Pihole Docker DHCP Only works if manually enter DNS Server

Help docker
1

So I have a pihole setup in a docker container using macvlan bridging. I am using pihole as my dhcp server as opposed to my router, and it mostly works. However, I have a strange issue. My machine not pass dns traffic unless I manually enter a known working DNS server.

Like this -

492×558 67.9 KB

That is the only way my traffic will pass. Which is odd, because I have pihole set up to use the same exact google dns server as it's upstream -

1164×629 51 KB

Here is my pihole docker configuration -

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "80:80/tcp"
      - "443:443/tcp"
    environment:
      TZ: 'America/New York'
      WEBPASSWORD: xxxx
    # Volumes store your data between container upgrades
    volumes:
       - '/home/hisma/docker/pihole/etc-pihole/:/etc/pihole/'
       - '/home/hisma/docker/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 1.1.1.1
    ServerIP:
      - 192.168.0.11
    # Recommended but not required (DHCP needs NET_ADMIN)
    #  https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN
    restart: unless-stopped
    networks:
      vlan_net:
        ipv4_address: 192.168.0.11
  
networks:
  default:
    driver: bridge
  vlan_net:  
    driver: macvlan
    driver_opts:
      parent: enp2s0
    ipam:
      config:
        - subnet: 192.168.0.0/24

Really not sure what is causing this behavior. I spent hours trying to troubleshoot it but I'm getting nowhere. I suspect it may be tied to my iptables firewall blocking the dns traffic from that address, but I am unsure where to start with that. Any help would be appreciated.

2

I just fixed it. The issue was that I had bind9 running on my ubuntu box and it was using port 53 without me even knowing it.

So I had 2 DNS servers running at the same time. When I stopped bind9 service

service bind9 stop

Then restarted the pihole, it worked. What made this a huge pita to troubleshoot is that I had no indication that the DNS server wasn't able to access port 53 other than seeing that I couldn't ping inside of the container.

I decided to see what was using port 53 on my host machine and realized then that named (bind9) was running.

I guess if this happens to anyone else, make sure you are only running 1 DNS server. I think that's pretty obvious, but sometimes it's hard to check these things unless you know specifically what you are looking for (ie checking if port 53 is in use).

What made this even harder for me to pin down was that I DID stop bind9 at some point, and my pihole worked temporarily during that time, but I guess bind9 restarted again without me knowing.

I have now removed bind9 completely from my system to prevent that from happening again. Hopefully this helps someone else in the future.

This can be closed!

1 Like