Plex and Pi-Hole

ahughes03 · February 24, 2017, 5:19am

Hi all, I’ve posted a question over on the Pi-Hole Discourse: https://discourse.pi-hole.net/t/allow-specific-machines-to-bypass-pi-hole/1858/

Long story short, I’m seeing A LOT of plex related queries on my DNS server (Pi-Hole, in case you didn’t know, is a neat little DNS server that blocks advertisements at the DNS level). For clarification, plex related services are not being blocked, and I don’t want them to be! That being said, I’m still curious why plex services are hitting my DNS server multiple times (anywhere from 4-20) a minute.

The query I keep seeing is 10-x-x-64.xxxxxx.plex.direct (where the 10.x.x.64 must refer to my Plex Server IP, which is the only service on that IP- since its a FreeNAS jail only running that service, and the xxxxxx refers to the unique server ID number assigned by Plex to my specific Plex server- open the xml link for one of your movies or shows and you’ll see what I mean).

I’ve allowed my Plex Server and all of my internal network Plex clients to escape my Pi-Hole DNS server (by manually setting DNS services to OpenDNS), so in theory, I shouldn’t be receiving any DNS queries on my Pi-Hole for Plex related services, but, you guessed it, they’re still there, being logged between 4-20 times a minute.

Can anyone help me to understand where these queries are coming from, and how they’re interfacing with my Pi-Hole DNS server, given that my Plex server and client machines are all using a different DNS server?

ahughes03 · February 25, 2017, 5:59pm

Quick bump in case this dropped too far down the forum posts for people to notice.

Thanks for any insight!!

PCmarcondes · April 9, 2019, 6:07pm

ahughes03, did you ever find out how to deal with it? I’m having a similar issue, my shield TV is flooding my PiHole with plex related requests to my server, even while the server is not at use…

OttoKerner · April 9, 2019, 6:22pm

It’s about ‘secure connections’ (i.e. encryption).
Every client who wants to contact the server securely, must use the server’s FQDN, which will look like the above mentioned 10-x-x-64.xxxxxx.plex.direct
Because the cryptographic certificate of your server is ‘pinned’ to that FQDN and therefore only valid that way.

So every single plex client in your network (which includes the Plex web app which you are using to administrate your server) will do these DNS lookups to find your server.

https://support.plex.tv/articles/206225077-how-to-use-secure-server-connections/

PCmarcondes · April 9, 2019, 9:33pm

Otto, do you know if there is a way to remove those lookups from the query list at PiHole?

OttoKerner · April 10, 2019, 5:57am

Sorry, I don’t know anything about this pi-hole software.

Coxeroni · April 10, 2019, 7:30am

You can’t I guess and I don’t know why you want to do it. You can search/filter the log if you are looking for something specific. Your “malware” sources are being kept up-to-date, so anything fishy will be blocked.

Saboteur777 · July 9, 2019, 6:24pm

@PCmarcondes If you run it via Docker, you can hide them with the API_EXCLUDE_DOMAINS environment variable, like this:

services:
  pihole:
    ...
    environment:
     - API_EXCLUDE_DOMAINS=*.plex.direct
    ...

If you are not running Pi-Hole with Docker, check out this thread: https://www.reddit.com/r/pihole/comments/61lhjp/is_it_possible_to_set_a_logging_ignore_list/

Topic		Replies	Views
Plex Server Hacked? General Discussions	4	140	January 7, 2020
Getting DNS requests from random IP addresses? Apps & Creations	5	95	December 21, 2019
Is Plex Server incompatible with DNSCrypt? Desktops & Laptops server-mac	7	173	September 20, 2018
Making Plex and Pihole work together? NAS & Devices server-qnap , plex-media-player	4	5436	July 5, 2019
Random domain overloading fns requests Apps & Creations	4	70	December 21, 2019

Plex and Pi-Hole

Related topics