One thing I should note is that I'm fairly new to the pi-hole/docker scene so it probably doesn't help so please excuse my ignorance. I have docker installed on a local Win10 host (192.168.1.100) using bridged mode. Pi-Hole resolves to 172.20.0.2 and performing nslookup pi.hole results in the following output:
Microsoft Windows [Version 10.0.22000.527]
(c) Microsoft Corporation. All rights reserved.
C:\Users\epmas>nslookup pi.hole
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.100
Name: pi.hole
Address: 172.20.0.2
I only have just the one internal network (192.168.1.0/24) and nothing fancy. I also have ExpressVPN installed on this device as well. It is configured so that it can talk to the internal network and I've even leveraged the option to have docker outside of the VPN altogether and it does not make a difference.
On my desktop I have 192.168.1.100 set as my primary and 192.168.1.1 (router) setup as my secondary. Internet works, I see queries blocked go up and ads are being blocked. However, if I just have pi-hole as my primary internet altogether doesn't work. Not entirely sure what the deal is.
I've changed ServerIP to be just localhost and figured that may have been my issue. It was not. I've changed interface settings "Permit all origins" and that doesn't seem to correct the issue either.
TL:DR - Pi-hole "seems" to be running, can see logs for DNS queries but doesn't seem to be doing anything.
[âś“] Your debug token is: https://tricorder.pi-hole.net/O7uu0emu/
[i] Logs are deleted 48 hours after upload.
I should have posted my YML file:
version: "3"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/udp"
- "8081:8081/tcp"
environment:
TZ: 'America/Chicago'
DNS1: 192.168.1.100
DNS2: 1.1.1.2
ServerIP: 'localhost'
WEB_PORT: '8081'
WEBPASSWORD: 'insertpasswordhere'
# Volumes store your data between container upgrades
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
cap_add:
- NET_ADMIN # Recommended but not required (DHCP needs NET_ADMIN)
restart: unless-stopped
Your docker-compose seems incomplete, e.g. it is lacking a 53/tcp port mapping and FTLCONF_REPLY_ADDR4, which is likely why pi.hole gets answered with your Docker's internal address.
Please refer to our Pi-hole Docker documentation for further guidance.
1 Like
Appreciate the quick response. Added TCP 53 as well as FTLCONF_REPLY_ADDR4 and have the following config, but no luck
version: "3"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/udp"
- "53:53/tcp"
- "8081:8081/tcp"
environment:
TZ: "America/Chicago"
DNS1: 192.168.1.100
DNS2: 1.1.1.2
ServerIP: "localhost"
WEB_PORT: '8081'
WEBPASSWORD: 'fuzzyboots'
FTLCONF_REPLY_ADDR4: "192.168.1.100"
# Volumes store your data between container upgrades
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
cap_add:
- NET_ADMIN # Recommended but not required (DHCP needs NET_ADMIN)
restart: unless-stopped
One other thing that comes to mind is when you declare environment variables, are you putting full quotes " " around the variable or just ' ' around them?
Decided to upload new logs after making said changes for visibility
[âś“] Your debug token is: https://tricorder.pi-hole.net/lRNGKtGX/
[i] Logs are deleted 48 hours after upload.
Note that DNS1 and ServerIP are deprecated, and the latter has been replaced by FTLCONF_REPLY_ADDR4.
If that 192.168.1.100 indeed is your Pi-hole's IP, then you'd have configured a DNS loop by having Pi-hole use itself as its DNS1 upstream.
Remove DNS1 and DNS2 from your configuration.
Or alternatively, you may want to consider to use the sample configuration at the start of the Docker Pi-hole docs I've linked in my initial answer, and work your way to further customisation from there.
I started from scratch using the sample config and was given similar results. I'm not entirely sure what the deal is. I've nuked it and have actually redeployed pihole using portainer this time around. Was able to bring it back up without any issues but anytime I set my DNS to pihole and make this my only DNS entry (for testing purposes) I get nowhere:
[âś“] Your debug token is: https://tricorder.pi-hole.net/Frox6RyQ/
[i] Logs are deleted 48 hours after upload.
Perhaps me using portainer would have to be another conversation or another thread, but I just didn't know what else to try.
I should note that it does seem to work if I have pihole as my primary DNS on my device and my router as my secondary DNS. I see queries blocked go up if I visit popular sites like msn.com, forbes.com, yahoo.com.
I apologize for the headaches. I know I'm making this more difficult than it should.
Your debug log shows that your Pi-hole container does not have any upstream connectivity:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[âś“] lbpax.adsbtrack.com is 0.0.0.0 on lo (127.0.0.1)
[âś“] No IPv4 address available on eth0@if52
[âś—] Failed to resolve doubleclick.com via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[âś“] No IPv6 address available on lo
[âś“] No IPv6 address available on eth0@if52
[âś—] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
You'd have to find the reason why your Pi-hole cannot talk to public DNS servers, e.g. a firewall on your system hosting the container may interfere with DNS - have a look at our documentation on required ports.
Thanks. Decided to go down a different path and take docker out of the picture. I uninstalled docker and utilized WSL for Windows 10 to perform the installation that way and now it works like a charm. Docker was about the only reason I downloaded pi-hole to begin with.
