Pihole v6 DHCP advertises docker IP instead of server IP address to clients

zarp · February 22, 2025, 2:24pm

Hello,

I was very eager to start testing Pihole v6 (thanks for all the work btw!) but unfortunately I'm having a bit of trouble that I cannot seem to be able to fix.

After my upgrade from v5 to v6 everything is now working fine except for the DNS IP that is forwarded to my clients when I activate DHCP.

Pihole now sends the local docker IP address (e.g. 172.31.0.96) which is not accessible to my clients, instead of the server IP (e.g. 192.168.1.25 in my case).

In the previous version of PiHole, I was using the environment variable below to ensure the correct IP adress was advertized:
FTLCONF_LOCAL_IPV4=192.168.1.25

This is not possible anymore in v6. I've been looking into the configutation but cannot find any replacement for this variable...
Can anyone help me with some pointers?

Here's my docker compose config if this helps:

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "192.168.192.45:53:53/tcp"
      - "192.168.192.45:53:53/udp"
    environment:
      TZ: 'Europe/Zurich'
      FTLCONF_webserver_api_password: '1234'
      FTLCONF_dns_listeningMode: 'all'
      FTLCONF_dns_upstreams: '10.2.0.1'
    volumes:
       - './etc-pihole/:/etc/pihole/'
    dns:
      - 127.0.0.1
      - 1.1.1.1
    cap_add:
      - NET_ADMIN
      - SYS_NICE
    restart: unless-stopped
    depends_on:
      - dhcphelper
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.pihole.rule=Host(`pihole.myserver.com`)"
      - "traefik.docker.network=secure-proxy"
      - "traefik.http.services.pihole.loadbalancer.server.port=80"
      - "traefik.http.routers.pihole.tls=true"
      - "traefik.http.routers.pihole.entrypoints=websecure"
    networks:
      secure-proxy:
        ipv4_address: '172.18.0.96'
      backend:
        ipv4_address: '172.31.0.100'

  dhcphelper:
    image: pihole_dhcphelper:latest
    pull_policy: never 
    restart: unless-stopped
    network_mode: "host"
    command: -s 172.31.0.100
    cap_add:
      - NET_ADMIN

networks:
  backend:
    ipam:
      config:
        - subnet: 172.31.0.0/16
    driver_opts:
      com.docker.network.bridge.name: br_pihole
  secure-proxy:
    external: true

thanks!

zarp · February 22, 2025, 3:09pm

OK so apparently, there is a fix which is to create a custom config file in /etc/dnsmasq.d/.
I tried adding the lines:
(in my environment variables):
FTLCONF_misc_etc_dnsmasq_d: 'true'
(in my volumes)
- './etc-dnsmasq.d/:/etc/dnsmasq.d/'

and I created the file /etc/dnsmasq.d/99-custom-dns.conf
with the following content:

dhcp-option=6,192.168.1.25

this then pushes the correct DNS IP to all my clients! However, it also results in a reccurent warning in the Pihole logs:
WARNING: WARNING in dnsmasq core: Ignoring duplicate dhcp-option 6

So there might be some more adjustments needed.

zarp · February 22, 2025, 4:02pm

After more digging and testing, there is the possibility to modify this option also directly from the GUI:

However, the warning remains as it is not possible to remove or overwrite the default line
dhcp-option=option:dns-server,0.0.0.0,0.0.0.0,0.0.0.0
from the file /etc/pihole/dnsmasq.conf using the GUI.

@devs is that something that will be available at some point?

yubiuser · February 22, 2025, 9:39pm

I did a quick test and the line dhcp-option=option:dns-server,0.0.0.0,0.0.0.0,0.0.0.0 was only added when I selected Advertise DNS server multiple times in the web interface. Try to disable this checkbox and load your custom configuration instead.

zarp · February 22, 2025, 9:58pm

Yes you're right, that's the issue!
Thank you so much, it finally works without issues

system · March 15, 2025, 9:59pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.