Pihole currently has a timeout of 10 seconds. That value is too high and unrealisic and here are some values which make more sense:
5: This is the default time which
nslookup(Linux) waits before making another request. The program will still waits 10 seconds, even though the response is available after the retry, thus slowing down e.g. scripts which use
2: This is the default time which
nslookup(Windows) waits (twice). The progam does not receive a reply in the current setup (when the first upstream server doesn't respond).
- 1: Smallest value possible (without rework). Nobody likes to wait and this is a sane value for "normal" setups. The only time where this is not enough is when using Unbound with an empty cache, in which case I would still rather get a response from my secondary DNS server instead of waiting.
cloudflared because of the added security of DNS-over-TLS, and I only want to use
cloudflared, so I use
strict-order in my
dnsmasq.conf. But I do understand that you need some form of redundancy (e.g. when the client is upgrading), so I define a backup server. Now when
cloudflared goes down, for whatever reason, I don't want to wait up to 10 seconds for every single request.
I'm sure other people will think the same way about this so I'm opening this thread to gather some opinions. 10 seconds feels like an relic of the past and doesn't make much sense in the current internet.