I am pretty sure I saw a message during the last stable system update that the host for network connectivity checks was being set to ping.manjaro.org. I can’t find that message again in the systemd journal or pacman log though.
Anyway, since February 28th my Pihole server now sees many lookups for the non-existing host: ping.manjaro.org.lan and that host is not resolving, obviously.
So, my guess is that something went wrong updating the host for the network connectivity check, because now it believes this host is part of my LAN. It used to be archlinux.org right? That always resolved correctly.
The problem seems to be the ping.manjaro.org.lan (lan part). The rest should work. I wonder where the .lan comes from, because that’s not from the update…
Yes, the .lan part is obviously the issue. Somehow it seems to get appended. This didn’t happen with the previous setting, where it use the Archlinux domain.
It happens on all my (6 or so) Manjaro PCs/laptops. And it started happening after the Feb 28th update.
My Openwrt router does DHCP and it uses the .lan for the local area network, so every host is $hostname.lan. That’s how my network has been configured like forever. Pihole is only the local caching DNS.
I have never seen this behavior with any FQDN and I do check Pihole logs frequently. I am pretty stumped. like you.
You block every Domain that does not have a AAAA record? I mean, I can understand why you want to block Amazon and big parts of AWS, but there are many domains out there that does not have a AAAA record.
My ISP gives me full IPv6 access and I run dual stack. I don’t block any hosts that do not have an IPv6 address, that would be silly.
But every other DNS lookup that only resolves to an IPv4 address does not result in additional lookups that get the .lan attached.
So, I don’t know what causes this behavior. I think it is something about NetworkManager. It uses this FQDN for checking network connectivity and I think it does additional weird things when it receives only an IPv4 but not an IPv6 address when checking for connectivity. This additional weird stuff does not happen for normal DNS lookups.
I am on xfce unstable and the recent Network Manager update on 2/26/2021 removed my interval setting in /usr/lib/NetworkManager/conf.d/20-connectivity.conf . I put interval = back to 36000, however, it is still pinging archlinux.org. I am not sure what the source of aur.archlinux.org is. Hourly??? Maybe pamac?? Here is the log from asuswrt-Merlin running Diversion. Note that gaps are because it will not show while running vpn.
2021-03-02 16:33 www.archlinux.org 192.168.1.6 A Allowed
2021-03-02 16:12 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 16:12 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 16:01 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 15:38 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 15:38 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 15:37 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 15:01 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 14:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 13:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 12:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 11:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 10:06 www.archlinux.org 192.168.1.6 A Allowed
2021-03-02 10:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 08:09 www.archlinux.org 192.168.1.6 A Allowed
2021-03-02 08:00 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 07:05 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 07:05 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 07:05 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 07:01 aur.archlinux.org 192.168.1.6 A Allowed
2021-03-02 07:00 www.archlinux.org 192.168.1.6 A Allowed
The Plasma NetworkManager applet has an exclamation point next to the wifi indicator. I occasionally get the following notification, even though I clearly have Internet access:
I believe this is related to ping.manjaro.org as well.
Good point. I see you are running your own recursive DNS resolver. On my Pihole I have simply set a number of the predefined DNS providers.
I have set my Pihole as the default DNS in my lan and I get DNS requests from all the hosts in my lan on the Pihole. But, I still also get DNS requests from my router on the Pihole. This is not an issue, they get resolved normally, passed back to the router and the router passes them on to whoever queried the router for that domain. It’s the last bit of configuration hackery that I have not solved, because I don’t want any DNS requests going through my router, but it’s not a biggie.
I use Openwrt on my router and I have set my Pihole as the default DNS in the DHCP/DNS settings and as the custom DNS for each applicable interface.
The ping.manjaro.org AAAA record gives me a NODATA response as well, so that’s not the issue.
When looking at the ping.manjaro.org.lan requests, they are only for the AAAA record, never for the A record. They only come directly from my Manjaro machines and not via the router. They get a NXDOMAIN response, so that’s correct.
The two main issues are:
where is that .lan appended to the DNS requests… I don’t know and it could well be configuration error on my end, but it never misbehaved with the previous setting for the Arch Linux domain which does resolve to an IP address for the AAAA record
the request for ping.manjaro.org.lan gets passed on to the authoritative DNS resolvers I have set and this most likely is something I can prevent in Pihole, but have not yet figured out how.