Hello,
I have been spending the last two days trying to get a pihole container up and running on arch-arm, but it just doesn't work and I'm really not sure why. I can access the webinterface with no problems at all, but when I try to do a 'ping google.com' from within the container it doesn't resolve. Doing a 'ping flurry.com' will give a response from the localhost though
In the start I only did what the dockerhub page told me, but have tried other things now of course.
What i have done to troubleshoot
-Make sure that it has internet connectivity, I can ping IP adresses from within the container with no problem.
-Make sure the port is open on the host with nmap and netstat
-Turned off systemd resolver so docker can get access to the port
-Dig returns the A record for pi.hole as 0.0.0.0 (is this intended? or do I have to change the 'IPServer' ENV variable and if so to what?)
-Doing a pihole -d doesn't give much info other than it can't ping some random gateway, that I didn't specify anywhere, but still shows up when doing 'ip addr show'
-Mapped a resolv.conf to the container (Since the docker dns options didn't work, but apparently the --dns option isn't supposed to change the containers resolv.conf, but only the resolver for the docker engine?) Although with this i can now do a 'ping flurry.com' and it will respond from 127.0.0.1, but I still can't resolve names that are not blocked.
Questions:
Is the docker-proxy only operating on ipv6 since i can only see the relevant ipv6 ports being open when running 'netstat -tulpn'
Why does my container have three ip addresses when I do a 'ip addr show'?
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
104: eth0@if105: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
link/ether 02:42:0a:00:00:12 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.0.0.18/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
106: eth2@if107: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet 172.18.0.3/16 brd 172.18.255.255 scope global eth2
valid_lft forever preferred_lft forever
108: eth1@if109: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
link/ether 02:42:c0:a8:40:03 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet 192.168.64.3/24 brd 192.168.64.255 scope global eth1
valid_lft forever preferred_lft forever
Why can't i ping the frontend network i specified in the compose file? I can only ping the 172.18.0.3 address.
docker-compose file:
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
version: "3.7"
networks:
frontend:
ipam:
config:
- subnet: 192.168.64.0/24
services:
pihole:
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "80:80/tcp"
- "443:443/tcp"
environment:
TZ: 'Europe/Copenhagen'
WEBPASSWORD: '123'
DNS1: '1.1.1.1'
DNS2: '1.0.0.1'
INTERFACE: 'eth2'
# Volumes store your ta between container upgrades
volumes:
- './pihole/:/etc/pihole/'
- './etc-dnsmasq.d/:/etc/dnsmasq.d/'
- './resolv.conf:/etc/resolv.conf'
dns:
- 127.0.0.1
- 1.1.1.1
networks:
frontend:
ipv4_address: 192.168.64.2
If you need more info, please tell me. I am still bad at networking within docker, so I might have jsut missed something