New PiHole Macvlan docker on Synology, Admin Page timeouts

soulofdragnsfire · April 21, 2025, 10:34pm

Expected Behaviour:

After booting up the container and the network, I'd expect to be able to view the admin page using the IP address of the container, defined in the macvlan. Instead I get "the connection has timed out" messages, with no errors in the logs to give me ideas on what is missing. (Note, this worked on my previous install but can't seem to stand up on my new hardware).

Synology DSM 7.2 v3
[details="Docker compose file "]

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole

    cap_add:
      - CAP_NET_RAW
      - CAP_NET_BIND_SERVICE
      - CAP_CHOWN
      - CAP_SYS_NICE
      - CAP_SYS_TIME
    
    ports:
      - "53/tcp"
      - "53/udp"
      - "80/tcp"
      - "443/tcp"
    
    environment:
      - PIHOLE_UID=1027
      - PIHOLE_GID=65536
      - TZ=America/New_York
      - DNSMASQ_USER=root
      - FTLCONF_dns_listeningMode=local 
      - FTLCONF_webserver_api_password="RandomPassword"
      - TAIL_FTL_LOG=1
      - FTLCONF_debug_api=true
    
    volumes:
      - /volume2/docker/pihole:/etc/pihole:rw 
    
    mac_address: 8a-ca-58-b9-e9-51

    # Network configurations
    networks:
      macvlan:
        ipv4_address: 192.168.1.64
      bridge:
        ipv4_address: 192.168.72.2
    
    restart: always

# Network definitions
networks:
  macvlan:
    driver: macvlan
    driver_opts:
      parent: bond0
    ipam:
      config:
        - subnet: 192.168.1.0/24
          gateway: 192.168.1.1
          ip_range: 192.168.1.64/30

  bridge:
    driver: bridge
    ipam:
      config:
        - subnet: 192.168.72.0/24
          gateway: 192.168.72.1
          ip_range: 192.168.72.2/32

[/details]

Actual Behaviour:

the Pihole container runs, seems to have zero complaints in the output logs, but going to "http://192.168.1.64/admin/" leads to a timeout error. Sure seems like the dns blocking is actually working, but if I can't get to the admin panel, I don't trust that I can point my router at this IP and use it for DNS resolution. Any ideas?

Debug Token:

https://tricorder.pi-hole.net/tHSScA69/

rdwebdesign · April 21, 2025, 10:45pm

Why are you setting 2 different networks?

Try to remove the bridge network from your compose file and try again.

Also, the ports: section is ignored when using macvlan network. You can remove it.

soulofdragnsfire · April 21, 2025, 11:03pm

At this point, the bridge should more or less be unused as I've paired down everything "custom" from my compose like the paired Unbound container. That said, the goal is to then give a method for my synology to also be able to use the pihole for its own dns resolution. Worked before, but I can remove it and try again in a bit. Just means my other containers can't use the pihole dns.

soulofdragnsfire · April 22, 2025, 12:34am

Ok, yeah. Can confirm no change. Though since I can't run the terminal directly inside the container from the Synology UI, I can't easily upload a new debug file. Nothing seems different other than not referencing the bridge during the start up though.

system · May 13, 2025, 12:34am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.