Warnings in the pi-hole diagnosis

Hi again to everybody.
I installed pi-hole to be able to manage the DDNS.
It’s very useful also because it blocks a lot of ads :slight_smile: .
I also notice I can add some whitelisted domains.
Now I see in the pi-hole diagnosis a lot of warnings like this one:

DNSMASQ_WARN	Warning in dnsmasq core:
Ignoring query from non-local network
Check out our documentation for further information.

What does it mean?
Is it something I should be aware of?

well you could do what has been stated on the warning message. Check PiHole documentation https://docs.pi-hole.net/ftldns/dnsmasq_warn/

Looks like your PiHole s receiving DNS request from outside of your local network.

Thanks Joulinar
I checked the documentation and found the related warning, but still not sure if I should be aware of it…
When I try to reach the server from outside my network, am I doing a DNS request?
If this is the case (as I guess), will I receive those warnings every time I’ll reach the server from outside?

Well I don’t know how you setup your environment. if you use a VPN or not. Or if you setup your DNS server to be reachable from outside. What exactly you have setup to manage DDNS. Which ports are forwarded from internet router.

Normally setup is to have PiHole available inside a local network only. That’s why request are ignored from other sources.

it’s really complicated to explain all the settings I made when configuring the pi-hole… Honestly, I don’t remember :blush:.
Anyway, for sure I installed it to bypass the rigidity of the Vodafone router, which was not able to recognize the DDNS when reached from inside the network.
Now I can reach my DDNS both from inside and outside my network, and this is what I want.

ah I recall your setup. Question is which device is trying to connect. Is there any other information on the warning message?

If you like to get ride, as well you could allow PiHole to answer DNS request for all clients. Dosen’t matter where they are from :sunglasses:

If you like to get ride, as well you could allow PiHole to answer DNS request for all clients. Dosen’t matter where they are from

In term of safety, isn’t this dangerous?
I mean, as soon as I can reach owncloud through my DDNS from everywhere (and now I do), does it make sense answer to all clients DNS requests?
My starting question was just to understand better the pi-hole warnings.
Looks like pi-hole is doing its job, giving me those warnings, isn’t it?

The warning is generated by the dnsmasq service used by PiHole. One one of the last release, PiHole increased visibility of these warning and added them to a more prominent spot.

As along as you don’t forward port 53 on your router to DietPi device, you should be save to use other options. This as well is stated on the option I showed above.

I forwarded only ports 80 and 443…
About the suggested configuration I didn’t find any interface like the one you showed me above. But in the Settings → System I found “Enable query logging”. Once enabled, the warnings disappeared…
Did I make it right?
Should I disable it again?

forwarding ports 80 and 443 is totally fine. Nothing to change on this :slight_smile:

The setting to allow all request is available on Settings → DNS

BTW warning are disappeared because your DNS server was restarted while enabling logging. Usually it is fine to have logging disabled.

I found the settings and configured them as suggested.
I also disable again the logging.
I’m anyway curious about all those warnings: Why so many queries from outside my network?

well it doesn’t need to be something from internet directly. Not 100% sure but it could be as well a local client using a public IPv6 address. Another possibility is, if you are using some VPN solution to connect into your privat network from outside.

I’m trying to understand better all those warnings, checking at the query log in pi-hole. Does it make sense?

Log files are always good. :slight_smile:

You have the query log inside PiHole web interface. By default it shows last 100 Query only, but you could hit the show all button to get the last 2 days. By default we set logging to max 2 days. If needed this could be enlarged.