked)
Quite likely, those excessive requests also exhaust Pi-hole's shared memory:
Let's take a closer look at that client's DNS requests.
Run from the machine hosting your dockered Pi-hole, what's the output of:
docker exec -it pihole pihole-FTL sqlite3 "/etc/pihole/pihole-FTL.db" "SELECT domain, count(domain), datetime(max(timestamp),'unixepoch') FROM queries \
WHERE timestamp BETWEEN strftime('%s','now','-3 day') AND strftime('%s','now') \
AND client='127.0.0.1' GROUP BY domain ORDER BY 2 DESC LIMIT 10;"
Also, what is that 127.17.0.1 that you are using as one of Pi-hole's upstreams?
Here we go, forgive my formatting.
Amended the command, the name of my container is piholeD
C:\Users\User>docker exec -it piholeD pihole-FTL sqlite3 "/etc/pihole/pihole-FTL.db" "SELECT domain, count(domain), datetime(max(timestamp),'unixepoch') FROM queries
WHERE timestamp BETWEEN strftime('%s','now','-3 day') AND strftime('%s','now') \
AND client='127.0.0.1' GROUP BY domain ORDER BY 2 DESC LIMIT 10;"
www.neighbourly.co.nz|2731722|2023-05-20 23:01:56
127.17.0.1 is the local host.
Here's the guide i've used to setup Pi-hole on docker. It's possibe it's obsolete?
Hi zigzagzen, I had a similar issue and resolved it by downgrading my docker version
what docker version are you running?
I'm always updating to the latest, but my troubles started when I updated docker to 4.19
I rolled back to 4.18, re-installed and everything is good now
Bucking_Horn asked me for the log, but I had already nuked the container, so I cannot really be of any further assistance.. but if you were on 4.19 and rolled back to 4.18 and your issues go away I would say we have some common ground for a solution..
good luck
A
Hi Alchemist,
Read your thread yesterday and yes i am running 4.19. If theres no solution to be found ill try rolling back a version.
Hoping a solution can be found though as im sure theres many other whos pi hole containers were affected by the update to 4.19