Pihole running on TruNas and Issues with local DNS

vkvishnu · January 29, 2025, 7:56pm

The issue I am facing:
Unable to give local DNS addresses. For example access Truenas using "trunas.local" rather than type 192.168.x.xx

Set up
Fiber optic 1GB connection from Quantum. I have made the fiber optic modem to bridge mode.
I have a Dell server on which I have Trunas Scale installed. I have Pihole running on it and all queries are now routed to Pihole.

Details about my system:
screen shot of pi hole

Screen shot of local DNS

Screenshot of DNS setting

Screenshot of DHCP

Thanks

deHakkelaar · January 30, 2025, 12:27am

I do not recommend using .local as a search/suffix domain bc that one is exclusively reserved for multicast DNS (mDNS) and not intended for regular old school Do53 (unicast DNS over port 53):

https://www.rfc-editor.org/rfc/rfc6762#appendix-G

vkvishnu · January 30, 2025, 4:22am

I changed it to .home rather than .local, but the issue still remains.

Bucking_Horn · January 30, 2025, 11:33am

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

vkvishnu · January 31, 2025, 3:31am

Hi Bucking_Horn, Here is the debug token https://tricorder.pi-hole.net/UAGqfaEc/
Let me know if you need any other information from my end.

Thanks

deHakkelaar · January 31, 2025, 4:26am

Could you explain why IP's in the "Local DNS Records" screenshot (192.168.x.x) are in a different subnet as the ones in the "DHCP Settings" sreenshot (172.16.2.x)?
Is there some routing going on or is it all one big happy subnet?

vkvishnu · January 31, 2025, 5:20am

i just check the DHCP option and those numbers 172. ... were there prepopulated. This should be one happy subnet.

Bucking_Horn · January 31, 2025, 7:22am

You should note that TrueNAS is not supported by Pi-hole - specifically, the Pi-hole team does not develop nor endorse a TrueNAS Pi-hole app that some users have reported to use.

If that TrueNAS Pi-hole app is just a wrapper around Pi-hole's official Docker image, then it should run, provided the container is configured correctly.

In your case, the container that your Pi-hole is running in is attached exclusively to a 172.16.2.0/24 network:

*** [ DIAGNOSING ]: Network interfaces and addresses
   1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
       link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
       inet 127.0.0.1/8 scope host lo
          valid_lft forever preferred_lft forever
       inet6 ::1/128 scope host 
          valid_lft forever preferred_lft forever
   54: eth0@if55: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
       link/ether <redacted> brd ff:ff:ff:ff:ff:ff link-netnsid 0
       inet 172.16.2.2/24 brd 172.16.2.255 scope global eth0
          valid_lft forever preferred_lft forever

Consequently, Pi-hole currently ignores DNS requests from your 192.168.4.0/16 network:

*** [ DIAGNOSING ]: Pi-hole diagnosis messages
 count last timestamp       type          message
 ----- -------------------  ------------  ------------------------------------------------------------
 1     2025-01-29 23:01:45  DNSMASQ_WARN  ignoring query from non-local network 192.168.4.1 (logged on                                                                                                              
                                          ly once)

That message should also have been plainly visible in Pi-hole's web UI under Tools | Pi-hole diagnosis, with a marker drawing your attention to it, hinting at the cause for your issue.

As you've enabled Pi-hole's DHCP server, Pi-hole would process DNS requests of clients that have acquired their DHCP lease through Pi-hole (and thus have a 172.16.2.0/24 address).

To make Pi-hole also process those requests of foreign network origin, you could change Pi-hole's Interface settings to one of the potentially dangerous options.

But I'd recommend to reconsider your choice.

Commonly, you'd use your main network's range with Pi-hole's DHCP server, pointing its gateway to your router's IP.
You've created a separate subnet, using 172.16.2.1 as gateway, which looks like a Docker internal gateway IP. If it would be, that in turn would imply that only other Docker containers may be able to acquire a DHCP lease through Pi-hole.

Why is your Pi-hole's DHCP server offering a separate subnet?
And what's your intention of having Pi-hole run on a subnet different from your existing one?

Also, please share your docker compose or docker run script for starting your Pi-hole Docker container.

system · February 21, 2025, 7:22am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.