Open magnificu opened 11 months ago
Joulinar
commented
11 months ago Hmm maybe for this scenario, it might be best to disable isc-dhcp-server and to reconfigure dnsmasq to serve both interfaces. https://serverfault.com/questions/952220/dnsmasq-on-2-interfaces
MichaIng
commented
11 months ago What a coincidence that I just talked with @StephanStS about this question.
In theory both should work concurrently if the Pi-hole DHCP server is configured to listen on and bind to the Ethernet-side network only, as the isc-dhcp-server is configured to do so on the WiFi network only. But even if it is possible to configure both DHCP server this way, it is somehow unnecessary to run two of them.
We already thought about adding some auto-configuration when having Pi-hole (or AdGuard Home) and the WiFi Hotspot both installed:
isc-dhcp-server to serve Pi-hole/AdGuard Home as DNS server to WiFi DHCP clients. I cannot imagine a case where this is not wanted, when having both installed on the same system?dietpi.txt setting for automation) about this or configure the DHCP server for the WiFi network only. I think with Pi-hole this is possible, but I am not sure whether it can be done via shell commands with AdGuard Home.Just to get all options: Is there a way to configure the Pi-hole DHCP server listen on eth0 only, so that both DHCP server can run concurrently? I am pretty sure that dnsmasq can be manually configured to do so, but not sure about the web UI. Currently it definitely tries to listen on wlan0 as well, which is the main issue here:
DNSMASQ_WARN no address range available for DHCP request via wlan0
magnificu
commented
11 months ago Thank you for the feedback. As a quick and dirty solution I tried to run both dhcp servers concurently: pihole dhcp only for eth0 and isc-dhcp-server only for the wlan0, but since I did not succeed to do that I thought to ask for help.
For the above link I don't understand what ap 0 and ap1 are and how they are related to eth0 and wlan0.
I'm happy to test and give feedback
magnificu
commented
11 months ago update: I did some progress on this topic. The LAN (Pihole + dhcp) works as expected. I can connect on the hotspot without internet connection or access to the LAN IP range. This is the last bit that I have to sort it out.
Hereunder you can see what I did so far. Any help will be much appreciated.
apt remove isc-dhcp-server
nano /etc/dnsmasq.d/02-pihole-dhcp.confdhcp-authoritative
interface=eth0
dhcp-range=192.168.1.2,192.168.1.251,255.255.255.0,24h
dhcp-option=option:router,192.168.1.1
dhcp-leasefile=/etc/pihole/dhcp.leases
domain=lan
local=/lan/
dhcp-rapid-commitcreate a new file
nano /etc/dnsmasq.d/99-access-point.confinterface=wlan0
dhcp-range=192.168.42.2,192.168.42.251,255.255.255.0,24hnano /etc/dhcpcd.confinterface wlan0
static ip_address=192.168.42.1/24nano /etc/hostapd/hostapd.confinterface=wlan0
driver=nl80211
ssid=DietPi-HotSpot
country_code=DE
hw_mode=g
channel=7
wmm_enabled=1
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=dietpihotspot
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMPnano /etc/default/hostapdDAEMON_CONF="/etc/hostapd/hostapd.conf"nano /etc/sysctl.confnet.ipv4.ip_forward=1iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sh -c "iptables-save > /etc/iptables.ipv4.nat"nano /etc/rc.localiptables-restore < /etc/iptables.ipv4.natrebootJust did some testing and most of the steps should not be needed as they are already managed by our hotspot install process. I did it quite simple:
apt purge isc-dhcp-server
apt autoremove
nano /etc/dnsmasq.d/99-dietpi-hotspot.conf
dhcp-range=wlan0,192.168.42.2,192.168.42.251,24h
dhcp-option=wlan0,option:router,192.168.42.1systemctl restart pihole-FTL.serviceResult for wlan0 DHCP request looks like this.
wlan0
root@DietPi4:~# nmap --script broadcast-dhcp-discover -e wlan0
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-17 10:35 CEST
Pre-scan script results:
| broadcast-dhcp-discover:
| Response 1 of 1:
| IP Offered: 192.168.42.251
| DHCP Message Type: DHCPOFFER
| Server Identifier: 192.168.42.1
| IP Address Lease Time: 2m00s
| Renewal Time Value: 1m00s
| Rebinding Time Value: 1m45s
| Subnet Mask: 255.255.255.0
| Broadcast Address: 192.168.42.255
| Domain Name Server: 192.168.42.1
| Domain Name: lan
|_ Router: 192.168.42.1
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 3.83 seconds
root@DietPi4:~#@Joulinar: I did a fresh installation and followed your instructions. I had to edit nano /etc/dnsmasq.d/02-pihole-dhcp.conf and specify the interface, otherwise pihole and dhcp will not work on the local LAN. I just inserted interface=eth0 before dhcp-range=192.168.1.2,192.168.1.251,255.255.255.0,24h
Now it works like a charm.
Thank you so much for your quick an professional feedback.
magnificu
commented
11 months ago After a longer testing it seems that pihole send the following warning: DNSMASQ_WARN Ignoring duplicate dhcp-option 3
According to pihole documentation this means: DHCP options specified more than once are ignored. The corresponding option ID is given by OPTNUM
I checked all the files in etc/dnsmasq.d/ and I could not find any "dhcp-option=" duplicates
MichaIng
commented
11 months ago Comparing your dnsmasq config and Joulinar's:
dhcp-option=option:router,192.168.1.1vs
dhcp-option=wlan0,option:router,192.168.42.1There are sadly no clear per-interface blocks, but probably adding the interface name to this setting allows it to be defined multiple times as it is then valid for the individual interface only? So with Pi-hole + WiFi AP, the two relevant blocks could look like this, assuming that 192.168.1.1 is the Ethernet-side IP:
dhcp-range=eth0,192.168.1.2,192.168.1.251,24h
dhcp-option=eth0,option:router,192.168.1.1dhcp-range=wlan0,192.168.42.2,192.168.42.251,24h
dhcp-option=wlan0,option:router,192.168.42.1Here the manpage: https://manpages.debian.org/dnsmasq#O,
The interface= option needs to be skipped or set to interface=eth0,wlan0, if I understand it correctly, to either listen on all interfaces or limit it to the two used ones explicitly.
Not sure whether the Pi-hole web interface sets conflicting settings by default?
Joulinar
commented
11 months ago Problem or challenge on /etc/dnsmasq.d/02-pihole-dhcp.conf is, it's a dynamic configuration file and can be overwritten by PiHole itself as soon as you change something on the web interface. π€
Not sure if it would make sense to check with PiHole devs if they could add the interface specification by default π
magnificu
commented
11 months ago @MichaIng
I did the update as you proposed and pihole does not send any warning anymore.
dhcp-range=eth0,192.168.1.2,192.168.1.254,255.255.255.0,24h
dhcp-option=eth0,option:router,192.168.1.1
dhcp-leasefile=/etc/pihole/dhcp.leasesJust wondering how can be specified that dhcp-leasefile is applicable only for eth0 ? Maybe not that important since the IP's range is different than wlan0 I tried dhcp-leasefile=eth0,/etc/pihole/dhcp.leases but it is not working
MichaIng
commented
11 months ago Not sure if it would make sense to check with PiHole devs if they could add the interface specification by default π
AFAIK, there are other interface-dependant settings anyway, so at some point during install/configuration Pi-hole scripts need to know the interface name and can then apply it to dnsmasq without downsides. So yeah, sounds like a reasonable idea.
I did the update as you proposed and pihole does not send any warning anymore.
Geeat!
Just wondering how can be specified that dhcp-leasefile is applicable only for eth0 ?
Indeed, according to the manpage the dhcp-leasefile option does not support tags. But AFAIK the way the info is stored, it is not needed, i.e. a single lease file can be used for all leases across multiple interfaces. Naturally different interfaces need to have different IP ranges, if you do not use a bridge (right?).
Joulinar
commented
11 months ago But AFAIK the way the info is stored, it is not needed, i.e. a single lease file can be used for all leases across multiple interfaces.
On my test, I was able to see Hotspot DHCP clients listed within PiHole DHCP overview π€£
magnificu
commented
11 months ago Indeed, according to the manpage the
dhcp-leasefileoption does not support tags. But AFAIK the way the info is stored, it is not needed, i.e. a single lease file can be used for all leases across multiple interfaces. Naturally different interfaces need to have different IP ranges, if you do not use a bridge (right?).
Yes indeed, I do not use a bridge.
MichaIng
commented
11 months ago On my test, I was able to see Hotspot DHCP clients listed within PiHole DHCP overview π€£
But is it a problem? Pi-hole is also used by the WiFi clients. I mean yeah it is probably confusing as/if you can only configure the eth0 side DHCP settings, but it is the same server, so ... π.
Joulinar
commented
11 months ago NΓΆ not a problem at all π
Creating a bug report/issue
Required Information
DietPi version |
cat /boot/dietpi/.versionG_DIETPI_VERSION_CORE=8 G_DIETPI_VERSION_SUB=19 G_DIETPI_VERSION_RC=1 G_GITBRANCH='master' G_GITOWNER='MichaIng' G_LIVE_PATCH_STATUS[0]='applied' G_LIVE_PATCH_STATUS[1]='applied'Distro version |
echo $G_DISTRO_NAME $G_RASPBIANbookworm 0Kernel version |
uname -aLinux DietPi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/LinuxSBC model |
echo $G_HW_MODEL_NAMERPi 4 Model B (aarch64)Power supply used | (EG: 5V 1A RAVpower)
SD card used | (EG: SanDisk ultra)
Steps to reproduce
Expected behaviour
Actual behaviour
Extra details
Pi-hole diagnosis, reports the following: DNSMASQ CONFIG FTL failed to bind DHCP server socket: Address already in use
After reboot Pi-hole diagnosis, reports the following: DNSMASQ_WARN no address range available for DHCP request via wlan0