Pihole DNS DHCP on VLAN interface not working

PiAlex · June 21, 2021, 8:30pm

Hello

I've managed to get pihole DNS and DHCP running on a host docker container on a Raspberry PI 3B OK, but I'm having problem running it on a seperate virtual network interface.

Below is the script I've been editing and creating which runs fine, I'm running the pihole GUI fine on 10.0.1.0.
On the pi eth0 physical interface itself (on network interface 192.168.1.4) I can ping 10.0.1.0 and my internet router (192.168.1.254).

If I run the bash shell on the container: docker exec -it pihole /bin/bash, I can ping 192.168.1.4 (eth0) however I cannot ping 192.168.1.254 (my internet router)

Renewing windows client ipconfig/renew tells me it cannot contact the PIHole DHCP server although it appears to allocate a DHCP lease!

Rebooting doesn't help. Firewall is disabled.

No internet anywhere...

Here is ifconfig on eth0:

ifconfig
br-2b9c3826997b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.1.254  netmask 255.255.0.0  broadcast 10.0.255.255
        inet6 XXXX prefixlen 64  scopeid 0x20<link>
        ether XXXX  txqueuelen 0  (Ethernet)
        RX packets 2313  bytes 1789062 (1.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1947  bytes 398959 (389.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.4  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 XXXX  prefixlen 64  scopeid 0x20<link>
        inet6 XXXX  prefixlen 64  scopeid 0x0<global>
        ether XXXX  txqueuelen 1000  (Ethernet)
        RX packets 12431  bytes 1185245 (1.1 MiB)
        RX errors 0  dropped 4  overruns 0  frame 0
        TX packets 11109  bytes 5259139 (5.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1188  bytes 929542 (907.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1188  bytes 929542 (907.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.1  netmask 255.255.255.0  destination 10.8.0.1
        inet6 XXXX  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24  bytes 2960 (2.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth8a0392a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 169.254.117.179  netmask 255.255.0.0  broadcast 169.254.255.255
        inet6 XXXX prefixlen 64  scopeid 0x20<link>
        ether XXXX  txqueuelen 0  (Ethernet)
        RX packets 2313  bytes 1821444 (1.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2029  bytes 412619 (402.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

In regards to debug token (docker container exec pihole pihole -d -a) that script runs fine but I cannot upload it as there is no internet until I reconfigure it to run on host network (whereupon the debug log will have changed).
Is there a manual process for this? The instructions URL given by the debug doesn't give me any light in the matter...
https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/ doesn't tell me anything..

Finally my script is below....

Thanks for any help....

docker container stop pihole
docker container rm pihole
docker network rm br0

docker network create \
  --driver=bridge \
  --subnet=10.0.0.0/16 \
  --ip-range=10.0.1.0/24 \
  --gateway=10.0.1.254 \
  br0

PIHOLE_BASE="${PIHOLE_BASE:-$(pwd)}"
[[ -d "$PIHOLE_BASE" ]] || mkdir -p "$PIHOLE_BASE" || { echo "Couldn't create storage directory: $PIHOLE_BASE"; exit 1; }

# Note: ServerIP should be replaced with your external ip.
docker run -d \
    --name pihole \
    -p 53:53/tcp -p 53:53/udp \
    -p 80:80 \
    -p 443:443/tcp \
    -p 67:67/udp \
    --cap-add=NET_ADMIN \
    -e TZ="Europe/London" \
    -v "${PIHOLE_BASE}/etc-pihole/:/etc/pihole/" \
    -v "${PIHOLE_BASE}/etc-dnsmasq.d/:/etc/dnsmasq.d/" \
    --dns=127.0.0.1 --dns=1.1.1.1 \
    --restart=unless-stopped \
    --hostname pi.hole \
    -e VIRTUAL_HOST="pi.hole" \
    -e PROXY_LOCATION="pi.hole" \
    -e ServerIP="10.0.1.0" \
    --network br0 \
    pihole/pihole:latest


printf 'Starting up pihole container '
for i in $(seq 1 20); do
    if [ "$(docker inspect -f "{{.State.Health.Status}}" pihole)" == "healthy" ] ; then
        printf ' OK'
        echo -e "\n$(docker logs pihole 2> /dev/null | grep 'password:') for your pi-hole: https://${IP}/admin/"
        exit 0
    else
        sleep 3
        printf '.'
    fi

    if [ $i -eq 20 ] ; then
        echo -e "\nTimed out waiting for Pi-hole start, consult your container logs for more info (\`docker logs pihole\`)"
        exit 1
    fi
done;

... so I have to go back running pihole on a container running on host for the meantime which works for now, but I really would like vlan working.

PiAlex · June 22, 2021, 1:09pm

Nevermind - I've gone for an entirely different network MacVLAN solution, it's running but not 100% idea - yup... yet another post is coming on... sorry! Please close the thread.

Bucking_Horn · June 22, 2021, 8:15pm

The only relevant configuration option in Pi-hole is its Interface listening behavior, which should be set to one of its Listen on all interfaces options.

VLANs are managed by routers and switches, i.e. you'd have to configure those correctly to direct VLAN tagged traffic towards your Pi-hole's host machine.

system · July 13, 2021, 8:16pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.