Query on my Setup: Docker on Synology + Merlin Firmware Router

Hey Guys

I am new to Pi-Hole and have few queries.

Setup

1. Docker on Synology NAS (IP say 192.168.1.1): Docker
2. Netgear R7000 Router running ASUSWrt Firmware (IP say 192.168.1.100): Home | Xwrt-Vortex
3. DHCP Setting on the router

11%20am1524×546 40.3 KB

4. Created a file in router at /jffs/configs/dnsmasq.conf.add with the following config

dhcp-option=6,192.168.1.1

5. In my Pi-Hole Config have the following DNS config

02%20am1972×820 117 KB

Setup seems to be working. I can see traffic on Pi-Hole interface and blocks etc..

Queries

1. Is the setup correct? I believe some value should be there in the router DNS Server 1 and DNS Server 2?
2. Is the redirect via the dnsmasq.conf.add file correct or needs to be something better?
3. If Pi-Hole Docker is stopped, everything stops working (nslookup, traceroute, websites)... Is that the intention? I see a risk if NAS / docker shuts down for some reason, the entire internet is dead for local devices.
4. Any other settings I should do for optimal setup?
5. IP Not resolving in GUI: I have another issue.. After first time install and setup everything was fine and device IP's were showing as their DNS names in the Pi-Hole GUI.. But after a docker restart .. it is just showing IP and not name... waited for 6--7 hours (as stated in another thread.. ) but issue persists.. Restarted router and then docker.. but same thing..

Debug Token: 8xur6ay0pm

Thanks

** bump **

Any help guys??

As long as your setup works as you want, there usually isn't anything you need to change.
The DNS server is a critical part of your network infrastructure. Like the router, if it goes down then you need to get it working again or temporarily replace it (switch the DNS settings around to use an external DNS server).

Is the router or Pi-hole the DHCP server?

Router is the DHCP Server.. The very first time name resolution had worked.. never worked since a docker restart

Also should I fill in the DNS 1 and 2 in router so that if PiHole goes does it will go to them? I understand if router goes down even internet won't work.. I am more worried if router is up and for some reason docker freezes or NAS goes down.. I don't want other devices to fail (security cameras / NUC etc)

Any thoughts on the setup guys and the DHCP issue?

so do i just wait for next v4.0 release if there is no fix for my issue?

Run pihole -d for a new debug token. I was on vacation for awhile, and the rest of the team has also been busy working on getting the next update out the door.

If you add another DNS server besides Pi-hole to the list, then clients will use them in whatever order they choose. There is no guaranteed order that they will be used in, besides a preference for the fastest one.

Will do but trying to figure out a different issue atm.. after a firmware upgrade.. when I add dnsmasq.conf.add and forward as said above.. entire internet traffic dies.. becomes a blackhole ... traffic from the same IP (NAS hosted docker) can be seen on Pi-Hole but nothing else reaching it.. traceroute fails as well.. so something has gone wrong .. need to figure it out.. I've had to remove the dnsmasq setting to get internet back on..

@Mcat12 New token ezsyvn7ns0

There is a different issue here.. I did forwarding of DHCP to Pi-Hole.. But then nothing works.. no resolution is happening.. internet dies for us..

Only traffic out is from the NAS (docker hosting Pi-Hole) can be seen..

Please see if u can see if anything is wrong..

Another upload: wafue4pi6o

It totally out of whack.. no idea what is happening.. when i reboot docker.. result is different.. when i reboot router.. result becomes different..

Can you try doing a fresh install? List exactly what you do to set it up.

@Mcat12

Ok.. Latest logs : v3l70snhv3

So

1. I am running pihole as a docker on Synology NAS

2. Using Docker Hub

3. My Docker config is

{
   "cap_add" : null,
   "cap_drop" : null,
   "cmd" : "",
   "cpu_priority" : 50,
   "devices" : null,
   "enable_publish_all_ports" : false,
   "enable_restart_policy" : true,
   "enabled" : false,
   "entrypoint_default" : "/s6-init",
   "env_variables" : [
      {
         "key" : "TZ",
         "value" : "REDACTED"
      },
      {
         "key" : "WEBPASSWORD",
         "value" : "REDACTED"
      },
      {
         "key" : "PATH",
         "value" : "/opt/pihole:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      },
      {
         "key" : "TAG",
         "value" : "debian"
      },
      {
         "key" : "ARCH",
         "value" : "amd64"
      },
      {
         "key" : "setupVars",
         "value" : "/etc/pihole/setupVars.conf"
      },
      {
         "key" : "PIHOLE_INSTALL",
         "value" : "/tmp/ph_install.sh"
      },
      {
         "key" : "S6OVERLAY_RELEASE",
         "value" : "https://github.com/just-containers/s6-overlay/releases/download/v1.21.2.2/s6-overlay-amd64.tar.gz"
      },
      {
         "key" : "PHP_ENV_CONFIG",
         "value" : "/etc/lighttpd/conf-enabled/15-fastcgi-php.conf"
      },
      {
         "key" : "PHP_ERROR_LOG",
         "value" : "/var/log/lighttpd/error.log"
      },
      {
         "key" : "IPv6",
         "value" : "True"
      },
      {
         "key" : "S6_LOGGING",
         "value" : "0"
      },
      {
         "key" : "S6_KEEP_ENV",
         "value" : "1"
      },
      {
         "key" : "S6_BEHAVIOUR_IF_STAGE2_FAILS",
         "value" : "2"
      },
      {
         "key" : "DNSMASQ_LISTENING",
         "value" : "all"
      },
      {
         "key" : "WEB_PORT",
         "value" : "8888"
      },
      {
         "key" : "ServerIP",
         "value" : "192.168.1.1"
      }
   ],
   "exporting" : false,
   "id" : "223951066e0829697b23f4bb2fb047172b67fee98383d259aa82964382a6cd6d",
   "image" : "diginc/pi-hole:latest",
   "is_ddsm" : false,
   "is_package" : false,
   "links" : [],
   "memory_limit" : 0,
   "name" : "Pi-Hole",
   "network" : [
      {
         "driver" : "host",
         "name" : "host"
      }
   ],
   "network_mode" : "host",
   "port_bindings" : [],
   "privileged" : false,
   "shortcut" : {
      "enable_shortcut" : false
   },
   "ulimits" : null,
   "use_host_network" : true,
   "volume_bindings" : [
      {
         "host_volume_file" : "/docker/pihole/dnsmasq.d",
         "mount_point" : "/etc/dnsmasq.d",
         "type" : "rw"
      },
      {
         "host_volume_file" : "/docker/pihole",
         "mount_point" : "/etc/pihole/",
         "type" : "rw"
      }
   ],
   "volumes_from" : null
}

NAS IP is : 192.168.1.1
Router IP is: 192.168.1.100

Router is Netgear R7000 using Merlin firmware. I set the IP for DNS in my router to "192.168.1.1" as mentioned here (using dnsmasq.conf.add). DNS is set to 192.168.1.100 in Pi-Hole as per guide .

Issues

1. When doing this.. Nothing external is resolving via my laptop
2. In Pi-Hole admin only devices showing traffic is NAS

Once these issues are fixed, I can then look into other stuff...

I bet this was working the very first time... don't know what has gone wrong now...

@diginc should take a look at this, since he makes the Docker container and would have better insight.

any help @diginc ?

Thanks

If it worked the first time, it should work a second time if you create a fresh container. Make sure you destroy the old one, pull the latest image, delete your saved volume data to re-seed that data form scratch, and then start up a new container.

yeah I have done that multiple times.. and deleted and redownloaded image as well.. can u see anything wrong in the container config?

@Mcat12 can either of you see anything wrong in the router / pi-hole setup?

I have resetup with new image pull and with ServerIP set as the LAN (NAS) IP

The docker IP is 172.17.0.5

But the admin is showing all traffic from either NAS or 172.17.0.1 (95% of it - so I am guessing all traffic from all devices)

debug token is: c0xtnuxfok

Edit: Sounds exactly like https://github.com/diginc/docker-pi-hole/issues/135

Any solution to this? I bet this was working previously.. just don't know what the difference is this time.. Maybe the network setting between bridge and host has something to do with it..

Ok.. I have tried two setups

1. Docker with net=host and WEB_PORT Set.. This setup shows all individual IP's but there is no internet connection.. going through debug logs has the following

*** [ DIAGNOSING ]: Networking
[✗] No IPv4 address(es) found on the eth0 interface.

[✗] No IPv6 address(es) found on the eth0 interface.

*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is
[✗] lighttpd daemon is
[✗] pihole-FTL daemon is

Debug token is: 64ygebqtz1

2. Docker with ports set (-p) (not as host) .. This shows all traffic as the single 172.17.0.1 IP and external net is available. Errors are

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
   172.17.0.2/16 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)

[✗] No IPv6 address(es) found on the eth0 interface.

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] mmismm.com is 192.168.1.1 via localhost (127.0.0.1)
[✗] Failed to resolve mmismm.com via Pi-hole (192.168.1.1)
[✓] doubleclick.com is 172.217.25.142 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is
[✗] lighttpd daemon is
[✗] pihole-FTL daemon is

*** [ DIAGNOSING ]: Dashboard and block page
[✗] X-Header does not match or could not be retrieved.

[✗] X-Header does not match or could not be retrieved.

Debug Token is: 1zt9jl2pva

I think 1st setup is best as I do want to see individual IP's but that ain't working as well.

@Mcat12 @diginc - Any help with either setup to get them to be nearly as perfect as a Pi setup?

Really love Pi-Hole but don't want to end up buying a Pi just for this and use docker on my NAS if possible.

Any thoughts?

In your router's settings, why don't you just set the DNS1 to Pi-hole's DNS, disable the "advertise router's IP in addition to user-specified DNS" option, and remove the extra dnsmasq dhcp option?