I just installed a brandnew dietpi x86 server.
As it could not finish the setup process because of “unreachable” servers, I found out it got blocked by my DNS server (pihole) due to excessive dns requests (250.000 in about 10 minutes).
The requests were for “dwr.rijksoverheid.nl”.
After a reboot there were no more requests for this domain and the setup finished successfully.
Any explanation for this?
However, the sub domain doesn’t seem to be valid or existing. Therefore, the DNS request is answered with NXDOMAIN. But this is not a domain we setup or create inside our configuration. Did you install any 3rd party application?
No, I did not install any additional software, yet.
It was a fresh installation and I was still running through the initial dietpi setup.
I only chose OpenSSH over Dropbear and changed the Logs to Full Log and pressed install.
strange thing, at least from our side we don’t use that domain on our configuration. You can review apt package source, but they should point to global Debian repository only.
for i in /etc/apt/sources.list{,.d/*.list}; do echo "$i:"; cat "$i"; done
root@MyServername:~# for i in /etc/apt/sources.list{,.d/*.list}; do echo "$i:"; cat "$i"; done
/etc/apt/sources.list:
deb https://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
deb https://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
deb https://deb.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware
deb https://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
/etc/apt/sources.list.d/*.list:
cat: '/etc/apt/sources.list.d/*.list': No such file or directory
Unfortulately not.
I just booted up a virtual machine, same iso, same network. Issue is not reproducable.
And I can’t see anything special between those two installations in the DNS log. I thought this could give a hint on what went wrong the first time. It seems like it happened when trying to reach dns9.quad9.net.
I think we can close this issue, since it’s not reproducable.
Thanks for your help!
Finally I have been able to solve the riddle and I’d like to share the solution with you, although it has nothing to do with dietpi
A couple of days ago I started testing again and hooked up my Small Form Factor PC, that I bought refurbished on ebay.
And as you can guess… the excessive DNS requests to “dwr.rijksoverheid.nl” where back again.
I did some research and tried to isolate the source of these requests.
The SSD that came with this PC has never been in use and there wasn’t even an operating system running on this machine, yet. So it had to be something else the PC was doing on its own
I found out that the PC comes with Intel AMT functionality (a feature to control the device remotely) and this management technology is even running, when the PC is connected to mains, but powered off.
Another look through the BIOS and a reboot later I could access the settings of this feature.
And here we go…
Since the PC has been refurbished, it has obviously been in use for the dutch government and configured accordingly.
What a relieve, when I finally found out the root cause of this little mystery