Came here via search, as I am encountering ‘similar’ issues. I run pi-hole on a separate Pi as of last weekend. The graphs are going crazy on requests coming from Hassio.local (on another Pi3). Top request seem to come all from integrations (tado + telegrambot in my case). Also a lot of ESPhome devices show up (even though most are disconnected / tests).
As @nickrout mentions above, it doesn’t harm and probably the behaviour has been like that, before Pi-hole was deployed. Still I found it obscure, and would love to have Hassio behave normal / decent
Well so much for this whole thing not causing any harm. Woke up to my Nest Hello stating its offline, look in Unifi and its most definitely online. Look at the device rating and it states DNS Timeout. Go to my pihole and its as if its crashed, FTL Service is not running etc. After reboot everything is back up and running but I see the following graph and these massive numbers:
Top is Home Assistant, second place is my UDM.
Obviously the blue is HA.
The only thing I can think of is discovery for something in HA just spamming these requests. I am going to comment out that line in my config and see if I continue to see these requests.
Went to the ubuntu machine running docker with HA and did a tcp dump and screen flies by scrolling with PTR requests. My little PiZero seems to somehow be keeping up with these requests almost without an issue the majority of the time (probably because being served up from cache) but still. If it crashes from time to time, this will start driving me crazy trying to figure this out.
Starting to think maybe this has something to do with the DNS docker container that runs along side HA? The only time I see this seems to “calm down” is after a full restart of Ubuntu. I don’t believe I started seeing this issue until after that container was starting to be used. Looking at the docker stats, this container is constantly using 1.3 to 2% of CPU all the time with network usage at 1.46MB.
Going to try and stop the container to see if requests die off. Not sure what the repercussions to HA are though so guess Ill find that out as well.
Update: So, while looking at the containers in docker, I saw that AdGuardHome was running. I had installed this to test it out before deploying in another instance of HA for my parents. I had disabled the start at boot, but somehow it was re enabled. I can literally flip back and forth between enabled and disabled and watch the flood of requests go out for PTR records.
So it seems, this is tied probably to either AdGuardHome or maybe even PiHole running along side of HA. Going to install tcpdump on my PiZero so I should be able to confirm if that traffic appears to be “normal” from there as well.
Update 2: AAND PiHole on my PiZero is making some PTR requests, but nothing in the crazy volume I saw when AdGuardHome is running with HA. This leads me to believe the problem is either AdGuardHome or having it installed along side of HA with the DNS container. After I removed AdGuardHome, the DNS container is no longer using a bunch of CPU and Net I/O is tiny compared to what it was.
I was going to try and install PiHole along with HA but it wont start due to the DNS port already being in use (Maybe remnants of AGH?). Since I already run an instance of PiHole outside of my HA, I dont think I am going to look into that portion any further, but hopefully this helps anyone else that comes across this weird nuisance.
I had the same problem. In my case, it depended on the integration/component.
I recently switched all the hardcoded IPs in my configuration files to local names instead and I saw a huge jump in my pihole chart (like you did). Requests from my hassio went from the low 100s to nearly 3000 per 10 minute timeframe. I could see which host it was requesting records for in the pihole logs (like you did) and I then used trial and error to back out the changes until I found the culprit.
I came across this after I observed the same issue with my pi-hole/hass setup. I found a solution that seemed to work for me. Posting in the hope that it will help someone else too.
Initially, I disabled the Nmap Tracker integration. All x.x.x.x.in-addr.arpa PTR lookups seemed to stop.
After looking a little more at the integration, and NMAPs options, I reconfigured the Nmap Tracker and added the following to suppress DNS resolution.
This is happening to me as well. Running HASSIO on a RPI4, and it shoots ton of PTR scans through the pihole.
It started doing this recently (perhaps after updatinf to latest HASSIO core??, I do not know what causes /how to stop it
Any suggestion is appreciated
Hope someone figures this out , I’m not using nmap either, it is annoying enough on a /24 network but for a while I was on a /16 and it was trying to do a reverse lookup on every possible host address. I’m sure it did not always do this.
