Run pi-hole on an additional ip

deHakkelaar · June 19, 2017, 11:31pm

I was not able to assign a static IP to an aliased interface using the dhcpcd5 way.
So i devised below making use of the default "source-directory /etc/network/interfaces.d" directive in the interfaces file.
This is just prove of concept/an example as I dont have ipv6 configured at home.
This test Pi only got WiFi so thats why the wlan0:0 (with ip 10.0.0.200).

Create new file:

sudo nano /etc/pihole/pihole-if

Containing below aliased interface with second IP:

auto wlan0:0
iface wlan0:0 inet static
address 10.0.0.200
netmask 255.255.255.0

Symlink it so it gets included with ifup:

sudo ln -s /etc/pihole/pihole-if /etc/network/interfaces.d/

Bring up the new interface:

sudo ifup -v wlan0:0

Reconfigure network for Pi-Hole (the second IP should appear during the wizzard):

pihole -r

Configure lighttpd to listen to the new IP address only:

sudo nano /etc/lighttpd/lighttpd.conf

Add below line:

server.bind = "10.0.0.200"

To listen only to ipv4 requests, find and hash out below line before save/close the file:

# include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port

Reload lighttpd to apply new settings:

sudo service lighttpd reload

Have dnsmasq listen to the new IP by creating below file:

sudo nano /etc/dnsmasq.d/14-pihole-if.conf

Containing:

except-interface=wlan0
except-interface=lo
listen-address=10.0.0.200
#no-dhcp-interface=wlan0
bind-interfaces

Restart dnsmasq to apply new settings:

sudo service dnsmasq restart

This is from before:

pi@raspberrypi:~ $ sudo netstat -nltup | grep 'Proto\|lighttpd\|dnsmasq\|dhcpcd\|pihole-FTL'
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      469/pihole-FTL
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      786/lighttpd
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      8154/dnsmasq
tcp6       0      0 :::80                   :::*                    LISTEN      786/lighttpd
tcp6       0      0 :::53                   :::*                    LISTEN      8154/dnsmasq
udp        0      0 0.0.0.0:53              0.0.0.0:*                           8154/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           8154/dnsmasq
udp        0      0 0.0.0.0:68              0.0.0.0:*                           572/dhcpcd
udp6       0      0 :::53                   :::*                                8154/dnsmasq

And this is after:

pi@raspberrypi:~ $ sudo netstat -nltup | grep 'Proto\|lighttpd\|dnsmasq\|dhcpcd\|pihole-FTL'
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      530/pihole-FTL
tcp        0      0 10.0.0.200:80           0.0.0.0:*               LISTEN      779/lighttpd
tcp        0      0 10.0.0.200:53           0.0.0.0:*               LISTEN      1713/dnsmasq
udp        0      0 10.0.0.200:53           0.0.0.0:*                           1713/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1713/dnsmasq
udp        0      0 0.0.0.0:68              0.0.0.0:*                           692/dhcpcd

The only one I was not able to bind was the dhcp service port 67.