Hey Community,
first of all I am so happy to get a PiHole running in my Network.
So to my problem, i am running PiHole as a Docker Container with the following compose-file, except, i changed the WEBPASSWORD and the private part of the IPV6 Adress.
Also, you do not declare a dnsmasq.d volume.
You may thus lose some of your Pi-hole's configuration on container upgrades or after reboots.
From your debug log, it seems you are using your router as Pi-hole's only upstream server while also enabling Conditional Forwarding.
Note that CF isn't strictly required if you use your router as Pi-hole's only upstream, as your router is handling all DNS traffic anyway. Just make sure you don't tick Never forward reverse lookups for private IP ranges in that case, and unticking Never forward non-FQDNs would also be recommended.
In addition, there is no advantage in supplying your router's IP address as upstream DNS for both IPv4 and IPv6. Using just its IPv4 address is fully sufficient.
Apart from those double log entries, is Pi-hole working as expected?
Could you show some examples for duplicate queries from Pi-hole's Query log, please?
If you can locate a named client (e.g. Andi-PC.fritz.box) in the dashboard's Top Clients widgets and hover over it, would the address shown be an IPv6 one?
Note that there may be multiple entries for the same name.
I found this env variable in some docker posts about pihole, and because of the write attempts I just passed it to /dev/null to minimize the write amounts of the pihole
i can add the dnsmasq.d volume, I have tried it previously, but it was just read only for the docker, so I don't see the point of mounting this path, sould I add it to the file?
The Option 'Never forward reverse lookups for private IP ranges' is already ticket. the option 'Never forward non-FQDNs' was ticket but I removed it now.
isn't a ipv6 adress nessesary for name resoultion for ivp6 adresses? my network needs to be ipv6 enables because of my internet connection and my connection to my NAS. Is the Pi hole able to get ipv6 adresses via an ipv4 dns request?
it justs shows ipv4 adresses in the top clients currently, but i have seen ipv6 adresses there as well, currently can't find them
It is not. Either A or AAAA queries can be resolved with a DNS server using an IPv4 address only. It is only when you intend to connect to the IPv6 address that you need IPv6.
Example of unbound running locally using only an IPv4 forwarding address from Pi-hole, and Pi-hole with only an IPv4 address. No IPv6 DNS address anywhere in this DNS path.
Why?
My remark was to limit your Pi-hole's upstream DNS configuration to just your FB's IPv4.
Neither do I.
I suspect that having Docker configured for IPv6 may entice clients to send requests via both IPv4 and IPv6 (hence my question for the address for a name).
However, I would expect such clients to do so only sporadically, in order to evaluate which DNS server they'd prefer.
If you'd see literally every DNS request twice, then that theory wouldn't hold.
I'd turn attention to Docker next.
By default, Docker is IPv4 only.
Did you configure your Docker daemon for IPv6?
While your docker-compose configures your Pi-hole container with IPv6 specifics, it does nothing to enable IPv6 in Docker itself.
To verify whether IPv6 is involved, try starting your Pi-hole container without IPv6 specifics, and disable IPv6 support.
Also, note that Pi-hole can serve A and AAAA DNS records alright via IPv4 only, as DNS is indifferent towards the transport protocol used.
thats what i ment. I disabled the upstream via ipv6 in the pihole configuration.
not intentionally so I don't think so
how can I disable IPV6 DNS request in my Network, else the adds and blocked domains will also reachable via IPv6 DNS or If they are just blocked over IPv4 DNS.
not all querys are duplicate but it is possible that all ipv6 dns requests are NATed to the docker IP, and shown as one IP. Previously I tested the Docker Image on an Synology NAS and to avoid port conflicts the PIhole Docker got its own IP-Address via
the router still distriubutes the ipv6 dhcp adress, but nothing is reachable under this address. Devices seems to be working, and the requests are all from the IPv4 Address, which can be translateted to theire hostnames.