Help me to understand why DHCP does not work

harryqt · September 22, 2024, 6:45pm

My ISP gives me a LAN cable, which is connected to a 4 port switch.
From that switch, one cable is connected to Rpi4 (Debian 12 and Docker) and another cable connected to Windows PC.

My goal is to make Rpi4 work as router.
So devices such as Windows PC will get IP from Pihole, and connect to Internet.

In order to connect to Internet, my ISP have requirement to set the exact static ip.

So /etc/network/interfaces looks like this:

iface eth0 inet static
  address 10.102.132.52/24
  gateway 10.102.132.1
  dns-nameservers 10.102.132.1

Upon setting this, my internet works on Rpi4.

Now i installed, docker-pihole and compose.yaml looks like this:

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    network_mode: "host"
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: 'changeme'
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    cap_add:
      - NET_ADMIN
    restart: unless-stopped

From the Pihole dashboard, I enabled DHCP server, and set range 192.168.10.100 to 192.168.10.150 and gateway to 192.168.10.1

Upon saving, I tested if Windows machine, can get IP, it did not.
I tried to ping 192.168.10.1 from Rpi, but did not work which is obvious, because 192.168.10.1 was not assigned to any host.

So, I updated my, interfaces file to this:

iface eth0 inet static
  address 10.102.132.52/24
  gateway 10.102.132.1
  dns-nameservers 10.102.132.1

iface eth0:1 inet static
  address 192.168.10.1/24

Now, I can ping 192.168.10.1 from host (pi4) itself, and DHCP also works.
My Windows machine, gets ip successfully, such as 192.168.10.145; where gateway and dns gets set to 192.168.10.1

Ping to 8.8.8.8 from windows machine works. But when I try to open page such as example.com, the page do not open.

I instantly thought, pihole dns was not working, but upon checking query log, I could see Windows machine requested example.com and it was resolved, but still I can not browse internet from Windows machine.

net.ipv4.ip_forward=1 is set on /etc/sysctl.conf

I do not have any firewall installed. What am I doing wrong?
Do I need other traffic forwarding techniques?

My best guess is, dns replies not reaching back to Windows machine.

Bucking_Horn · September 22, 2024, 7:08pm

Why?

Which of your devices is 192.168.12.1 and which is 10.102.132.1?

Why did you put DHCP on 192.168.12.0/24 when your host machine is 10.102.132.52/24?

harryqt · September 22, 2024, 7:14pm

I've very mild understanding of network.

Host machine is 10.102.132.52/24 because otherwise host will not connect to internet, so that is a must.

If i set dhcp range 10.102.132.100-150, then device will get ip of say 10.102.132.140, then how will internet work on that device? because my isp, only have internet on 10.102.132.52/24

I want my devices internet traffic exit through host.

Bucking_Horn · September 22, 2024, 7:36pm

You did not answer any of my questions.

harryqt · September 23, 2024, 5:14pm

Yes. This are related to earlier question. Earlier I was trying on Rpi3 where even DHCP was not working.

Today, I tried on Rpi4b, where my Windows machine successfully gets IP from Pihole.

I put DHCP on 192.168.10.0/24 subnet instead of 10.102.132.0/24 because the later was given from my ISP.

I'm having hard time understating everything, perhaps you can simplify the questions for me? Oh and you can close the previous question (or merge this).

I would love to get some understanding on what is going wrong.

Bucking_Horn · September 23, 2024, 5:55pm

I very much doubt that.

Your ISP may have assigned a public IPv4 address and/or a public IPv6 prefix to your router.

192.168.12.0/24 as well as 10.102.132.0/24, however, are private IP address ranges, and it would be your router that assigns clients in your network an IP address from such a private range, announcing its own IP from that range as a gateway.
A gateway is important for public Internet connectivity: While clients connected to your router can talk to each other directly, they will have to send all other traffic towards their known gateway.

The important thing thus would be to know whether your router would assign 10.102.132.0/24 or 192.168.12.0/24, or both.

Since your machine hosting Pi-hole is 10.102.132.52, I'm going to assume that at least 10.102.132.0/24 is a range handled by your router, and that you've invented 192.168.10.0/24 yourself for no obvious reason.

If that would be the case, 10.102.132.1 would be your router/gateway, according to your interfaces file:

Commonly, routers would offer a web UI for configuration, usually including their DHCP server settings.
You should also be aware that enabling Pi-hole's DHCP server is commonly not required at all, since routers run a DHCP server already. Furthermore, enabling Pi-hole's DHCP server would require you to disable your router's DHCP server first.

You should try to access your router's web UI at http://10.102.132.1, but if that doesn't work, I'd urge you to ask your ISP for details on how to configure their equipment.

harryqt · September 23, 2024, 6:23pm

Correct. The actual public ip is 103.157.X.X

Correct.

But I don't have any router, the only thing provided by my ISP is a LAN cable. They might have routers on their end.

So, you want me to set DHCP range 10.102.132.0/24 and gateway set to 10.102.132.1?

If yes then, how traffic will be routed? Because 10.102.132.52/24 only have internet capability and also binded to Pi mac address. (set by isp)

Say Windows machine gets ip 10.102.132.112 from dhcp (pihole), then, how will internet work?

Bucking_Horn · September 23, 2024, 6:29pm

Those questions would best be asked at your ISP's support.

If they do assign you a single private range IP without issuing a router, they should also provide you with detailed instructions on how they'd want you to setup your private network.

Bucking_Horn · September 23, 2024, 6:34pm

A post was merged into an existing topic: DHCP gets IP, DNS, but can't browse Internet