Please follow the below template, it will help us to help you!
Expected Behaviour:
PiHole to server IP addresses.
Actual Behaviour:
PiHole doesn't service IP Addresses.
Windows 10 test client reports: An error occurred while renewing interface Ethernet 2 : unable to contact your DHCP server. Request has timed out.
PiHole fails to upload debug log.
I am trying to migrate from a PiHole Raspberry Pi image to a the PiHole docker image. I used the following to create the container:
sudo docker run -d
--name=pihole
-p 53:53/tcp -p 53:53/udp
-p 67:67/udp
-p 8081:80
-v /opt/docker/pihole/config:/etc/pihole/
-v /opt/docker/pihole/dnsmasq.d/:/etc/dnsmasq.d/
-e ServerIP="192.168.2.179"
-e TZEurope/London
-e WEBPASSWORD=
--restart=unless-stopped
--cap-add=NET_ADMIN
pihole/pihole:v4.0_armhf
I have ensured the original Pi running PiHole is switched off and unplugged. The original Pi worked and served IP addresses. It is running v3 of PiHole.
Both old and new are identical versions of Pi 3s running Rasbian 9 Stretch.
uname -a: Linux RPi3-Home1 4.14.52-v7+ #1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux
I see the following logged in the debug trace:
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
172.17.0.2/16 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
And the following in the pihole.log:
Sep 3 09:51:53 dnsmasq-dhcp[479]: no address range available for DHCP request via eth0
Not sure if this is relevant though as I get the same problem without the logs when the container is run with --net=host.
Hi thanks for getting back to me, the details are as follows (paths updated to point to container configuration where necessary).
cat /opt/docker/pihole/config/local.list
192.168.2.179 b511b8ab4921
192.168.2.179 pi.hole
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:98:70:9e brd ff:ff:ff:ff:ff:ff
inet 192.168.2.179/24 brd 192.168.2.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::60d0:6f8:7ebb:c7c4/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether b8:27:eb:cd:25:cb brd ff:ff:ff:ff:ff:ff
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:fc:bc:e6:8b brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet 169.254.195.237/16 brd 169.254.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::8153:9b86:6046:6b5e/64 scope link
valid_lft forever preferred_lft forever
5: br-038b4653774a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:3b:73:01:67 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-038b4653774a
valid_lft forever preferred_lft forever
inet 169.254.3.95/16 brd 169.254.255.255 scope global br-038b4653774a
valid_lft forever preferred_lft forever
inet6 fe80::cfb3:2510:12a2:13b/64 scope link
valid_lft forever preferred_lft forever
7: vethf385d1a@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-038b4653774a state UP group default
link/ether 5e:21:65:46:d8:de brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 169.254.208.60/16 brd 169.254.255.255 scope global vethf385d1a
valid_lft forever preferred_lft forever
inet6 fe80::5c21:65ff:fe46:d8de/64 scope link
valid_lft forever preferred_lft forever
9: veth1c9d9b3@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-038b4653774a state UP group default
link/ether fe:94:2c:31:58:2c brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet 169.254.173.64/16 brd 169.254.255.255 scope global veth1c9d9b3
valid_lft forever preferred_lft forever
inet6 fe80::cf4d:2902:c620:e75c/64 scope link
valid_lft forever preferred_lft forever
11: vethcfe7909@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-038b4653774a state UP group default
link/ether 52:35:fc:22:b6:86 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet 169.254.139.248/16 brd 169.254.255.255 scope global vethcfe7909
valid_lft forever preferred_lft forever
inet6 fe80::4e45:ba18:88ad:3ebe/64 scope link
valid_lft forever preferred_lft forever
13: veth71f8de3@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-038b4653774a state UP group default
link/ether 2e:52:96:d1:17:df brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet 169.254.34.57/16 brd 169.254.255.255 scope global veth71f8de3
valid_lft forever preferred_lft forever
inet6 fe80::3abb:e764:5108:af4e/64 scope link
valid_lft forever preferred_lft forever
15: vethc15f6fa@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-038b4653774a state UP group default
link/ether 96:8b:e5:b1:7b:7e brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet 169.254.37.40/16 brd 169.254.255.255 scope global vethc15f6fa
valid_lft forever preferred_lft forever
inet6 fe80::948b:e5ff:feb1:7b7e/64 scope link
valid_lft forever preferred_lft forever
25: veth6d1c593@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 7a:da:84:88:fb:c1 brd ff:ff:ff:ff:ff:ff link-netnsid 5
inet 169.254.194.27/16 brd 169.254.255.255 scope global veth6d1c593
valid_lft forever preferred_lft forever
inet6 fe80::7fe3:14a5:cbb6:f4b3/64 scope link
valid_lft forever preferred_lft forever
cat /etc/resolv.conf
Generated by resolvconf
domain SKYNET
nameserver 192.168.2.180
cat /opt/docker/pihole/dnsmasq.d/01-pihole.conf
Pi-hole: A black hole for Internet advertisements
(c) 2015, 2016 by Jacob Salmela
Network-wide ad blocking via your Raspberry Pi
http://pi-hole.net
dnsmasq config for Pi-hole
Pi-hole is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 2 of the License, or
(at your option) any later version.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf #
# #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE #
# OR IN /etc/dnsmasq.conf #
###############################################################################
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries=extra
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=8.8.8.8
server=8.8.4.4
domain-needed
bogus-priv
interface=eth0
Just a shot in the dark: have you enabled, or added restrictive rules to the firewall? I remember I had to add allow rules for DHCP when my pihole was serving requests.
'Chain INPUT (policy ACCEPT)' and 'Chain OUTPUT (policy ACCEPT)' have nothing.
There are some items under 'Chain FORWARD (policy DROP)' and DOCKER specific chains (DOCKER, DOCKER-ISOLATION-STAGE-1, DOCKER-ISOLATION-STAGE-2 and DOCKER-USER).
Its peculiar. All I wanted to do was to move my old PiHole (v3) install from using a Pi all to itself to a Docker Container install on another Pi, upgrading to v4 of PiHole at the same time.
I first tried to use Teleporter to copy the DHCP configuration including static IPs but it only copied the configuration, not the static IPs. So I copied the contents of the 04-pihole-static-dhcp.conf to the new configuration.
With or without the copied DHCP configuration, it doesn't want to work.
The Pi-Hole appears to be listening for DNS queries on 192.168.0.2 per the debug log.
The name server for the Pi-Hole in /etc/resolv.conf is domain SKYNET on IP 192.168.2.180.
I'm not a docker user, but on a Pi-Hole install on a Pi, the name server is the loopback IP (127.0.0.1) and the Pi listens for DNS queries on its statically assigned IP address.
Thanks for the info @jfb I will try to look into why when the docker container was created it set the name-server to that other IP address (which just happens to be my current PiHole Pi IP address).
Maybe something I put in when creating the image, but I doubt it as I create the docker container create/run command in a text editor before copying it to the Pi and running the command, so I can see exactly what the last create/run command was.
I will try creating the image completely from scratch, see if there is more than just docker rm the container to ensure any old details are removed!
I have tried creating a brand new Rasbian Stretch image and only installed docker and the pihole/pihole:v4.0_armhf container configure to run in net host configuration and this works.
I am assuming that when the docker container is created it copies some of the host OS settings, and in my case they where wrong. See resolv.config comments above.
When I try to run the pihole container in dockers default net bridged mode DHCP does not work and I get the diagnostic error:
[✓] IPv4 address(es) bound to the eth0 interface:
172.17.0.2/16 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
And the run time error:
dnsmasq-dhcp[479]: no address range available for DHCP request via eth0
I will continue to run it in net host mode as this works but I would prefer it to be run in bridged mode.
Thanks for all your help for getting me to understand the problem...