I followed the following German online video tutorial very closely. Pi-Hole auf Synology - die beste Methode 2023 - Invidious However, after starting Piholes DHCP server FTL failed to start. It turned out that the NET_ADMIN capability had to be added. I replaced the Pihole Docker container via the Portainer GUI. The 'FTL failed to start' issue was thereby resolved. However, I have noticed that the Pihole does not seem to block ads. The Pihole DNS server functionality coupled with Unbound seems to work fine though. I somehow suspect that my modem/router (Vodafone Station 6) might cause some mischief but – as a matter of fact – have no clue and thus require help. Thank you in advance.
Additional Information:
IPv6 might be an issue.
root@pihole:/# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
link/sit 0.0.0.0 brd 0.0.0.0
11: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
link/ether 02:42:c0:a8:00:26 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.0.38/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
You could try http://testmyipv6.com/
This will show if you have a working IPv6 connection and if your host prefers IPv6 over IPv4.
If your host prefers IPv6 over IPv4 then you will probably have to lok at configuring your router.
Vodafone looks to have a good support website to help you
Thank you for that link. It is only HTTP in 2023 !?! As expected, most devices opt for IPv6 over IPv4.
I have been in touch with Vodafone. They will not activate 'dual stack'. I don't understand how this might have resolved the IPv6 issue anyhow as IPv6 apparently cannot be deactivated at the Vodafone Station 6 router.
Your ip address show results testify that you do not have IPv6 connectivty, as none of your interfaces carries an IPv6 address.
IPv6 can be a quite nuisance if your router would not expose or properly support IPv6 DNS configuration options.
Thus, you're probably better off if you stay with IPv4 only, at least with a limited capabilty router.
Indeed, none of your clients seem to use Pi-hole yet:
-----tail of FTL.log------
[2023-05-12 14:22:47.622 1138M] Imported 0 queries from the long-term database
[2023-05-12 14:22:47.622 1138M] -> Total DNS queries: 0
[2023-05-12 14:22:47.622 1138M] -> Cached DNS queries: 0
[2023-05-12 14:22:47.622 1138M] -> Forwarded DNS queries: 0
[2023-05-12 14:22:47.622 1138M] -> Blocked DNS queries: 0
[2023-05-12 14:22:47.622 1138M] -> Unknown DNS queries: 0
[2023-05-12 14:22:47.622 1138M] -> Unique domains: 0
[2023-05-12 14:22:47.622 1138M] -> Unique clients: 0
[2023-05-12 14:22:47.622 1138M] -> Known forward destinations: 0
Your clients will only get aware of Pi-hole upon DHCP lease acquisition or renewal, and they may hold on to their existing DHCP lease until it expires.
You may force a client to request a lease by dis- and reconnecting it to your network, or by powercycling it.
I restarted the Vodafone Station 6 router to end DHCP leases by that router that existed prior the switch to Pi-hole. It seems to have worked fine for IPv4 but most of my devices seem to prefer IPv6 and therefore directly connect to the router bypassing Pi-hole. I hope this can be fixed. Apparently, IPv6 cannot be deactivated at the router.
The screenshot below show the WAN interface. It is all based on IPv6.
So, I hope there is something that can be done besides changing the router to fix the IPv6 connection bypassing Pi-hole. Also, given that Vodafone expressed their interest in pushing me into a higher tariff for allowing me to use a third-party router.
The log excerpt shows the result of loading Pi-hole's long-term database after a restart at 14:22:47 today. It is consistent with your screenshot, as clients only start to use Pi-hole for DNS at about 16:30.
I'm afraid not.
If your router is advertising its own IPv6 address (or those of your ISP) as DNS server, that would allow your clients to by-pass Pi-hole.
You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server or to stop advertising its own.
You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.
If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.
If your router doesn't support that either, your clients will always be able to bypass Pi-hole via IPv6.
I was able to set Windows to prefer IPv4 over IPv6. However, I am still trying to find out how to do the same on Android and iOS. Any ideas?
Is the Vodafone Station 6 the only super restricted router out there? There most be others who have encountered and solved this problem.
If I really have to use another setup to fully utilize Pi-hole, would you recommend to use the Vodafone Station in bridge mode with another router or use another cable modem/router all together?
That is not good enough to avoid Pi-hole being by-passed.
As Pi-hole blocks certain domains from being resolved as a client would expect, that may trigger your client to fall back to IPv6.
There is no other way to reliably avoid using the router's IPv6 alternative DNS servers being used than adopting your router's configuration, short of manually disabling IPv6 support on any device. But manually disabling IPv6 may not be an option at all if your clients wouldn't support it, or if your ISP connection would be IPv6 only.
I cannot answer that, as I am not familiar with your router at all.
