What could cause this errore and how can i solve?

2021-09-21
03:00:15 RATE_LIMIT Client 192.168.1.1 has been rate-

Raspberry Pi 4, pihole and unbound.

Error appeared After Last Update.

Maybe rate-limiting?

Sorry the paste was incomplete.

03:00:15 RATE_LIMIT Client 192.168.1.1 has been rate-limited (current config allows up to 1000 queries in 60 seconds)

It says that My Routers IP has bene Limited because exceeded 1000 queries in 60 seconds.

If It Is the Routers ip Is It possibile that It Is making 1000 queries in 1 minute when everybody Is connected?

Can i set more queries to avoid the error in the settings in rate-limit?

In certain configurations it might be reasonable that your router has such a high number of queries, esp. if all your client traffic goes to your router first and then to Pi-hole. But you should have a look at your queries first to rule out a DNS loop or a client going wild. Do you always see the same queries in the query log?

You can increase the limit via /etc/pihole/pihole-FTL.conf. See the link mibere posted above.

2 Likes

I see a lot of queries by ichnea.netflix and Samsungcloud this Last One must be My TV It Is very chatty.

Which Is the fight way to excluded a dns loop?

I have a second pihole on network and shows the Same Warning.

Have a look at your DNS configuration of your clients, routers and Pi-hole's. If there is a chain of servers that close a loop (eg client -> router -> pihole ->router) or a partial loop (e.g. by conditional forwarding), you need to break the loop. If there is no loop, you need to increase the limit (or get red of the chatty clients :wink:

All clients are in automatic. Xbox Is excluded from Blocking.

Only to exclude Something else I think I will upload a log to analyze.

Eliminate chatty clients would be no TV :smile: . Next Tv will be a less chatty one.

If I don't find anything I think I will increase to 2000 for the start to see if it is enough.

Thanks for the answers btw.

Please upload a debug log and post just the token that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

https://tricorder.pi-hole.net/RcdmsbNy/

Your log looks Ok.

You router distributes your Pi-hole's IP as DNS server via DHCP (I guess together with your second Pi).

[✓] IPv4 address(es) bound to the eth0 interface:
    192.168.1.254/24

      dns-server: 192.168.1.254
      dns-server: 192.168.1.253

Your Pi-hole forwards the requests to your local unbound

    PIHOLE_DNS_1=127.0.0.1#5335

The question would be why your TV is sending queries to your router instead of Pi-hole? Does it use DHCP? Can you set a fixed DNS server at the device?

   Sep 21 09:49:23 dnsmasq[11709]: query[A] customerevents.netflix.com from 192.168.1.101
   Sep 21 09:49:23 dnsmasq[11709]: gravity blocked customerevents.netflix.com is 0.0.0.0
   Sep 21 09:49:23 dnsmasq[11709]: query[A] ichnaea.netflix.com from 192.168.1.101
   Sep 21 09:49:23 dnsmasq[11709]: gravity blocked ichnaea.netflix.com is 0.0.0.0
   Sep 21 09:49:23 dnsmasq[11709]: query[A] customerevents.netflix.com from 192.168.1.1
   Sep 21 09:49:23 dnsmasq[11709]: gravity blocked customerevents.netflix.com is 0.0.0.0
   Sep 21 09:49:23 dnsmasq[11709]: query[A] ichnaea.netflix.com from 192.168.1.1
   Sep 21 09:49:23 dnsmasq[11709]: gravity blocked ichnaea.netflix.com is 0.0.0.0

Just to see if the device stops the spamming, you could (temporarily) whilelist ichnaea.netflix.com

P.S. You have conditional forwarding enabled, but this should be no problem here.

    REV_SERVER=true
    REV_SERVER_CIDR=192.168.1.0/24
    REV_SERVER_TARGET=192.168.1.1
    REV_SERVER_DOMAIN=RT-AC86U

I will set DNS manually to use pihole.

Ok

I will upload another log in 12/24 hours so you can see the results.

Thanks in advance.

Hello yubiuser

Here is my new log after more then 24 hours.

Done what you said and added ichnea.netflix to whitelist. Do I remove it from the list now?

https://tricorder.pi-hole.net/C6RLsJGm/

The errore did not appear until now.

A post was split to a new topic: Router got rate-limited

I'm not sure what I shall look for. Your debug log was Ok last time already, more importantly is:
How are the results? Did the spam stop? Does your TV send queries to Pi-hole directly now?


Some devices still don't honor your DNS server announced via DHCP, because I see those queries coming from your router

   Sep 22 00:00:20 dnsmasq[663]: query[A] dit.whatsapp.net from 192.168.1.1
   Sep 22 13:24:31 dnsmasq[663]: query[AAAA] www.linkedin.com from 192.168.1.1

Do you have any "advanced filters" activated in your router that might intercept DNS traffic?

Please run from your PC (or the one that might have originally sent those requests above):

nslookup google.com

nslookup pi.hole

And from your pi device

echo ">stats >quit" | nc localhost 4711
echo ">top-clients >quit" | nc localhost 4711

Whatsapp and LinkedIn i opened from my phone.

I will given you the results of the commands as soon as I can.

Yes the Tv stopped spamming.

Thank you again for your help.

A post was split to a new topic: Router got rate-limited

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.