-2

I am running Pi-hole as the DNS server on our home network. There is a continuous stream of about 400 queries per minute of alternating requests for "A" and "AAAA" records from another Raspberry Pi on the network. All these queries are for the host name of the rouge Pi. In other words it is asking for it's own address.

Typical query logs look like this:

Type    Domain         Client         Status         Reply
===========================================================
AAAA    rouge.local    rouge.local    OK (cached)    NODATA
A       rouge.local    rouge.local    OK (cached)    IP
AAAA    rouge.local    rouge.local    OK (cached)    NODATA
A       rouge.local    rouge.local    OK (cached)    IP
AAAA    rouge.local    rouge.local    OK (cached)    NODATA
etc...

How do I identify what service on the rouge Pi is generating these endless queries?

I realise this could perhaps be asked instead on SuperUser or RaspberryPi or even AskUbuntu. I will move it if this is considered the wrong place to ask. Thanks all.

Nicolas
  • 201
  • 1
  • 3
  • 8

1 Answers1

1
  • List all services

sudo service --status-all

  • Disable all services

sudo service (servicename) stop

  • Verify if DNS requests have stopped. If not that's good information

  • Starts services individually to see which one sends the DNS queries

Tim
  • 31,888
  • 7
  • 52
  • 78
  • That is the logical problem solving approach. I was kind of hoping (from a learning point of view) that there was some way to identify the source directly. – Nicolas Jul 06 '20 at 19:42