Hello,
I installed pi-hole via docker using the following lines:
version: "3"
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
restart: unless-stopped
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
- "3050:80/tcp"
environment:
TZ: 'Europe/Berlin'
WEBPASSWORD: 'Secureyourhome4you'
volumes:
- /home/user1/Extra/docker/pihole/etc-pihole:/etc/pihole
- /home/user1/Extra/docker/pihole/etc-dnsmasq.d:/etc/dnsmasq.d
cap_add:
- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
I don't use pi-hole as my DHCP Server. I have a problem I already found within the github issue report but I am not able to get to the point to understand the reason because I am new in using docker and I am not able to solve the issue.
I often see that the incoming traffic does not use the real ip address of the client but uses the ip address of the docker container 172.22.0.1. This happens for multiple clients in my home network.
Does anyone have an idea to solve the issue (I would also love to get a hint for a website I didn't find) ?
Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
pihole -d
or do it through the Web interface:
Tools > Generate Debug Log
Hello rdwebdesign,
thank you for your feedback.
The Link is:
https://tricorder.pi-hole.net/8Uzi5Krf/
I am able to see the following line:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] www.3g4sex.com is 0.0.0.0 on lo (127.0.0.1)
[✓] www.3g4sex.com is 0.0.0.0 on eth0 (172.22.0.2)
[✓] doubleclick.com is 142.251.36.174 via a remote, public DNS server (8.8.8.8)
The real IP address where the DNS requests are send to is 192.168.5.166. It is the host where the docker container (portainer) is running.
That is your Docker gateway IP for your Docker internal subnet.
In certain network modes, like the default bridge network, Docker will NAT all traffic to its internal subnets through its gateway.
To avoid this, you could consider to switch to another Docker network mode.
Hello Bucking_Horn,
thank you very much for your reply. I added the following line to my docker file:
This means the file is now:
version: "3"
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
restart: unless-stopped
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
- "3050:80/tcp"
environment:
TZ: 'Europe/Berlin'
WEBPASSWORD: 'Secureyourhome4you'
volumes:
- /home/user1/Extra/docker/pihole/etc-pihole:/etc/pihole
- /home/user1/Extra/docker/pihole/etc-dnsmasq.d:/etc/dnsmasq.d
cap_add:
- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
network_mode: host
The docker container starts after recreation but I am not able to connect to the webinterface anymore. Do you have any idea what might be wrong ?
A container in host network mode directly shares the ports of its hosts, i.e. ports mapping isn't applicable in host mode.
Specifically, you cannot use ports to make Pi-hole's web UI accessible via port 3050.
You could consider to move Pi-hole's webserver to listen on a different port instead, by configuring WEB_PORT: 3050 under environment (see also GitHub - pi-hole/docker-pi-hole: Pi-hole in a docker container).
Complementing Bucking_Horn's answer, here is a link to Docker Docs explaining the behavior: