Utilizing advanced config to support local network vlans and pihole DHCP reservations for those vlans.
I have created custom config file in /etc/dnsmasq.d/
I have defined my dhcp-range-sets for my multiple vlans. (these are in addition to the DHCP range defined within the pihole webadmin)
I have defined my dhcp-options for each of the vlans specified in the dhcp-range-sets as well. (defined gateway for each vlan)
Actual Behaviour:
Pihole DHCP recognizes vlans.
DHCP works for vlans.
DHCP reservations work for wired clients that have switch port tagged for vlans. (I haven't tested a wired client connected to an untagged port at this time)
Wifi connected clients default to main subnet (DHCP set) defined in pihole web gui even though a DHCP reservation exists for another vlan configured in the pihole web gui.
I suspect that due to my wifi traffic being untagged the pihole server defaults to offering the default DHCP set even though a DHCP reservation exists defining the IP for another vlan.
I am looking for suggestions to allow me to update my configuration to utilize the pihole DHCP server. I believe I don't fully understand the negotiation of my wifi clients and the pihole dhcp server.
Thanks to the community for any help that does come my way.
You may want to add log-dhcp to your custom config file. This will print more information into /var/log/pihole.log. Don't forget to restart pihole-FTL after this change.
What I see in those logs is the pihole DHCP offering the default pihole web gui defined subnet to the wifi client. I would have assumed that the wifi client would receive the reservation defined in DHCP reservations for the different vlan subnet I have configured in:
So I think what happens prior to looking at the reservations is the pihole DHCP server sees where the client is coming from; in my case an untagged subnet and therefore it determines the range of IPs available is the default DHCP range and assigns next free IP. I see this happen in the pihole.log.
In the case of my wired client that was on a tagged vlan port of a switch the pihole DHCP server sees it coming in from that vlan and then knows to look up the vlan DHCP range from my custon config in /etc/dmasq.d/ and offers the respective free IP from that range or checks DHCP reservation from that respective range which it does and my wired client receives it's DHCP reservation.
I think the pihole DHCP implementation is just too simple for my needs and I will most likely revert to my router handling DHCP. It appeared in the beginning that this was going to work and was simple enough to setup the vlans. I just ran into a roadblock with my wifi clients.
You don't need to stay with our simple implementation. Just disable DHCP on the settings page and do all the configuration yourself in a custom config file. You won't be able to manage stuff on the DHCP settings tab, however, you should be able to setup your network like you want it to work.
If your router does support setting a custom DNS server (I assume so if it is intelligent enough to manage the VLANs), then there is little to no point in using the Pi-hole's integrated DHCP server. I added this rather simple implementation about three years ago because I got a new ISP router that would not allow me to set a custom DNS server. The only option was to enabled/disable DHCP altogether. Hence, I was in need for an improved DHCP server which is why I added this simple one.
Nowadays, I use a more powerful router in between my ISP router and the rest of my network (mainly because I use some special IPv6 firewall rules). I do not use the Pi-hole DHCP server myself anymore, however, I know that there are many out there who do.
@DL6ER I was keen to experiment with the pihole and wanted to see if I could get it to work with the gui. I can handle what I need with my router. I was close to making it work. I agree if I hadn't tried to use the gui I could have gotten by with the custom config files.
I will move onto figuring out how to fine tune my whitelists and blocklists as I was a little OCD with the DDG searches and 'blocklist|REGEX" searches that I added as much as I could and now I am going back to fix everything I broke. Most of your messages sent to me are just giant white blobs..not sure yet what the pihole is blocking there. I will concentrate my efforts here to continue learning.
Thank you for taking the time to respond to my query and I look forward to enjoying community and experimenting further.
I agree if I hadn't tried to use the gui I could have gotten by with the custom config files.