(NTP stopped working, DNS queries returns servfail) is solved but I wonder why it behaved like this?
Closed down my network because I vent on vacation. Came home and started up everything and suddenly no DNS queries worked. PiHole diagnosis also signaled unreachable NTP Server.
When I ran timedatectl status
System clock synchronized: no
I got system clock not synchronised
Long story short, I set date manually and then everything worked as it should.
Shouldn't date and time be set at startup?
As a side note. I shutdown my network every night and start it up again in the morning and I have not seen any problems since I activated this RaspberryPi two months ago.
This time My Raspberry was down for several days and it must have created the time ofset. My understanding of NTP is that it should keep track of time even when one does as I did.
While an IP address should be OK in configuration, it won't dynamically change if the domain 'moves'. What you are facing is some of the reason why most do NOT use Pi-hole for their device's DNS. On all my 'critical devices' (router, APs, RPi w/ Pi-hole) that do not need blocking, I use an external DNS like Google, Cloudflare, or similar. This ensures that even if the device's time is not correct because of prolonged downtime, correct time is not immediately required. Otherwise fake-hwclock works fine when the device is just rebooted.
Thanks for answering. Interesting what you are suggesting with devices and DNS. Especially RPi could use another DNS while being a DNS! I thought my setup with Unbound would demand PiHole to be its own DNS. From your answer I conclude that in your opinion only clients with Browsers should be redirected, correct? My network is mainly DHCP so would you recommend a manual address reservation with a different DNS for those devices not needing PiHole?
All other devices on my network, IoT, laptops, phones, PCs, etc. are DHCP which is provided by my Pi-hole. I have reservations configured for all devices, which include my Pi-hole's address for DNS (default configuration). I have a segment of my network ( < .10) that I use for all 'critical' devices. These are manually configured with an IP and, in my case, Cloudflare for DNS. This ensures they are almost always able to NTP, get package or Pi-hole updates, etc. Mine are all headless/embedded-type devices, so there is rarely any need to block content to them. Now, I also got 'fancy' and use a reverse proxy for DoH, and another app for proxying DoT/DoQ to my Pi-hole. I also included a firewall rule to force all devices ( >= .10) to use Pi-hole, by redirecting any port 53 items back to it.