Appreciate any help! I know this must be a simple problem to solve. I've setup PiHoles on Raspberries and Synology NAS (with macvlan) in the past without a problem.
This time I wanted to run my PiHole on an M1 MacMini I have which is on 24/7.
- Static IP on MacMini is 192.168.4.100
- Installed Docker for Silicon
- Installed PiHole using
docker run -d --name pihole -e FTLCONF_LOCAL_IPV4=192.168.4.100 -e TZ=Australia/Melbourne -e WEBPASSWORD=PASSWORD -e DNS1=1.1.1.1 -e DNS2=1.0.0.1 -p 80:80 -p 53:53/tcp -p 53:53/udp -v pihole_app:/etc/pihole -v dns_config:/etc/dnsmasq.d --dns=1.1.1.1 --cap-add=NET_ADMIN --restart=unless-stopped pihole/pihole:latest
- docker ps -a gives "healthy" response
- Can access PiHole web interface at http://localhost/admin/login.php and at http://127.0.0.1/admin/login.php on the MacMini, and at http://192.168.4.100/admin/login.php from other local computers.
Problem:
The problem is that when I set the router DNS to 192.168.4.100, I lose connection to the internet.
Debug token is at https://tricorder.pi-hole.net/LItq0kVo/
Output includes:
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] regboyan.com is 0.0.0.0 on lo (127.0.0.1)
[✓] regboyan.com is 0.0.0.0 on eth0 (172.17.0.2)
which suggested by someone else that the pihole is working within the Docker environment, but not "visible" to the local network. I know this must be a simple problem but I've searched high and low and can't find a fix.
Thank you.
Run from an aspiring client device in your network (not from the machine that runs your dockered Pi-hole), what's the output of:
nslookup flurry.com 192.168.4.100
With the DNS router set to 192.168.4.100 or without?
Doesn't matter - we are querying a DNS server at 192.168.4.100 directly with that nslookup.
;; connection timed out; no servers could be reached
It would seem the DNS requests do not even make it to your Pi-hole container.
Does Pi-hole's diagnosis panel contain some messages after that nslookup?
Also, please verify that your Mac allows inbound DNS requests on ports 53 UDP/TCP, see also Pi-hole's documentation on its required ports.
No new error messages I’m afraid.
Mac firewall is turned off.
But yes someone the queries aren’t getting through to the docker container.
This seems to be an issue with Docker Desktop for Mac (potentially only for some versions), see also cannot use devdns container with 3.2.0; port 53 is in use · Issue #5416 · docker/for-mac · GitHub.
As the linked post suggests, that issue should have been fixed by a new Docker release back then in 2021.
In addition, similar observations seem to have been reported there time and again, see e.g. Port 53 not accessible from host - Docker Desktop for Mac - Docker Community Forums.
You should probably check the Docker version you are running, and you may also consider to seek further advice on this matter in Docker's support forums.
Thanks.
I'm on Docker version 4.24.2 and so most of those posts I've seen but were too old. I guess I was hoping that people here might have tried this same thing as PiHole is fairly unique, but I'll take your advice and try the Docker forums.
Cheers.