Please follow the below template, it will help us to help you!

Expected Behaviour:

DNS request is timing out

Actual Behaviour:

DNS should be resolving

Debug Token:

I have pihole running on unraid in a docker, it is set to it's own IP (192.168.1.22).
Completely fresh install, have not done anything in the settings yet.
Note: router is opnsense (pfsense), it is running unboundDNS by default, I did not make any changes to the router DNS settings yet
I can open the interface webUI at the correct IP.

On windows 10, I can ping the pihole server:

>ping 192.168.1.22
Pinging 192.168.1.22 with 32 bytes of data:
Reply from 192.168.1.22: bytes=32 time<1ms TTL=64
Reply from 192.168.1.22: bytes=32 time<1ms TTL=64

On windows computer, If I try:

>nslookup google.com 192.168.1.22
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.22
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

If I go into the docker container and run the following:

# ping www.google.com
PING www.google.com (172.217.3.164) 56(84) bytes of data.
64 bytes from sea15s11-in-f164.1e100.net (172.217.3.164): icmp_seq=1 ttl=57 time=8.10 ms
64 bytes from sea15s11-in-f164.1e100.net (172.217.3.164): icmp_seq=2 ttl=57 time=7.58 ms
64 bytes from sea15s11-in-f164.1e100.net (172.217.3.164): icmp_seq=3 ttl=57 time=7.81 ms
64 bytes from sea15s11-in-f164.1e100.net (172.217.3.164): icmp_seq=4 ttl=57 time=8.33 ms
^C
--- www.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 7.584/7.959/8.335/0.305 ms

# dig google.com
; <<>> DiG 9.10.3-P4-Debian <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 822
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
 
;; ANSWER SECTION:
google.com. 300 IN A 172.217.3.174
 
;; Query time: 111 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Sat Jun 23 16:38:25 PDT 2018
;; MSG SIZE rcvd: 55

# dig doubleclick.com
; <<>> DiG 9.10.3-P4-Debian <<>> doubleclick.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26864
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;doubleclick.com. IN A
 
;; ANSWER SECTION:
doubleclick.com. 300 IN A 172.217.3.174
 
;; Query time: 289 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Sat Jun 23 16:38:36 PDT 2018
;; MSG SIZE rcvd: 60

# sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 423/pihole-FTL
tcp 0 0 127.0.0.11:44875 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3457/dnsmasq
tcp6 0 0 :::53 :::* LISTEN 3457/dnsmasq
udp 0 0 127.0.0.11:48224 0.0.0.0:* -
udp 0 0 0.0.0.0:53 0.0.0.0:* 3457/dnsmasq
udp6 0 0 :::53 :::* 3457/dnsmasq

The webUI does show any queries at all.

In the Docker configuration did you open ports 53 and 80/443?

I installed it from the community apps plugin which has the ports configured automatically.

The debug log can be seen here: This process collects information from your Pi-hole, and optionally uploads it t - Pastebin.com

or with token: 8982gxim34

settings are here: https://i.imgur.com/tfFqtpO.png

*** [ DIAGNOSING ]: Networking
[✗] No IPv4 address(es) found on the br0 interface.

[✗] No IPv6 address(es) found on the br0 interface.

[i] Default IPv4 gateway: 192.168.1.1
   * Pinging 192.168.1.1...
[✗] Gateway did not respond.

There may be an issue with the IP addressing. Inside the docker container it's using the bridge interface, and your tests from inside the container show that the processes are functioning on that 172 bridge IP. Accessing it from outside with the 192 network address is not being forwarded as Docker does not recognize that address. The Pi-hole image from the unraid application is not one that we created or support, that's done by the community that produced the image. But I'd take a look at how the handle IP addressing and see if that is what is causing the problems with the configuration.

Also you might check out the admin interface > Settings > DNS and try setting the listen interface to accept other traffic besides the bound interface and that may be a solution to the problem.

Awesome, thank you so much! This solved the issue. There must be an error in how the image is using the br0. Letting it accept traffic from all sources worked. Thank for helping even though my image isn't supported by the pihole devs.

BTW, since my pihole is behind a firewall that is not forwarding port 53, this should be ok right, the warning message on the side is a bit scary.

As long as you've got the pfSense firewall up you shouldn't have a problem. The warnings are just for people with the Pi-hole on an open network or with a direct internet interface. It's not an issue with your configuration.

Thanks for trying out and using the Pi-hole!

thanks, I appreciate the help! Issue can be closed!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.