Wifi hotspot not suppling ip & kills FTLDNS

Help Community Help
51

Ah yes you are right, this is only effective for dnsmasq as own local resolver.

I did some testing now:

  • NetworkManager has no builtin dnsmasq but pulls in the dnsmasq-base package (core/binaries only) as recommendation and executes it automatically when starting any kind of shared connection, including the WiFi hotspot. I am able to replicate it with a shared Ethernet connection here. With this package removed, the shared connection fails:
    start sharing failed: could not start dnsmasq due to Could not find "dnsmasq" binary
  • It however explicitly sets --conf-file=/dev/null ... --conf-dir=/etc/NetworkManager/dnsmasq-shared.d so that none of the default config files or directories is used. It can be easily verified by adding some random invalid characters to /etc/dnsmasq.conf and /etc/dnsmasq.d/01-pihole.conf which makes pihole-FTL and dnsmasq commands both fail and throw a related error "dnsmasq: bad option at line 21 of /etc/dnsmasq.d/01-pihole.conf" while the instance started by NetworkManager starts and runs successfully as expected.
  • /etc/NetworkManager/dnsmasq.d/ is used for the processing mode dnsmasq, hence when using dns=dnsmasq, but is not relevant for the hotspot.

So there is no issue with overlapping configuration files. NetMan uses dnsmasq not only as DNS server but also as DHCP server. It is however trivial to disable the DNS server part:

echo 'port=0' > /etc/NetworkManager/dnsmasq-shared.d/disable-dns.conf

You can specify the alternative DNS server passed to DHCP clients (not sure what is default here when the internal one is disabled) by additionally adding:

dhcp-option=6, x.x.x.x[, y.y.y.y]

This can be Pi-hole, but you may need to allow requests from all origins in Pi-hole first, if the hotspot is a different subnet.

I could neither find a way to disable dnsmasq's DHCP server completely (unsetting the --dhcp-range command line option used by NetMan), nor preventing NetMan from starting dnsmasq at all, so it keeps blocking UDP port 67 and hence Pi-hole cannot be used as DHCP server. There is an option to prevent dnsmasq from listening on a particular interface, but it keeps binding to the port:

no-dhcp-interface=wlan0