dhcp fails on multi-address port - eth0:2

I have pi-hole on raspberry pi4b with this configuration in /etc/dhcpcd.conf

interface eth0
  static ip_address=192.168.254.123/24
  static routers=192.168.254.254
  static domain_name_servers=192.168.254.123

interface eth0:1
  static ip_address=192.168.254.123/24
  static routers=192.168.254.254
  static domain_name_servers=192.168.254.123

interface eth0:2
  static ip_address=192.168.252.123/24
  static routers=192.168.252.254
  static domain_name_servers=192.168.252.123

This I have a sub-net of cameras on 252 that are prevented from connecting to the internet, where the DSL router is at 254.

$ ip address show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether dc:a6:32:c4:2f:bc brd ff:ff:ff:ff:ff:ff
    inet 192.168.254.123/24 brd 192.168.254.255 scope global eth0:1
       valid_lft forever preferred_lft forever
    inet 192.168.252.123/24 brd 192.168.252.255 scope global eth0:2
       valid_lft forever preferred_lft forever
    inet6 fe80::2ab4:46ee:68a2:8f7e/64 scope link 
       valid_lft forever preferred_lft forever

Now I want to turn on the pi-hole DHCP server, and have it serve out a mask other than 255.255.255.0 and disable the DSL DHCP, but get errors:

 DNSMASQ_WARN   dnsmasq warning:
   using interface eth0 instead
 DNSMASQ_WARN   dnsmasq warning:
   DHCP packet received on eth0 which has no address
        No DHCP context has been configured for this interface. Check your DHCP settings.

$ sudo pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers and IPv6 routers
Timeout: 6 seconds

Error: Could not bind socket to interface eth0:1 (No such device)
Error: Could not bind socket to interface eth0:2 (No such device)
No answer on eth0:2
No answer on eth0:1

$ sudo grep dhcp /var/log/pihole/pihole.log
Feb 11 12:19:59 dnsmasq-dhcp[751]: DHCP, IP range 192.168.252.17 -- 192.168.252.23, lease time 1h
Feb 11 12:20:40 dnsmasq-dhcp[751]: DHCP packet received on eth0 which has no address
Feb 11 12:20:41 dnsmasq-dhcp[751]: DHCP packet received on eth0 which has no address

So is the dual-address naming a problem, or something else I’m missing?

Thank you

This seems to be a network configuration issue rather than a Pi-hole one.

You should probably be aware that dhcpcd isn't used anymore by RaspberryPi OS since RPi OS 12/bookworm. Depending on your OS release, dhcpcd.conf may be without effect.

Even if it would be, dhcpcd would only configure network details (like IP address assignments) for existing interfaces. Specifically, it would not create interfaces itself.

And it would seem that something didn't get created as intended, as your ip address output doesn't list an un-aliased IP for eth0.

Furthermore, that output suggests you're managing those additional IPs via long obsolete IP-aliasing from net-tools, instead of adding them via iproute2 commands.

Given your intention of running Pi-hole as DHCP server for several VLANs, just adding additional IP addresses to an interface may not be adequate anyway.
Depending on how your router would handle those VLANs, and how your RPi is connected to your router, you may have to tag your IP addresses accordingly, and/or create additional virtual interface devices (not just IPs).

All of the above would be completely out of Pi-hole's scope.

My Raspbian version is 10.13 with kernel 5.10.103-v7l+. I can accept the problem is with the network configuration and not specifically pi-hole. I just need to get my dhcpcd.conf edited correctly then.

As I understand it, I have one interface, eth0 , with 2 addresses, that is called an aliased IP? I don’t have the router configured as a vlan, that would block what I’m doing. The switch is only routing 2 networks to various locations. pi connects to both, I connect to both remotely, but the cameras aren’t told how to get to the internet.

I’ll go search for iproute2 commands and how to create a correct alias.

I don’t know what a correctly aliased ip address needs to look like to work.

Thanks for putting me on the right path.

You cant serve different DHCP scope's/ranges from a single physical interface bc of the broadcast nature of DHCP packets.
Either you add physical interfaces (one for each scope/VLAN),
or create virtual VLAN aware interfaces and configure the single connected switch port for "tagged" traffic.
iproute2 examples below for configuring reboot persistent via ifupdown(3), or systemd-networkd(4), or NetworkManager(5.1) but no dhcpcd:

https://www.baeldung.com/linux/vlans-create

$ dpkg -L iproute2 | grep bin/
/bin/ip
/bin/ss
/sbin/bridge
/sbin/dcb
/sbin/devlink
/sbin/rtacct
/sbin/rtmon
/sbin/tc
/sbin/tipc
/sbin/vdpa
/usr/bin/lnstat
/usr/bin/nstat
/usr/bin/rdma
/usr/bin/routel
/usr/sbin/arpd
/usr/sbin/genl
/sbin/ip
/usr/bin/ctstat
/usr/bin/rtstat

I should’ve said, I’ll go work on this, fearing that referenced a newer package.

Yes I do have iproute2 and am using ip

I edited dhcdcd.conf, removing 5 lines but editing almost nothing, added dhcpcd.enter-hook which was not in examples I had previously searched, and restarted dhcpcd.service, pihole-FTL, and now it works.

$ sudo pihole-FTL dhcp-discover
Scanning all your interfaces for DHCP servers and IPv6 routers
Timeout: 6 seconds

Error: Could not bind socket to interface eth0:2 (No such device)
* Received 303 bytes from 192.168.252.123 @ eth0
  Offered IP address: 192.168.252.22
  Server IP address: 192.168.252.123
  Relay-agent IP address: N/A
  BOOTP server: (empty)
  BOOTP file: (empty)
  DHCP options:
   Message type: DHCPOFFER (2)
   server-identifier: 192.168.252.123
   lease-time: 86400 ( 1d )
   renewal-time: 43200 ( 12h )
   rebinding-time: 75600 ( 21h )
   netmask: 255.255.252.0
   broadcast: 192.168.254.255
   dns-server: 192.168.252.123
   domain-name: "lan"
   ntp-server: 192.168.252.123
   router: 192.168.252.123
   --- end of options ---

Received 1 DHCP (IPv4) and 0 RA (IPv6) answers on eth0
No answer on eth0:2

No I don’t have 8021q module installed. Yes I understand DHCP broadcasts to 0.0.0.0 and I can only have 1 server on the visible network. This is fine for what I’m needing. I can continue tinkering with it, since eth0:2 has persisted past the restart despite not being in either conf file, (but not reboot, yet).

Thank you

The broadcast destination is 255.255.255.255 for the initial DHCPDISCOVER or DHCPREQUEST:

$ sudo tcpdump -ntvvvi any udp port 67
[..]
eth0  B   IP (tos 0x10, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 338)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from ee:1b:34:XX:XX:XX, length 310, xid 0xa407c24f, Flags [none] (0x0000)
[..]
            DHCP-Message (53), length 1: Request

Sorry, I was thinking of the mask. That’s what I should’ve wrote.

Oh one more thing, you most likely wont have to install the vlan package!
I believe its already default included for most distros:

$ sudo modinfo 8021q
filename:       /lib/modules/6.1.0-37-amd64/kernel/net/8021q/8021q.ko
[..]

$ dpkg -S 8021q.ko
linux-image-6.1.0-37-amd64: /lib/modules/6.1.0-37-amd64/kernel/net/8021q/8021q.ko

$ sudo modprobe 8021q
$

$ lsmod
Module                  Size  Used by
8021q                  40960  0
[..]

$ sudo rmmod 8021q
$

Along the same line, below from that site is not correct:

Firstly, let’s install the vlan package using apt:

$ sudo apt-get install vlan

This package contains the 8021q kernel module we need to connect to a VLAN.

It doesnt

$ apt-file list vlan
vlan: /etc/network/if-post-down.d/vlan
vlan: /etc/network/if-pre-up.d/vlan
vlan: /etc/network/if-up.d/ip
vlan: /sbin/vconfig
vlan: /usr/share/doc/vlan/NEWS.Debian.gz
vlan: /usr/share/doc/vlan/TODO
vlan: /usr/share/doc/vlan/changelog.gz
vlan: /usr/share/doc/vlan/copyright
vlan: /usr/share/man/man5/vlan-interfaces.5.gz
vlan: /usr/share/man/man8/vconfig.8.gz

$ apt depends vlan
vlan
  Depends: iproute2

$ apt show vlan
[..]
Description: ifupdown integration for vlan configuration
 This package contains integration scripts for configuring vlan
 interfaces via ifupdown (/etc/network/interfaces).
 For further details see vlan-interfaces(5) man page in this package.
 .
 Please note that these integration scripts only supports a limited
 set of interface naming schemes, which means you might be better
 off with writing your own ifupdown hooks using ip(route2)
 directly in /etc/network/interfaces rather than using this package.
 .
 It currently also ships a wrapper script for backwards compatibility
 called vconfig, that replaces the old deprecated vconfig program
 with translations to ip(route2) commands.
 This compatibility shim might be dropped in future releases, please
 use ip(route2) commands directly.
 .
 Your kernel needs vlan support for this to work, see "modinfo 8021q".

Why do you have the same IP Address configured two times ?!

Time for a fresh install with the latest version (Trixie 13.x) that uses NetworkManager for it’s networking configuration

(But you could also configure everything via SystemD Networking if you want!)

No, the (obsolete) method of adding those and labelling them with alias interface names (like your eth0:1 as an alias for 192.168.254.123) is called IP-Aliasing.

If you'd add IPs to an interface with iproute2 commands, they'd show up as secondary IPs without an alias.

But for vlans, you'd typically use proper virtual interfaces (which can be created via iproute2 commands) , rather than just adding additional IPs.

However:

You'd need a router with VLAN support to manage VLANs.
If your router doesn't manage VLANs, then I'm neither sure whether you'd actually require VLANs, nor what exactly you would try to achieve.

Are you perhaps just trying to turn your Raspberry Pi into an AP (access point) for your cameras?

You should note that network configuration has become quite convoluted with the latest Raspberry Pi OS Trixie image, as RPi devs have decided to use netplan as the main network management tool, where netplan would generate configuration files for NetworkManager, and they ship a NetworkManager edition that is hard-coupled with netplan, so you wouldn't be able to use dhcpcd or systemd for network configuration OOTB.

As a consequence, configuration examples for specific networking scenarios that you find on the web may not work anymore, even if they target RPiOS 12/bookworm and above, as those would rely on using NetworkManager to handle connections, which may not work as intended anymore with netplan being the true source of network configuration, see e.g. nmcli creates nmconnection files in /run/NetworkManager/system-connections instead of /etc · Issue #3 · raspberrypi/trixie-feedback · GitHub.

Furthermore, RPi OS has also changed their 1stboot configuration to cloud-init.
You should be extra careful about picking your imaging tool to write your sd card.
It's probably safer to use the most recent RPi Imager 2 to write your SD card with Trixie and above, while keeping to use 1.9.6 and below to burn Bookworm and below images, or you may end up with undefined RPi OS behaviour (e.g. no ssh login, despite enabling ssh in RPi Imager).

W-T-F ?!?!

The whole Raspberry Pi OS story keeps getting weirder and weirder
I see more and more reasons to ditch it completely !!!

But to give you some info about what I would do in this case :

If you can remove Netplan in Ubuntu completely then you should be able to do it in Raspberry Pi OS too IMHO

I build those myself anyway so that should not be an issue…

However I do see more and more reason to finalize my SystemD Networking HowTo document on GitHUB

That has become a “Shitshow” anyway the last couple of years so what I did the last two times was simple and very basic :

• Write the image to the microSDXC card with DD on my Linux laptop.
• Boot the thing in my secondary Raspberry Pi 3B and configure everything with a keyboard and monitor attached.

I am getting tired of their nonsense more and more so it’s time to consider buying more cute little Intel Atom NUC’s instead of anything Raspberry Pi related

Some people even give away the older models for free so if you can find one… DO IT! LOL!