PiHole DHCP has wrong dhcp-option=option:dns-server

[electricbrain-code]

I'm running docker.io/pihole/pihole:4.2.2_armhf. Devices using dhcp receive the container's IP address and the DNS host. I am not using --net=host. A working config is described here: http://www.electricbrain.com.au/pages/desktop-datacenter-software/pi-hole-docker.php

This is a...

• [X] Request for a new or modified feature
• [ ] Issue trying to run the docker image
• [ ] Issue trying to build / test / develop the docker image

Description

The web interface needs to include an option to use the host's IP address for DHCP option dns-server.

Expected Behavior

DHCP Clients should get the host's address returned for DNS server (not the container's)

Actual Behavior

All requests receive the container's IP address (which can be the hosts if --net=host is used).

Possible Fix

Work-around is to add entry to 02-pihole-dhcp.conf and then use: chattr +i 02-pihole-dhcp.conf to prevent the web interface from making changes.

Steps to Reproduce and debugging done

e.g. your docker run command, pages to visit, CLI commands you ran

1. Start container without --net-host.
2. From client check resolv.conf for the DNS server's ip address

Debug steps I have tried

• [ ] I have tried destroying my container instance, pulling the newest image version, and re-creating a new container
• [ ] I have tried running the nearly stock docker run example in the readme (removing any customizations I added)
• [ ] I have tried running without my volume data mounts to eliminate volumes as the cause
• [ ] I have searched this repository for existing issues and pull requests that look similar

Context and extra information

PiHole container is running fine with the workaround. It uses standard networking now and does not require --net=host. It might even work with zero additional privileges. Note: dhcrelay is essential.

Your Environment

• Docker Host Operating System and OS Version:
• Docker Version:
• Hardware architecture:

[zurajm]

I have exactly the same issue. @melbcycle what exactly you're using in 02-pihole-dhcp.conf as workaround?

[zurajm]

The simple fix seems to be to create a new config file, for instance 03-pihole-dhcp-dns-fix.conf in the folder that is mapped to /etc/dnsmasq.d folder in the container with this content (adopt IP to your needs): dhcp-option=option:dns-server,<your host IP>

[diginc]

Thanks for re-explaining, this makes more sense now. Sounds like a legitimate bug.

MACVLAN/Host are the work around for now until a fix can be added. This might require non-docker repository changes to make that configurable.

[zurajm]

Maybe, for starters, just make dnsmaq dhcp config honor the ServerIP: variable which should hold docker host IP address anyway. This may not need upstream changes to non-docker container.

[diginc]

Clobbering pre existing settings and overwriting configuration methods is OK when you're a 3rd party project but we can do things better than that. I don't have time to nail down a fix right now but some relevant upstream lines of code are here:

• https://github.com/pi-hole/AdminLTE/blob/347994db169eb486954cbcff6f62955c77c1db4a/scripts/pi-hole/php/savesettings.php#L654
• https://github.com/pi-hole/pi-hole/blob/995ee41d6bc3a405a0402745b24140ca08c148f3/advanced/Scripts/webpage.sh#L356

Edit: perhaps just set DHCP_ROUTER in setup vars?

[electricbrain-code]

Hi, in reply to what exactly was the workaround, I tried to document everything on these pages: http://www.electricbrain.com.au/pages/desktop-datacenter-software/pi-hole-docker.php

http://www.electricbrain.com.au/pages/desktop-datacenter-software/dnscryptvpnpihole.php

Hope this helps. PhillB

Sent from my iPhoneX http://www.electricbrain.com.au/

On 15 Apr 2019, at 5:05 pm, zurajm notifications@github.com wrote:

I have exactly the same issue. @melbcycle what exactly you're using in 02-pihole-dhcp.conf as workaround?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[pralor-bot]

This issue has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/docker-incorrect-dns-address-being-sent-to-dhcp-clients/34468/2

[darryllee]

Thanks for the fixes here. Minor point of clarification. For an IPv4 DNS Server option, you want: dhcp-option=6,<your pihole IPv4 address>,8.8.8.8,8.8.4.4

(Threw in some Google DNS servers there for backups.)

What's in there now is the option for IPv6 DHCP options: dhcp-option=option6:dns-server,[::]

(It is odd that's hard-coded. I believe it's pulling [::] from /etc/resolv.conf? When I enabled the pihole's DHCP, it started handing out my router's IPv6 address as the DNS server.)

So when I tried to replace [::] with my pihole's IPv4 address, FTL failed to startup with this error in /var/log/syslog

Sep 13 16:31:06 raspberrypi pihole-FTL[29460]: dnsmasq: bad IPv6 address at line 1 of /etc/dnsmasq.d/03-pihole-dhcp-dns-fix.conf

[evilhamsterman]

@darryllee I know it's an old post but in case anyone else comes around. The reason you got that error message is dhcp-option=6 is not the same as dhcp-option=option6:dns-server. The first is setting DHCPv4 (for IPv4 addresses) option number 6 which is for the dns server. The second is using the human readable name for the same thing for DHCPv6 (for IPv6 addresses) which will fail if you give it an IPv4 address.

If you aren't using IPv6 you can delete the dhcp-option=option6:dns-server. If you want you can replace dhcp-option=6 with the IPv4 human readable version dhcp-option=option:dns-server

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.