Hi,
my question relates to this older discussion, which left the problem unsolved:
* I have directed the sophos xg to use my pihole as dns resolver, therefore I can see every DNS query the SophosXG makes
* Sophos XG clutters pihole with repeating DNS requests for all international google domains
* Sophos XG manages to take 70% of all DNS queries by itsself with those queries (whilst every internal devices uses pihole exclusively, so SophosXG does not even relay queries)
* I have two internal interfaces defined, one "LAN" with the Sophos as 200.200.200.1, one with 192.168.179.1 (DMZ Zone)
* Only the interface with the ip 192.168.179.1 shows up in the logs, why not the "LAN" interface, maybe that's a clue
* Deleting all FQDN host groups as suggested by the previous thread did not help
* Tried using differetn rule sets for the two zones, adding or removing webfiltering, IPS and app blocking - did not influence the queries at all
Any ideas? My Pihole even becomes slighty sluggish trying to handle the steady DNS fire from SophosXG
This thread was automatically locked due to age.
