Pihole as DHCP server in Docker using macvlan network

Hi !

I'm trying to set my pihole as my DHCP server.

I use a RaspberryPi running Debian 64bits. I'm using Docker and Portainer to run PiHole.

I'm struggling a bit as I don't know much about network and I'm not a native English speaker, so please, bare with me.

I created a macvlan network like this

docker network create --driver=macvlan
     -o parent=eth0 vlanPihole

Here's my stack :

version: '3.3'
        container_name: pi-hole
        hostname: PiholeRPi4
        restart: always
            - /srv/path/Files/Pihole/etc-pihole/:/etc/pihole/
            - /srv/path/Files/Pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/
            - DNS1=
            - DNS2=
            - ServerIP=
            - DNSMASQ_LISTENING=all
            - WEBPASSWORD=wowmuchpasswordsuchsecret
            - TZ=Europe/Paris
            - mac-address="02:42:c0:a8:02:d7"
        network_mode: vlanPihole
        image: 'pihole/pihole:latest'

I can access my pihole at

I set pihole as DHCP server like this:
Range from to
Gateway is my ISP modem :

I reboot my Raspberry and my ISP modem.

My problem is that I don't get knew IPs for most of my devices (maybe I should reboot them ?), but mostly I get new IPs for my other devices in the 192.168.0.x subnet and not 192.168.1.x as I asked for in my config. It messes up everything of course.

Here's an ugly diagram of my network if that helps. I'm not sure my router and switch can be a problem.
I SSH and work from my computer in "office 1".

Can someone please help me ?

That would give you a single IP in the lease pool. What does docker network inspect vlanPihole show you?

That doesn't look right either. Are you following a guide to set this up?

Your compose file seems to be missing a networks section, but let's find out about your intentions first.

You are not creating a VLAN here.
You are creating a MACVLAN network within your Docker instance.

Is your motivation for trying this to configure a real VLAN instead, so you could isolate certain clients from the rest of your network?

Or do you intend to run Pi-hole as DHCP server, and therefore decided to use a MACVLAN approach?

Just as an example, mine is defined to use a macvlan network I setup called home, like so:

version: '3.3'

    container_name: pihole
    hostname: pihole-docker
      - unbound
    image: pihole/pihole:${PIHOLE_TAG}
    #image: promofaux/adam-pihole
      TZ: europe/London
      REV_SERVER: 'true'
      REV_SERVER_DOMAIN: lan.arpa
      DNSMASQ_USER: 'root'
      - pihole_etc_pihole:/etc/pihole/
      - pihole_etc_dnsmasqd:/etc/dnsmasq.d/
      #- /volume1/copy/tmpVol/:/run/uncaught-logs/
      - NET_ADMIN
    mac_address: d0:ca:ab:cd:ef:fe
    restart: always

    external: true

    external: true
    external: true

The network was set up with:

docker network create -d macvlan  --subnet=  --gateway= -o parent=eth0 home

Yes, that's the whole point :slight_smile:

        "Name": "vlanPihole",
        "Id": "ec961f01ea3f7484d0283f2a3805ef378bc7fe1d70fdced5916bda5b2daec690",
        "Created": "2022-09-05T15:41:20.10348546+02:00",
        "Scope": "local",
        "Driver": "macvlan",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                    "Subnet": "",
                    "IPRange": "",
                    "Gateway": ""
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        "ConfigOnly": false,
        "Containers": {
            "21361e17defe1a2819526917aab6a55c49867b7f8d715bbde12b09bc66904f57": {
                "Name": "pi-hole",
                "EndpointID": "052eb4d7c6a9f653c5d095cce0e582c26077d1a10e786ec29019291602817df6",
                "MacAddress": "02:42:c0:a8:01:65",
                "IPv4Address": "",
                "IPv6Address": ""
        "Options": {
            "parent": "eth0"
        "Labels": {}

Not one guide, but several. I've been reading from here and there and tried to gather something working. This includes this

Exactly this :slight_smile:

Thanks a lot. I'm going to try and adapt this to my config and let you know :slight_smile:

Your Pi-hole's subnet is different from the one your router is using.
What's the motivation for that?

What's the machine at that you've configured to be used as a gateway? Does that connect to your router on your network, or is that a separate router providing its own internet connection?

There's no motivation for that. That's the issue. I want everyone in the same subnet. is my ISP modem. It connects to my router that connects to my switch that connects my Raspberry. Please, have a look at my ugly diagram. It displays all the setup and current IPs for my main devices.
Never have I ever asked for something to be in network.

That link errors out for me.
In this forum, you may paste images directly.

You mention

Where do those reside?

My computer and some android devices get IPs in the network. I don't know nor understand why ?! And at the same time, the other devices stay in the IP range attributed by my ISP modem (meaning to and not to as configured in pihole DHCP) while DHCP IS disabled on my ISP modem.

(That picture isn't ugly at all. :wink: )

What IP range did you configure for Pi-hole's DHCP server?

Which machine is handling DHCP in your network up to now?
The following may help answering that question:

pihole-FTL dhcp-discover

Note that a DHCP client may pick any DHCP server answering its broadcast to acquire a DHCP lease (so Pi-hole as well as an existing DHCP server).
Furthermore, a client with an existing lease would continue to talk to the DHCP server it acquired its lease through. If that's your current DHCP server and it's still active, that client may never ask your Pi-hole for a lease - unless you disconnect it from the network, e.g. by powercycling it.

If you do intend to keep that existing DHCP server running in addition to Pi-hole, you'd want to make sure that your DHCP servers IP ranges do not overlap, and you may want to use static leases / DHCP lease reservation for all of its intended clients.


My pihole, and I did disable DHCP on my ISP modem.

I'm going to try this all over again and powercycle everything in my house.

Try to find out about other DHCP servers first.

If clients are using addresses from, that would strongly suggest another active DHCP server.

Candidates would be your modem, router and switch (if that happens to be a smart/managed one).

You want the DHCP server to only give out one IP address? (And it's the IP address of the DHCP server?)

There's a misunderstanding. I just want ONE IP address in my macvlan network. This IP address being the one for Pihole.

But you've declared the macvlan network to span the whole subnet.


            "Config": [
                    "Subnet": "",
                    "IPRange": "",
                    "Gateway": ""

I'm sorry for how uneducated I am on this subject.

I want an IP range of one IP (/32) starting at resulting in a single IP on the 192.168.1.x subnet