pihole-FTL DHCP server not running, no noticeable errors in logs

The issue I am facing:
pihole-FTL doesn't seem to be enabling the DHCP server even though I have it enabled in the webUI / can see it enabled in in setupVars.conf

Backstory: I'm attempting to migrate from the pihole service running on my network file server to a dedicated raspberry pi 3.

Details about my system:
Hardware: Raspberry Pi 3b
OS: Arch Linux ARM
AUR package: https://aur.archlinux.org/packages/pi-hole-server
Arch Wiki guide: Pi-hole - ArchWiki
HTTP server: Nginx

What I have changed since installing Pi-hole:

• Followed the arch wiki install guide, plus swapping out lighttpd for nginx.
• logged in through the webui, enabled the same settings on the new pi3 as I had on the old pihole service running on my file server, except for enabling the dhcp server.
• Once i was happy with my settings, I disabled the DHCP server on my filserver and enabled it on my pi3.

Diagnostically, I don't see any errors in the logs and netstat shows it is not listening on port 67:

$ sudo netstat -nltup | grep 'Proto\|pi'
[sudo] password for root: 
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 192.168.1.254:53        0.0.0.0:*               LISTEN      760/pihole-FTL      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      760/pihole-FTL      
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      760/pihole-FTL      
tcp6       0      0 ::1:53                  :::*                    LISTEN      760/pihole-FTL      
tcp6       0      0 fe80::ba27:ebff:febb:53 :::*                    LISTEN      760/pihole-FTL      
tcp6       0      0 ::1:4711                :::*                    LISTEN      760/pihole-FTL      
udp        0      0 127.0.0.1:53            0.0.0.0:*                           760/pihole-FTL      
udp        0      0 192.168.1.254:53        0.0.0.0:*                           760/pihole-FTL      
udp6       0      0 ::1:53                  :::*                                760/pihole-FTL      
udp6       0      0 fe80::ba27:ebff:febb:53 :::*                                760/pihole-FTL

I'm not sure what else to check. Any pointers?

Note: Pi-hole on Arch Linux is not officially supported by the Pi-hole project.

I'm aware. I've submitted this under Community Help. Was I not supposed to?

Community Help is the right place for this unsupported OS. I just wanted to make sure you knew it was unsupported.

Since Arch is not supported, I doubt you will find many users here running that OS. I recommend you ask at the Arch Pi-hole forum.

Will do.

Thanks

You could check whether another process is already binding DHCP port 67.

sudo ss -tulpn sport = 67

Nope, nothing running on 67:

$ sudo ss -tulpn sport = 67
Netid      State      Recv-Q      Send-Q           Local Address:Port           Peer Address:Port      Process
$ sudo netstat | grep 'Proto\|:67 \|:547 '
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
Proto RefCnt Flags       Type       State         I-Node   Path
$ 

Are there different processes of some kind that run when DHCP is active vs only DNS that I might be able to see are not running in ps ?

What does the startup logging look like for ftl? Startup is pretty verbose in enumerating what options are on and what options are off. Can you post the head section of /var/log/pihole/FTL.log or where ever Arch locates those files?

Not really, though DHCP requires additional capabilities to be set, specifically CAP_NET_ADMIN. Normally that is set but that may not be part of the Arch process.

https://docs.pi-hole.net/ftldns/in-depth/?h=dhcp#linux-capabilities

Looks like its set in the the systemd service:

$ cat pihole-FTL.service 
[Unit]
Description=Pi-hole FTLDNS engine
After=network.target

[Service]
User=pihole
Group=pihole
PIDFile=/run/pihole-ftl/pihole-FTL.pid
ExecStartPre=/usr/bin/chown -R pihole:pihole /etc/pihole
ExecStartPre=-/usr/bin/chown root:root /etc/pihole/logrotate
ExecStartPre=-/usr/bin/sh -c '/usr/bin/rm -f /dev/shm/FTL-*'
ExecStart=/usr/bin/pihole-FTL no-daemon
ExecReload=/bin/kill -USR1 $MAINPID
Restart=on-failure
TimeoutStopSec=5s
PermissionsStartOnly=true
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_NICE CAP_IPC_LOCK CAP_CHOWN
     
[Install]
WantedBy=multi-user.target

I stopped the systemd service and ran the ExecStart command as root to eliminate any permission issues. Still no DHCP.

Can you run getcap on the binary to check?

I don't see anything specific to DHCP or port 67:

[2023-10-30 20:26:04.235 6626M] FTL branch: master
[2023-10-30 20:26:04.235 6626M] FTL version: v5.23
[2023-10-30 20:26:04.235 6626M] FTL commit: builtfromreleasetarball
[2023-10-30 20:26:04.235 6626M] FTL date: 2023-05-28
[2023-10-30 20:26:04.235 6626M] FTL user: root
[2023-10-30 20:26:04.235 6626M] Compiled for aarch64 (compiled locally) using cc (GCC) 12.1.0
[2023-10-30 20:26:04.235 6626M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2023-10-30 20:26:04.235 6626M]    SOCKET_LISTENING: only local
[2023-10-30 20:26:04.235 6626M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
[2023-10-30 20:26:04.235 6626M]    MAXDBDAYS: max age for stored queries is 30 days
[2023-10-30 20:26:04.235 6626M]    RESOLVE_IPV6: Resolve IPv6 addresses
[2023-10-30 20:26:04.235 6626M]    RESOLVE_IPV4: Resolve IPv4 addresses
[2023-10-30 20:26:04.235 6626M]    DBINTERVAL: saving to DB file every 600 seconds
[2023-10-30 20:26:04.236 6626M]    DBFILE: Using /etc/pihole/pihole-FTL.db
[2023-10-30 20:26:04.236 6626M]    MAXLOGAGE: Importing up to 24.0 hours of log data
[2023-10-30 20:26:04.236 6626M]    PRIVACYLEVEL: Set to 0
[2023-10-30 20:26:04.236 6626M]    IGNORE_LOCALHOST: Show queries from localhost
[2023-10-30 20:26:04.236 6626M]    BLOCKINGMODE: Null IPs for blocked domains
[2023-10-30 20:26:04.236 6626M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2023-10-30 20:26:04.236 6626M]    DBIMPORT: Importing history from database
[2023-10-30 20:26:04.236 6626M]    PIDFILE: Using /run/pihole-ftl/pihole-FTL.pid
[2023-10-30 20:26:04.236 6626M]    SOCKETFILE: Using /run/pihole-ftl/FTL.sock
[2023-10-30 20:26:04.236 6626M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2023-10-30 20:26:04.236 6626M]    MACVENDORDB: Using /etc/pihole/macvendor.db
[2023-10-30 20:26:04.236 6626M]    GRAVITYDB: Using /etc/pihole/gravity.db
[2023-10-30 20:26:04.236 6626M]    PARSE_ARP_CACHE: Active
[2023-10-30 20:26:04.237 6626M]    CNAME_DEEP_INSPECT: Active
[2023-10-30 20:26:04.237 6626M]    DELAY_STARTUP: No delay requested.
[2023-10-30 20:26:04.237 6626M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2023-10-30 20:26:04.237 6626M]    NICE: Set process niceness to -10 (default)
[2023-10-30 20:26:04.237 6626M]    MAXNETAGE: Removing IP addresses and host names from network table after 30 days
[2023-10-30 20:26:04.237 6626M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2023-10-30 20:26:04.237 6626M]    EDNS0_ECS: Overwrite client from ECS information
[2023-10-30 20:26:04.237 6626M]    REFRESH_HOSTNAMES: Periodically refreshing IPv4 names
[2023-10-30 20:26:04.237 6626M]    RATE_LIMIT: Rate-limiting client making more than 1000 queries in 60 seconds
[2023-10-30 20:26:04.237 6626M]    LOCAL_IPV4: Automatic interface-dependent detection of address
[2023-10-30 20:26:04.237 6626M]    LOCAL_IPV6: Automatic interface-dependent detection of address
[2023-10-30 20:26:04.237 6626M]    BLOCK_IPV4: Automatic interface-dependent detection of address
[2023-10-30 20:26:04.238 6626M]    BLOCK_IPV6: Automatic interface-dependent detection of address
[2023-10-30 20:26:04.238 6626M]    SHOW_DNSSEC: Enabled, showing automatically generated DNSSEC queries
[2023-10-30 20:26:04.238 6626M]    MOZILLA_CANARY: Enabled
[2023-10-30 20:26:04.238 6626M]    PIHOLE_PTR: internal PTR generation enabled (pi.hole)
[2023-10-30 20:26:04.238 6626M]    ADDR2LINE: Enabled
[2023-10-30 20:26:04.238 6626M]    REPLY_WHEN_BUSY: Drop queries when the database is busy
[2023-10-30 20:26:04.238 6626M]    BLOCK_TTL: 2 seconds
[2023-10-30 20:26:04.238 6626M]    BLOCK_ICLOUD_PR: Enabled
[2023-10-30 20:26:04.238 6626M]    CHECK_LOAD: Enabled
[2023-10-30 20:26:04.238 6626M]    CHECK_SHMEM: Warning if shared-memory usage exceeds 90%
[2023-10-30 20:26:04.238 6626M]    CHECK_DISK: Warning if certain disk usage exceeds 90%
[2023-10-30 20:26:04.239 6626M] Finished config file parsing
[2023-10-30 20:26:04.239 6626M] Creating mutex
[2023-10-30 20:26:04.239 6626M] Creating mutex
[2023-10-30 20:26:04.241 6626M] WARNING: Starting pihole-FTL as user root is not recommended
[2023-10-30 20:26:04.241 6626M] PID of FTL process: 6626
[2023-10-30 20:26:04.244 6626M] Database version is 12
[2023-10-30 20:26:04.244 6626M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 712.7KB used, 468.6MB total, FTL uses 700.8KB)
[2023-10-30 20:26:04.244 6626M] Imported 0 alias-clients
[2023-10-30 20:26:04.244 6626M] Database successfully initialized
[2023-10-30 20:26:04.285 6626M] New upstream server: 8.8.8.8:53 (0/512)
[2023-10-30 20:26:04.291 6626M] New upstream server: 9.9.9.9:53 (1/512)
[2023-10-30 20:26:04.309 6626M] New upstream server: 8.8.4.4:53 (2/512)
[2023-10-30 20:26:04.330 6626M] Imported 2922 queries from the long-term database
[2023-10-30 20:26:04.331 6626M]  -> Total DNS queries: 2922
[2023-10-30 20:26:04.331 6626M]  -> Cached DNS queries: 1284
[2023-10-30 20:26:04.331 6626M]  -> Forwarded DNS queries: 1578
[2023-10-30 20:26:04.331 6626M]  -> Blocked DNS queries: 0
[2023-10-30 20:26:04.331 6626M]  -> Unknown DNS queries: 0
[2023-10-30 20:26:04.331 6626M]  -> Unique domains: 151
[2023-10-30 20:26:04.331 6626M]  -> Unique clients: 2
[2023-10-30 20:26:04.331 6626M]  -> Known forward destinations: 3
[2023-10-30 20:26:04.331 6626M] Successfully accessed setupVars.conf
[2023-10-30 20:26:04.333 6626M] listening on 192.168.1.254 port 53
[2023-10-30 20:26:04.333 6626M] listening on enu1u1(#2): 192.168.1.254 port 53
[2023-10-30 20:26:04.333 6626M] listening on 127.0.0.1 port 53
[2023-10-30 20:26:04.333 6626M] listening on lo(#1): 127.0.0.1 port 53
[2023-10-30 20:26:04.333 6626M] listening on fe80::ba27:ebff:febb:df15%enu1u1 port 53
[2023-10-30 20:26:04.333 6626M] listening on enu1u1(#2): fe80::ba27:ebff:febb:df15%enu1u1 port 53
[2023-10-30 20:26:04.333 6626M] listening on ::1 port 53
[2023-10-30 20:26:04.333 6626M] listening on lo(#1): ::1 port 53
[2023-10-30 20:26:04.348 6628M] PID of FTL process: 6628
[2023-10-30 20:26:04.348 6628M] Listening on port 4711 for incoming IPv4 telnet connections
[2023-10-30 20:26:04.351 6628M] Listening on port 4711 for incoming IPv6 telnet connections
[2023-10-30 20:26:04.353 6628M] Listening on port 4711 for incoming socket telnet connections
[2023-10-30 20:26:04.354 6628M] INFO: FTL is running as root
[2023-10-30 20:26:04.356 6628M] Reloading DNS cache
[2023-10-30 20:26:04.470 6628/T6644] Compiled 0 whitelist and 15 blacklist regex filters for 2 clients in 12.5 msec
[2023-10-30 20:26:04.470 6628/T6644] Blocking status is disabled
[2023-10-30 20:26:45.546 6628M] New upstream server: 1.1.1.1:53 (3/512)
[2023-10-30 20:26:45.546 6628M] New upstream server: 1.0.0.1:53 (4/512)

However, just for comparison I checked on my old machine with the functional DHCP server, and there's nothing in the logs matching DHCP or port 67 either, so I'm not sure what I should expect to see:

/var/log $ grep -i dhcp pihole-FTL.log              (null output)
/var/log $ grep -i 67 pihole-FTL.log 
[2023-10-30 02:00:00.067 119021/T119055] Notice: Database size is 485.84 MB, deleted 110 rows
[2023-10-30 06:00:00.067 131589/T131605] Notice: Database size is 485.84 MB, deleted 6 rows
[2023-10-30 11:00:00.064 131589/T131605] Notice: Database size is 485.84 MB, deleted 671 rows
[2023-10-30 15:42:36.574 131589M] Resizing "FTL-dns-cache" from 24576 to (1792 * 16) == 28672 (/dev/shm: 1.9MB used, 4.1GB total, FTL uses 1.9MB)
[2023-10-30 15:53:33.224 131589M] Resizing "FTL-dns-cache" from 28672 to (2048 * 16) == 32768 (/dev/shm: 1.9MB used, 4.1GB total, FTL uses 1.9MB)
[2023-10-30 16:30:00.076 131589/T131605] Notice: Database size is 485.84 MB, deleted 167 rows
[2023-10-30 17:07:29.002 131589M] Resizing "FTL-queries" from 1376256 to (28672 * 56) == 1605632 (/dev/shm: 2.0MB used, 4.1GB total, FTL uses 1.9MB)
[2023-10-30 20:06:42.621 141330M] Resizing "FTL-queries" from 1376256 to (28672 * 56) == 1605632 (/dev/shm: 1.9MB used, 4.1GB total, FTL uses 1.9MB)
[2023-10-30 20:38:43.136 141879M] Resizing "FTL-queries" from 1376256 to (28672 * 56) == 1605632 (/dev/shm: 1.9MB used, 4.1GB total, FTL uses 1.9MB)
[2023-10-30 20:40:20.067 1379M] Resizing "FTL-queries" from 688128 to (16384 * 56) == 917504 (/dev/shm: 1.2MB used, 4.1GB total, FTL uses 1.2MB)
[2023-10-30 20:40:20.204 1379M] Resizing "FTL-queries" from 1376256 to (28672 * 56) == 1605632 (/dev/shm: 1.9MB used, 4.1GB total, FTL uses 1.9MB)

DHCP needs to bind to 0.0.0.0 to listen for the broadcast packets sent to the network segment. Could there be anything preventing that bind?

Does the AUR custom compile their own binaries?

Could you also share

sudo grep -n DHCP  /var/log/pihole/pihole.log

If Pi-hole's DHCP server is running, that should return something similar to:

4286:Oct 30 22:40:41 dnsmasq[21257]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n IDN DHCP DHCPv6 Lua TFTP no-conntrack ipset no-nftset auth cryptohash DNSSEC loop-detect inotify dumpfile
4289:Oct 30 22:40:41 dnsmasq-dhcp[21257]: DHCP, IP range 192.168.1.221 -- 192.168.1.251, lease time 1d

And what's the output of

ls -lah /etc/dnsmasq.d/

cat /etc/dnsmasq.d/02-pihole-dhcp.conf

Sorry if these responses are out of order. I keep hitting the reply button to the specific comment i'm targeting, but I just realized the comments aren't branching to their own thread.

Can you run getcap on the binary to check?

I don't get any output with getcap for /usr/bin/pihole-FTL. however I don't get any output for anything else in /usr/bin either so I'm not sure if I'm using it correctly.

Does the AUR custom compile their own binaries?

The AUR is all source code plus a pkgbuild file that tells you (or your AUR helper program) where the software packages are, what their CRCs are, handles patching, compiling, and installation. Its basically just a script to handle compiling and installing from source for you. Here's the one for the pi-hole-server AUR package:

DHCP needs to bind to 0.0.0.0 to listen for the broadcast packets sent to the network segment. Could there be anything preventing that bind?

Unsure at the moment. This Pi is just a base archlinux ARM install, plus ssh, fail2ban, a modified sudoers, and pi-hole-server. Just to give some level of certainty, I shut down fail2ban, nginx, php-fpm, and pihole-FTL. Then restarted pihole-FTL.

Another poster suggested looking for dhcp and dnsmasq results in the pihole.log (non FTL), and checking dnsmasq configs. I haven't fixed it yet but I think that's got me going in the right direction.

Thanks!

That got me going in the right direction.

There's no dhcp or dnsmasq results in my pihole.log, but there are plenty on the old server.

/etc/dnsmasq.d/ only contained 2 config files:

• 01-pihole.conf
• 06-rfc6761.conf

Compared against my old server, which also contained

• 02-pihole-dhcp.conf
• 04-pihole-static-dhcp.conf

I had a read back through the arch doc for installing the pi-hole-server.

php-fpm requires an explicit read/write list of files in a config file, and the config provided in Pi-hole - ArchWiki only explicitly stated 01-pihole.conf:

ReadWritePaths = /etc/dnsmasq.d/01-pihole.conf

I added these to /etc/systemd/system/php-fpm.service.d/pihole.conf:
ReadWritePaths = /etc/dnsmasq.d/02-pihole-dhcp.conf
ReadWritePaths = /etc/dnsmasq.d/03-pihole-wildcard.conf
ReadWritePaths = /etc/dnsmasq.d/04-pihole-static-dhcp.conf

I restarted the php-fpm service, which now failed to start. from journalctl:

php-fpm.service: Failed to set up mount namespacing: /run/systemd/mount-rootfs/etc/dnsmasq.d/02-pihole-dhcp.conf: No such file or directory

Then I ran touch on all 3 config files, and restarted php-fpm again.

After that I went into the pihole settings screen and disabled the DHCP server, saved, then re-enabled it again to force a write to 02-pihole-dhcp.conf.

Its working now!

Thanks for putting up with this :). I'll submit a few lines to that arch install doc if I get a chance.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.