Comment on Pi-Hole Local DNS Record Spamming Query Log
graveyardchickenhunt@lemmy.world 8 months agoNot that unusual depending on the software. A lot of them honour the TTL literally.
One enterprise software I know that does it is VMware vcenter. I’m sure there’s plenty of consumer software that retries excessively.
ShellMonkey@lemmy.socdojo.com 8 months ago
It would make sense in this case, blocking via a proxy or firewall is a forced breaking of the link where this is just manipulating otherwise standard flows to accomplish something similar but they try to keep that feel where a change happens when you change it not after thing. If it was the pinhole setting the TTL though that should be the case for most any domain not just the duckdns.org one.
That leads me to think it’s actually the DDNS provider with the short TTL not it being cut down by the pinhole. When coming external the response comes from the public resolver and never gets logged to the pinhole, internally since the pi isn’t the authority it sends a recursive downstream that gets logged.
A means of fixing it might be creating a separate internal domain (a .local or whatever non routable you like) and setting a static response for that where the pinhole is the authority. It should keep it from having to check from a place (duckdns) that by design is meant to change frequently so they probably do have a 0 TTL.