The instructions state to remove all of the ports and add network_mode: host, but now there are a few lines in the docker compose example referring to
# Uncomment the below if using Pi-hole as your DHCP Server
#- "67:67/udp"
and
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
What should the docker compose file look like for v6 to allow for DHCP? Is adding network_mode: host no longer necessary with the new compose file?
I'm using network_mode as I don't run anything else on the ports (53, 67, 80, 443) and v6 is working fine. Both DHCP and DNS.
The relevant part of my compose looks like this.
services:
pihole:
network_mode: "host"
# ports:
# DNS Ports
# - "53:53/tcp"
# - "53:53/udp"
# Default HTTP Port
# - "8081:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
# - "443:443/tcp"
# Uncomment the below if using Pi-hole as your DHCP Server
# - "67:67/udp"
That was my interpretation of the docs, but I am far from a docker expert.
and
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
This I've left in as well.
My understanding is that network_mode: "host" deals with the traffic on all ports, as if the docker container was the host. Primarily this is an easy solution for the broadcast traffic that is DHCP.
My understanding is that network_mode: "host" deals with the traffic on all ports, as if the docker container was the host. Primarily this is an easy solution for the broadcast traffic that is DHCP.
Exactly. With a bridged docker network, you may have to find a way to forward DHCP requests into the container due to the limitations of subnet broadcast traffic.
Ended up appending the line in the documentation and the DHCP server is working as intended. The beginning of my docker compose looks like:
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
network_mode: "host"
ports:
# DNS Ports
- "53:53/tcp"
- "53:53/udp"
# Default HTTP Port
- "80:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
- "443:443/tcp"
# Uncomment the below if using Pi-hole as your DHCP Server
- "67:67/udp"
Hopefully getting the ipv6 DHCP will be easy to get running when I flash OpenWRT on my router in the next few weeks
In host network mode, the container's exposed ports are shared with the host directly, so there is no need to publish any ports in host mode.
Docker will ignore them if present.
Declaring port 67 may be necessary in certain other scenarios, e.g. if your router would support relaying DHCP requests to another DHCP server and your Pi-hole container would run in bridge network mode.
Yeah so I had to go double check to make sure I'd understood the docs. Like Bucking_Horn said it ignores it.
ubuntu@pihole:~/piholedocker$ docker compose up -d
[+] Running 2/2
✔ Container pihole1 Started 4.6s
! pihole Published ports are discarded when using host network mode 0.0s
ubuntu@pihole:~/piholedocker$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
df69f979fc5f pihole/pihole:latest "start.sh" 14 seconds ago Up 9 seconds (health: starting) pihole1
It does mean that if I need other services then I'll need to put in a different solution i.e. a DHCP relay server. But that feels too much like my day job!
Nice one, as mentioned already the ports can be removed, commented out as they are ignored. DHCPv6 should be super simple from here, just turn it on in the GUI.
I've set mine up this evening and everything works as expected. Devices are completing the DORA and SARR processes and using v4 and v6 for DNS requests
I just want to confirm: As I understand it, for the most basic scenarios (i.e. appending network_mode: "host", recomposing, enabling the DHCP server in settings, and disabling DHCP on the router), declaring port 67 will be ignored just like all the other declared ports when in host network mode. Is that correct?
