Pi Hole duplicate query log entrys

Hey Community,
first of all I am so happy to get a PiHole running in my Network.

So to my problem, i am running PiHole as a Docker Container with the following compose-file, except, i changed the WEBPASSWORD and the private part of the IPV6 Adress.

version: '2.3'
 services:
   pihole:
     container_name: pihole
     image: pihole/pihole:latest
     hostname: pihole
     cap_add:
       - NET_ADMIN
     ports:
       - '53:53/tcp'
       - '53:53/udp'
       - '8000:80/tcp'
     environment:
       TZ: 'Europe/Berlin'
       IPv6: 'true'
       WEBPASSWORD: 'somePW'
       PHP_ERROR_LOG: '/dev/null'
       ServerIP: '192.168.188.6'
       ServerIPv6: 'PUBLIC_PART:ba27:ebff:fe60:e50b'
     volumes:
       - /home/pi/docker/pihole/etc_pihole:/etc/pihole:rw
     restart: always

my Fritzbox forwards the pihole ip as DNS to the clients and is beeing used as upstream DNS Server for the pi.

now to my problem, currently I am getting every log entry twice once from the pc in the network and once from the docker ip adress.

here is my debug log: https://tricorder.pi-hole.net/vz6xu1th0q

i hope you can help me

Andreas

Apart from those double log entries, is Pi-hole working as expected?
Could you show some examples for duplicate queries from Pi-hole's Query log, please?

sure here are some hope that helps
else the pi is working as intendet.

Unbenannt980×357 50.1 KB

Unbenannt2982×215 16.9 KB

Unbenannt3967×102 9.45 KB

If you can locate a named client (e.g. Andi-PC.fritz.box) in the dashboard's Top Clients widgets and hover over it, would the address shown be an IPv6 one?
Note that there may be multiple entries for the same name.

I found this env variable in some docker posts about pihole, and because of the write attempts I just passed it to /dev/null to minimize the write amounts of the pihole

i can add the dnsmasq.d volume, I have tried it previously, but it was just read only for the docker, so I don't see the point of mounting this path, sould I add it to the file?

The Option 'Never forward reverse lookups for private IP ranges' is already ticket. the option 'Never forward non-FQDNs' was ticket but I removed it now.

isn't a ipv6 adress nessesary for name resoultion for ivp6 adresses? my network needs to be ipv6 enables because of my internet connection and my connection to my NAS. Is the Pi hole able to get ipv6 adresses via an ipv4 dns request?

it justs shows ipv4 adresses in the top clients currently, but i have seen ipv6 adresses there as well, currently can't find them

It is not. Either A or AAAA queries can be resolved with a DNS server using an IPv4 address only. It is only when you intend to connect to the IPv6 address that you need IPv6.

Example of unbound running locally using only an IPv4 forwarding address from Pi-hole, and Pi-hole with only an IPv4 address. No IPv6 DNS address anywhere in this DNS path.

dig +short -t AAAA cnn.com

2a04:4e42::323
2a04:4e42:600::323
2a04:4e42:200::323
2a04:4e42:400::323

okay, so i removed the upstream ipv6 dns server from the fritzbox

currently i don't get the point why I get both logs like docker ips and Ips from the network...

Why?
My remark was to limit your Pi-hole's upstream DNS configuration to just your FB's IPv4.

Neither do I.

I suspect that having Docker configured for IPv6 may entice clients to send requests via both IPv4 and IPv6 (hence my question for the address for a name).
However, I would expect such clients to do so only sporadically, in order to evaluate which DNS server they'd prefer.
If you'd see literally every DNS request twice, then that theory wouldn't hold.

I'd turn attention to Docker next.
By default, Docker is IPv4 only.
Did you configure your Docker daemon for IPv6?
While your docker-compose configures your Pi-hole container with IPv6 specifics, it does nothing to enable IPv6 in Docker itself.

To verify whether IPv6 is involved, try starting your Pi-hole container without IPv6 specifics, and disable IPv6 support.

Also, note that Pi-hole can serve A and AAAA DNS records alright via IPv4 only, as DNS is indifferent towards the transport protocol used.

thats what i ment. I disabled the upstream via ipv6 in the pihole configuration.

not intentionally so I don't think so

how can I disable IPV6 DNS request in my Network, else the adds and blocked domains will also reachable via IPv6 DNS or If they are just blocked over IPv4 DNS.

not all querys are duplicate but it is possible that all ipv6 dns requests are NATed to the docker IP, and shown as one IP. Previously I tested the Docker Image on an Synology NAS and to avoid port conflicts the PIhole Docker got its own IP-Address via

networks:
  piholenet:
    driver: macvlan
    driver_opts:
      parent: eth0
    enable_ipv6: true

with this configuration the IPv6 configuration worked fine, but I am not sure if I want the docker to have full network access.

What I now tried:

• disable IPv6 on the Pi
• disable IPv6 for the docker-compose file

the router still distriubutes the ipv6 dhcp adress, but nothing is reachable under this address. Devices seems to be working, and the requests are all from the IPv4 Address, which can be translateted to theire hostnames.

Will update in a few days.

It seems that this has solved the problem for now, thanks for all the support

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.