Hi, I am having a problem trying to setup PiHole as my DHCP server.
I have disabled both DHCP and DHCPv6 on my router and enabled the DHCP server on the PiHole settings, along with the "Enable additional IPv6 support (SLAAC + RA)".
The DHCP is correctly working for the IPv4, assigning the correct gateway and broadcasting itself as the DNS server, but for IPv6 I am experiencing a strange behaviour, the PiHole correctly broadcasts its IPv6 address as a DNS server, but it is also broadcasting the same address as a gateway.
This is the output form ipconfig /all:
As you can see, the first address is the PiHole, the other two are correct and are my router's IPv6 and IPv4 addresses.
If I disable the "Enable additional IPv6 support (SLAAC + RA)" flag, the problem is not there, but obviously the PiHole won't broadcast itself as an IPv6 DNS address anymore:
I am a newbie of IPv6, so I don't know if this is the intended behaviour, but I suppose If a device tries to use the PiHole as a gateway, the connection would fail, so I would like to stop PiHole form doing it.
PiHole is running alongside Unbound in an unprivileged LXC container on Proxmox.
When you've ticked Enable additional IPv6 support (SLAAC + RA) in Pi-hole's DHCP Settings, Pi-hole will send out IPv6 Router Advertisements to include RDNSS options for its own IPv6, but it won't announce any routes, neither via itself nor your router (you may verify this by running tools like radvdump and inspect Pi-hole's RAs).
While that RA is issued by Pi-hole's IPv6, I can't tell why Windows would list that IPv6 as a gateway, when Pi-hole would not announce any routes.
The only situation where ticking that option would be helpful would be if your router would not allow changing its advertised DNS server IPv6 addresses, but only switching off RDNSS RAs altogether.
In that case, clients would be able to pick up your Pi-hole machine's IPv6 as DNS server.
However, if your router would already distribute your Pi-hole machine's IPv4 as DNS server via DHCP anyway, you could leave that option unticked as well.
In all other scenarios, ticking Enable additional IPv6 support would offer no benefits.
That’s the reason why I wanted to use PiHole as a DHCP server, my router will let me set IPv4 and IPv6 DNS addresses, but it will also forcefully broadcast itself alongside the DNS I have set, leading the devices to be able to bypass PiHole.
The router will only let me disable RA service entirely, as shown in my router’s screenshot above, but this will prevent it from showing as a gateway, so if I enable SLAAC+RA in PiHole’s DHCP settings, the only gateway for IPv6 listed will be the PiHole, if I disable it, there will be no IPv6 gateway, both situations leading to no connection.
The problem doesn’t appear to be Windows specific, as the same happens with iOS devices:
Also, if I disable SLAAC+RA in PiHole’s DHCP settings, leaving the PiHole’s IPv4 address as the only DNS server, Windows will correctly list only that DNS server, but iOS will also list my router’s IPv6 address.
I think that is probably an iOS problem, maybe it adds the gateway as a DNS address if it doesn’t find any IPv6 DNS servers.
I can disable IPv6 altogether on the router’s side, but I would prefer not to if there is a way around it.
Disabling RAs is not an option, as your router is responsible for providing IPv6 routes, and it will announce those via RAs. Without those, you will only have link-local IPv6 connectivity.
Ok, I have set the router as per your instructions.
I am forced to set one DNS server address at least, otherwise it won't let me apply the settings, so I put the PiHole IPv6.
Here is how the router is configured now:
In absence of any new RDNSS RAs, your iOS device probably held on to that LLA for as long as the DNS Refresh Time allowed - judging by your screenshot, that would be 86,400 seconds (a day).
