I just changed the folders.. just to make sure.. same results..
I changed routers dns to isp provided.. changed Synology to automatic dns/router. Same results
No luck
BTW it is a pain to do this on the smart phone..lol
He has been unable to get it to even download the initial block lists. Losing all the files inside the mapped folders would not matter as restarting the docker image reinstalls the files when missing as setup through his docker container. If his variables are correct on his initial container setup the only thing he loses it downstream DNS changes as they will default back to google. Any changes to DHCP (which he is not currently using.) Any whitelist/blacklist/regex/blocklists. (Which should not matter as he cant get a fresh install to work.)
You could try a pihole -r to repair but that is not a preferred way to fix a docker image as if the issue is with the configuration it could go back to not working when the docker image is restarted. This is also the reason you dont do a pihole -up in the docker image because when it restarts it reverts to the original installed image.
You are right, you can always restart the conatiner, but deleting these folders will likley render his current instance useless, as you strip Pi-hole from its configuration.
Trying to continue using an instance that has been crippled in that way will make you see errors that normally wouldn't occur.
Apologies if you didn't intend to continue using it after deletion (but why suggest deletion at all then?).
@sebtus:
Anyway, what's the content of /etc/dnsmasq.d/ and /etc/pihole/ in your container ?
Anything resembling the files as described in What files does Pi-hole use?
I have tried it all.. I would like to known if updates don't work do to dns not resolving the domains or file issues.... I'm completely lost...
Im thinking this is a pihole issue more then a docker setup issue if your network configuration is correct.
You are located in the new york time zone correct? I was looking through older posts about this issue and Promofaux helped someone by explaining "Certificate checks can fail if the system time is incorrectā¦ certs are generally valid for a certain period and if your system time is outside of that period then the check will fail!" They fixed the time and everything worked as expected.
Everything looks good regarding folders. Everything is there..
Yes tz is America/new_york
I saw that cert/time issue and I verified my time zone. I did some digging and tried everything i could find regarding Synology/docker..
I don't post untill I am unable to find solution already posted somewhere.
Ok, that one's ruled out then 
I worry a bit about that network part - downloading the lists produces Status: Connection Refused, according to @sebtus' screenshots.
Pi-hole is using HHTP/port 80 to retrieve blocklists.
It is unlikely all target blocklist severs are experiencing overload at the same time.
Connection Refused normally means either nothing is listening on IP address:port you are using, or a firewall is intercepting the connection.
If you are sure it is not a firewall, that message might be related to resolving the blocklists hostnames, which would mean something is not right with Pi-hole's network configuration.
You wouldn't have provided a custom upstream DNS as 8.8.8.8:53, for example ?
If so, change that to 8.8.8.8#53 accordingly.
If I remember correctly pihole verifies DNS before it even tries to download the block lists on start up so you should atleast have DNS resolution.
Do you have the firewall enabled on your synology?
Edit: I guess Buck and I are thinking alike.
1 Like
Indeed:
Configuring and retrieving a correct time would be essential if you had DNSSEC enabled, be it Pi-hole or any additional recursive resolver (like unbound or BIND) as part of the DNS chain running in the same instance.
Check your time if you have DNSSEC enabled.
I have Synology firewall setup for incoming connection nothing going out..
DNSSEC IS OFF. I don't use custom DNS servers. I have tried to use other but no luck either.
Keep in mind that I can ssh into container and dnslookup all domains just fine.
Try disabling the firewall for long enough to test pihole. If it works then we know its blocking the incoming files. You can turn it right back on after.
Already did try it. no luck..
So you can ssh into the container through the macvlan and do nslookups, you can manually add a domain to the block list? Can you go to pihole web UI at pi.hole/admin?
I am not physically on my lan. I use my isp assigned ip to login to my home network. If I use my home ip. Yes I can login to pihole admin.
In addition if I set pihole as my DNS in Synology.. Every time I do nslookup from the container it shows it on query list as good to go. Plus all queryies Synology does show up as well(ip check etc)
Everything is working as it should but the list update.
When I add manually to the block list and try to nslookup that domain it gets blocked and pi query list shows as blocked.
sidenote:
I have another pihole installed on raspberry ( different lan) and it works great.
At some point I'm going to give up on Synology and get another raspberry..... But it bothers me that I can't get it to work.....
Ooook.. it just worked.... I don't know how and what I have changed....... I will investigate... Exciting
Being that you could access everything when on your home network. It is either the firewall on the synology or something in your router. Everything worked but receiving the files when trying to download them.
im not sure what has changed... but it seems to work fine now ... updates work and everything else.
Thank you for you help guys