Devices on network lose IP(v4) address after switching DHCP from router/modem to Pi-Hole

Help
1

Please follow the below template, it will help us to help you!

Expected Behaviour:

Having Pi-Hole provide IP addresses and DNS.

Actual Behaviour:

After stopping the DHCP server on my modem/router (ISP supplied) and enabling DHCP in Pi-Hole, devices on the network lose their IP address. Even reaching the Pi-Hole becomes impossible...

Debug Token:

https://tricorder.pi-hole.net/asjebohb0i
(in this setting, DHCP is switched back on on the router/modem and switched off on the Pi-Hole - installed on a Raspberry Pi Zero W, installation occurred this weekend)
The Pi-Hole has been assigned a static IP address (192.168.1.27), the router is at 192.168.1.1.
I can't set the dns on the provider-supplied router/modem

2

Additional info:

journalctl -u pihole-FTL --full --no-pager:

– Logs begin at Mon 2019-08-05 19:17:02 CEST, end at Wed 2019-08-07 08:02:54 CEST. –
Aug 05 19:30:01 raspberrypi systemd[1]: Starting LSB: pihole-FTL daemon…
Aug 05 19:30:04 raspberrypi pihole-FTL[351]: Not running
Aug 05 19:30:23 raspberrypi su[622]: (to pihole) root on none
Aug 05 19:30:23 raspberrypi su[622]: pam_unix(su:session): session opened for user pihole by (uid=0)
Aug 05 19:30:30 raspberrypi pihole-FTL[351]: FTL started!
Aug 05 19:30:30 raspberrypi systemd[1]: Started LSB: pihole-FTL daemon.
Aug 05 22:14:03 raspberrypi systemd[1]: Stopping LSB: pihole-FTL daemon…
Aug 05 22:14:04 raspberrypi pihole-FTL[3849]: Stopped
Aug 05 22:14:04 raspberrypi systemd[1]: pihole-FTL.service: Succeeded.
Aug 05 22:14:04 raspberrypi systemd[1]: Stopped LSB: pihole-FTL daemon.
Aug 05 22:14:04 raspberrypi systemd[1]: Starting LSB: pihole-FTL daemon…
Aug 05 22:14:05 raspberrypi pihole-FTL[3890]: Not running
Aug 05 22:14:05 raspberrypi su[3932]: (to pihole) root on none
Aug 05 22:14:05 raspberrypi su[3932]: pam_unix(su:session): session opened for user pihole by (uid=0)
Aug 05 22:14:06 raspberrypi pihole-FTL[3890]: FTL started!
Aug 05 22:14:06 raspberrypi su[3932]: pam_unix(su:session): session closed for user pihole
Aug 05 22:14:07 raspberrypi systemd[1]: Started LSB: pihole-FTL daemon.

sudo netstat -tulpn:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 465/lighttpd
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3941/pihole-FTL
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 501/sshd
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 3941/pihole-FTL
tcp6 0 0 :::80 :::* LISTEN 465/lighttpd
tcp6 0 0 :::53 :::* LISTEN 3941/pihole-FTL
tcp6 0 0 :::22 :::* LISTEN 501/sshd
tcp6 0 0 ::1:4711 :::* LISTEN 3941/pihole-FTL
udp 0 0 0.0.0.0:5353 0.0.0.0:* 286/avahi-daemon: r
udp 0 0 0.0.0.0:58119 0.0.0.0:* 286/avahi-daemon: r
udp 0 0 0.0.0.0:53 0.0.0.0:* 3941/pihole-FTL
udp 0 0 0.0.0.0:68 0.0.0.0:* 4906/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 4699/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 4501/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 364/dhcpcd
udp6 0 0 :::34024 :::* 286/avahi-daemon: r
udp6 0 0 :::5353 :::* 286/avahi-daemon: r
udp6 0 0 :::53 :::* 3941/pihole-FTL

For both of the above, DHCP of Pi-Hole is disabled again, DHCP of modem router is enabled. I currently use Pi-hole by setting it as DNS on 2 devices on the network but would rather use DHCP of course.

I changed resolv.conf to include
nameserver 1.1.1.1
nameserver 1.0.0.1
instead of nameserver 127.0.0.1

3

Did you restart your devices or manually renew the DHCP leases after switching the servers? Try making a debug token and providing the other outputs when DHCP is enabled on Pi-hole.

4

Restarting devices on the network has the effect that they cannot connect anymore, or if they can, they get an IP address totally out of range. e.g. this computer has an internal IP address of 192.168.1.9 but after the change, it is in the range 169.x.x.x

Bizarrely, when I keep my laptop on when switching, the problem only starts to occur after about 20 minutes.

To respond to your question re:debug when DHCP is enabled: I could do this when DHCP is also enabled on the router, once only the Pi-Hole has DHCP enabled, and the connection goes down, I cannot connect to the Pi anymore.

5

This indicates that the client could not get an IP from the DHCP server, and self-assigned this IP range.

6

@Mcat12: I'll replicate the issue again tonight after work and will bring a screen, mouse and keyboard so I can literally connect to the Pi Zero W itself and debug. This will allow me to share the results over here.

@jfb: indeed, that was my assumption as well. Additionally, I noticed that during the period between switching over DHCP from the modem/router to the Pi-Hole (when the devices on the network temporarily still work), the same laptop only seems to have an IPv6 IP address. So I guess that confirms the fact that the client couldn't get an IPv4 address from the DHCP server...

Thanks for the help already and I'll be back with more input tonight!

7

@Mcat12 : just tried to switch DHCP from my router to the Pi Hole.
When performing pihole -d over ssh, I agreed to upload the log. At that point, my laptop got thrown off the network.

I did copy the result:

[... removed ...]
Connection reset by 2a02:a03f:54d2:8300:29fb:9f29:699e:7ed9 port 22
8

Is this line still from the debug log or is it rather from your ssh connection to your Pi-hole? Pi-hole's tricorder should not try to upload to port 22.

What do you mean exactly?

Thrown out as in

  • lost connection to the Pi-hole
  • lost connection to everything (in the home network)
  • lost connection to everything (incl. the entire Internet)
  • the laptop displayed that the network cable was unplugged
  • [substitute something else]
9

@DL6ER: The connection reset was from the ssh connection indeed.

Thrown out meant: laptop lost connecting to everything including the home network (and all devices on it such as the Pi-Hole and router/modem). At that point, the IP address of the laptop is not anymore in the 192.168.1.x range but 169.x.x.x .

Typically, what happened, occurs 10 to 20 minutes after switching DHCP from router to Pi-Hole.

Bizarrely, after the first install, I was able to use the Pi-Hole as DHCP provider for a longer period (perhaps the duration of the length of the lease as set in the modem/router at 3600s). Ever since, I've done pi-hole -r a couple of times at least and I've re-installed Pi-Hole as well...

For reference, the router is a Sagem device, called BBox3 by my Belgian internet provider Proximus.

10

Okay, so this means you Pi-hole DHCP server is either

  1. not starting up, or
  2. not replying to requests, or
  3. your laptop doesn't accept the DHCP offer.

It would not be the first time we see routers eat away DHCP packets in the network that are not sent by himself (some Google routers do this as well!). In order to determine if this is the reason, please:

  1. Add log-dhcp to a file like /etc/dnsmasq.d/99-debug.conf and sudo service pihole-FTL restart
  2. Switch the DHCP server over, wait some time or forcefully request a new lease by unplugging/replugging the laptop's Ethernet cable.
  3. Do whatever is necessary to reconnect to the Pi-hole and check /var/log/pihole.log if you see any DHCP related packets.

If you see some, then we can work on this. If you don't see any incoming DHCP requests, then it's likely that your router is trying to "protect" you from using anything else than itself as DHCP server. There isn't much option in this case.
However, what just came to my mind: You may want to try connecting both the laptop and the Pi-hole using a separate Ethernet switch (can be a very cheap one). You don't even need to connect to the router. By this, your laptop should get an IP address in the 192.168. range. If this works, the Pi-hole DHCP server is working as expected. Connect the switch now to the router and reconnect all devices. If everything works out, the switch should broadcast your DHCP requests to all devices and the router has no way of destroying it before it reaches your Pi-hole. However, so far, this is all theoretical considerations but it may be a way to go forward.

11

Thanks for the quick response! Will do so and report back!

Btw, the laptop is on WiFi (if that would matter...)

12

Just switched over.

Some further observations: in the DHCP part of PiHole dashboard, I see this line:
B8:27:EB:4F:89:4A 192.168.1.60 raspberrypi
Now, the pi has the IP address of 192.1.2 , connected to this MAC: 00:0e:aa:00:91:u5272: (according to the router etc)
Could this be linked to the cause?

13

I don't really think so. You can reset the leases with

sudo service pihole-FTL stop
sudo rm /etc/pihole/dhcp.leases
sudo service pihole-FTL start
14

Thanks!

Bizarrely, things are currently still running after switching DHCP.
Even managed to upload the debug log without issues: https://tricorder.pi-hole.net/4ftoobydfw

I ran ipconfig /renew on the laptop and switched off and on the WiFi to be sure.
No issues for now.

Need to go out for a bit but will report back once I get back in.

16

Not sure if it is fully solved, here's an update:

Came back after being out for a couple of hours.
My girlfriend's laptop was started first, and it took her a while to get a working connection (I wasn't around so no more detail).
When I got home, my laptop and smartphone both had intermittent connections to the wifi (which usually is very strong). after a while, a stable connection occurred but no connection to the internet.
All of a sudden mails started coming through, and a couple of minutes after that, full connection came.

So, currently:

  • All devices have a working connection
  • the connection occasionally drops (as in: connection to wifi is gone OR connection to the network remains yet without internet access)
  • the load on the raspberry remains high:
    pihole%20load
    pihole%20load3200×1800 571 KB
  • I just tried to connect to the pihole over ssh and as a result, I lost internet connection again. It just came back...
17

You may have some bad hardware somewhere. Whatever the Pi-hole does it can never cause

The other issues still sound as if your Internet connection is rate-limited - at least on port 53. This is in agreement with the tests we did earlier. I left a loop running some while in the background, I queried 8.8.8.8 almost 25.000 in about 6 minutes - not a single error or timeout, I always received a valid reply.

Under these conditions you cannot use unbound reliably and I recommend to switch to another (external) DNS provider until you can clarify what is causing this limitation.

18

Could the WiFi/connection issues be linked to the below? there are a LOT of IPv6 addresses, or is this normal?
This is the result of an ipconfig command in Windows:

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : lan
IPv6 Address. . . . . . . . . . . : 2a02:a03f:541b:8400::102
IPv6 Address. . . . . . . . . . . : 2a02:a03f:541b:8400:bc8f:63a5:f74:9e07
IPv6 Address. . . . . . . . . . . : 2a02:a03f:54d2:8300::102
IPv6 Address. . . . . . . . . . . : 2a02:a03f:54d2:8300:bc8f:63a5:f74:9e07
Temporary IPv6 Address. . . . . . : 2a02:a03f:541b:8400:944:ba49:405e:7c2a
Temporary IPv6 Address. . . . . . : 2a02:a03f:54d2:8300:944:ba49:405e:7c2a
Link-local IPv6 Address . . . . . : fe80::bc8f:63a5:f74:9e07%4
IPv4 Address. . . . . . . . . . . : 192.168.1.122
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::4a83:c7ff:fe03:8b7%4
192.168.1.1

19

Yes, everything seems okay. You received several IPv6 prefixes from your ISP, but it can look much "worse" (I, for instance, have more than twelve IPv6 addresses on some devices in a health IPv6 network).

20

OK, thanks.

I just copied a part of the pihole.log in a text file (as this keeps growing)
Does this help in any way?pihole.txt (83.2 KB)

21

This error appears 38 times in your log output. I would get this sorted out.

Aug 11 19:01:56 dnsmasq-dhcp[13021]: not giving name raspberrypi to the DHCP lease of 192.168.1.60 because the name exists in /etc/hosts with address 127.0.1.1