Pihole, two interfaces, dhcp on only one interface

The issue I am facing:
I want to be sure that DHCP is completely disabled for the second interface (eth1), so there is no chance that serves ip on that second interface.

Details about my system:
Pihole VM, serving two networks:
192.168.0.0/23 - dhcp and dns
192.168.100.0/23 - only dns

What I have changed since installing Pi-hole:
So far, I just enabled the VM so it loads both interfaces. So far is working as expected but from time to time I'm getting this message:

Jun 22 20:48:01 dnsmasq-dhcp[2014]: no address range available for DHCP request via eth1

So I want 100% sure that through eth1 never hands out ip, because I have another dhcp server there. But it keeps serving dns as it has been doing so far.

Please, help.

As you probably are aware of, Pi-hole's embedded DHCP and DNS server pihole-FTL is an extended tailored version of dnsmasq.

As such, pihole-FTL can be configured in the same way as dnsmasq - as long as your configuration settings won't conflict with Pi-hole's own ones.

You can refer to dnsmasq's documentation for available configuration options as usual, while additional settings specific for pihole-FTL can be configured via pihole-FTL.conf.

In your case, you could create a custom configuration file (e.g. /etc/dnsmasq.d/42-dhcp-extras.conf) with the no-dhcp-interface option:

# exclude eth1 from processing DHCP requests
no-dhcp-interface=eth1

Quoting dnsmasq docs:

-2, --no-dhcp-interface=<interface name>
Do not provide DHCP or TFTP on the specified interface, but do provide DNS service.

You probably should resist the obvious choice of configuring eth1 for DNS services in the same configuration file via an additional interface option:
That will cause aforementioned conflicts with some of Pi-hole's own configuration options as exposed via its Interface settings and may result in unexpected or unwanted behaviour when switching options via Pi-hole's UI.

When done adding options, run a dnsmasq syntax check:

pihole-FTL dnsmasq-test

If ok, restart Pi-hole for the settings to take effect:

pihole restartdns

Maybe this will help? https://discourse.pi-hole.net/t/using-a-raspberry-as-a-linux-router-with-pi-hole/

Well, something weird happened:

DNSMASQ_CONFIG FTL failed to start due to cannot read /etc/dnsmasq.d/42-dhcp-extras.conf.save: Permission denied

I had to delete the /etc/dnsmasq.d/42-dhcp-extras.conf file plus another file called 42-dhcp-extras.conf.save.1 which I supposed dnsmasq made (I was without pihole for like 5min trying to understand what happened XD )

But yeah, apparently for some unknown reason, the main file I made could not be read and when I tried to delete it, it would try to recreate it.

What did I do wrong? I mean, is quite a vanilla Debian 11 VM with just pihole.

For context:

root@Pi-Hole:/home/master# nano /etc/dnsmasq.d/42-dhcp-extras.conf
root@Pi-Hole:/home/master# pihole-FTL dnsmasq-test
dnsmasq: syntax check OK.
root@Pi-Hole:/home/master# pihole restartdns
  [✗] /usr/local/bin/pihole: line 163: service: command not found
root@Pi-Hole:/home/master# su pihole restartdns
This account is currently not available.
root@Pi-Hole:/home/master# sudo pihole restartdns
  [✓] Restarting DNS server
root@Pi-Hole:/home/master# rm /etc/dnsmasq.d/42-dhcp-extras.conf
root@Pi-Hole:/home/master# su pihole restartdns
This account is currently not available.
root@Pi-Hole:/home/master# sudo pihole restartdns
  [✓] Restarting DNS server
root@Pi-Hole:/home/master# sudo pihole restartdns
  [✓] Restarting DNS server
root@Pi-Hole:/home/master# rm /etc/dnsmasq.d/42-dhcp-extras.conf.save
root@Pi-Hole:/home/master# sudo pihole restartdns
  [✓] Restarting DNS server
root@Pi-Hole:/home/master# ls /etc/dnsmasq.d/
01-pihole.conf  02-pihole-dhcp.conf  04-pihole-static-dhcp.conf  06-rfc6761.conf  42-access-point.conf  42-dhcp-extras.conf.save.1
root@Pi-Hole:/home/master# rm 42-dhcp-extras.conf.save.1
rm: cannot remove '42-dhcp-extras.conf.save.1': No such file or directory
root@Pi-Hole:/home/master# rm /etc/dnsmasq.d/42-dhcp-extras.conf.save.1
root@Pi-Hole:/home/master# ls /etc/dnsmasq.d/
01-pihole.conf  02-pihole-dhcp.conf  04-pihole-static-dhcp.conf  06-rfc6761.conf  42-access-point.conf
root@Pi-Hole:/home/master# ls /etc/dnsmasq.d/
01-pihole.conf  02-pihole-dhcp.conf  04-pihole-static-dhcp.conf  06-rfc6761.conf  42-access-point.conf
root@Pi-Hole:/home/master# sudo pihole restartdns
  [✓] Restarting DNS server
root@Pi-Hole:/home/master# ls /etc/dnsmasq.d/
01-pihole.conf  02-pihole-dhcp.conf  04-pihole-static-dhcp.conf  06-rfc6761.conf  42-access-point.conf
root@Pi-Hole:/home/master# ls /etc/dnsmasq.d/
01-pihole.conf  02-pihole-dhcp.conf  04-pihole-static-dhcp.conf  06-rfc6761.conf  42-access-point.conf

The save.1 suffix would suggest some kind of backup, maybe created by your editor.
dnsmasq just reads configuration files - it wouldn't create them, and neither would Pi-hole do so for custom conf file, just for its own ones.

Both of your 42-dhcp-extras.conf as well as your 42-access-point.conf are custom configurations, so they won't be created nor recreated by Pi-hole.

Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

Hi, here's the token link: https://tricorder.pi-hole.net/q5WgKKQW/

But I did not see my error logged there.

Should I retry the config and when it gives the error, generate the debug log? or will this suffice?

Your existing custom configuration 42-access-point.confalready contains the no-dhcp-interface option:

-rw-r--r-- 1 root root 23 Jun 22 21:03 /etc/dnsmasq.d/42-access-point.conf
   no-dhcp-interface=eth1

Oh...

Well, that solves everything then.

But, the thing is that I did not make a custom configuration.

Could, perhaps, the installer detect that I had two interfaces and just enable one of them? By itself.

If so, then, how did it knew which was the primary and the secondary interface?

programming mysteries

Anyways, thank you kindly for your help, and carry on with a good day.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.