Closed HarvsG closed 2 years ago
When you do this, what is the content of /etc/dnsmasq.d/01-pihole.conf
, /etc/pihole/setupVars.conf
and /etc/resolv.conf
?
From inside the container:
/etc/dnsmasq.d/01-pihole.conf
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Dnsmasq config for Pi-hole's FTLDNS
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
#
#
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf
#
#
#
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE
#
# WITHIN /etc/dnsmasq.d/yourname.conf
#
###############################################################################
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=172.16.251.3#53
server=172.16.251.4#5053
domain-needed
expand-hosts
bogus-priv
interface=eth0
rev-server=192.168.0.1/24,192.168.0.1
server=/lan/192.168.0.1
server=/use-application-dns.net/
/etc/pihole/setupVars.conf
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Dnsmasq config for Pi-hole's FTLDNS
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
#
#
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf
#
#
#
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE
#
# WITHIN /etc/dnsmasq.d/yourname.conf
#
###############################################################################
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=172.16.251.3#53
server=172.16.251.4#5053
domain-needed
expand-hosts
bogus-priv
interface=eth0
rev-server=192.168.0.1/24,192.168.0.1
server=/lan/192.168.0.1
server=/use-application-dns.net/
root@4ebff1d964b7:/# cat /etc/pihole/setupVars.conf
WEBPASSWORD=35570f6d682521e4d5ca54e8f7b05f31fbcc390b9f5270df51e4f69f580ce6a4
LIGHTTPD_ENABLED=
IPV6_ADDRESS=
CONDITIONAL_FORWARDING=
CONDITIONAL_FORWARDING_IP=
CONDITIONAL_FORWARDING_DOMAIN=
CONDITIONAL_FORWARDING_REVERSE=
ADMIN_EMAIL=
WEBUIBOXEDLAYOUT=boxed
WEBTHEME=default-dark
BLOCKING_ENABLED=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
IPV4_ADDRESS=0.0.0.0
PIHOLE_INTERFACE=eth0
QUERY_LOGGING=true
DNSMASQ_LISTENING=single
PIHOLE_DNS_1=172.16.251.3#53
PIHOLE_DNS_2=172.16.251.4#5053
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
REV_SERVER=true
REV_SERVER_CIDR=192.168.0.1/24
REV_SERVER_TARGET=192.168.0.1
REV_SERVER_DOMAIN=lan
/etc/resolv.conf
search vcn.oraclevcn.com
nameserver 127.0.0.11
options edns0 trust-ad ndots:0
Currently all being forwarded to 172.16.251.4#5053
which is set as Custom 2 in the UI
docker-compose.yml
version: "3.7"
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
dns: 127.0.0.1
restart: always
ports:
- 10.10.0.1:53:53/tcp
- 10.10.0.1:53:53/udp
- 10.10.0.1:67:67/udp
- 10.10.0.1:80:80/tcp
- 10.10.0.1:443:443/tcp
environment:
DNS1: 172.16.251.3#53
DNS2: 172.16.251.4#5053
IPv6: "no"
TZ: Europe/London
PROXY_LOCATION: pihole
DNSMASQ_LISTENING: single
cap_add:
- NET_ADMIN
volumes:
- ./etc-pihole/:/etc/pihole/ #use a .env file to set, eg. DOCKER_CONFIGS=/whatever_folder_you_want
- ./etc-dnsmasq.d/:/etc/dnsmasq.d/
networks:
pihole_net:
ipv4_address: 172.16.251.2
unbound:
container_name: unbound
image: mvance/unbound:latest
restart: always
ports:
- 10.10.0.1:5054:53/tcp
- 10.10.0.1:5054:53/udp
volumes:
- ./unbound/:/opt/unbound/etc/unbound
networks:
pihole_net:
ipv4_address: 172.16.251.3
dnscrypt-proxy:
container_name: dnscrypt-proxy
image: klutchell/dnscrypt-proxy:latest
ports:
- 10.10.0.1:5053:5053/tcp
- 10.10.0.1:5053:5053/udp
volumes:
- ./dnscrypt-proxy/:/config/
restart: unless-stopped
networks:
pihole_net:
ipv4_address: 172.16.251.4
networks:
pihole_net:
name: pihole_net
driver: bridge
ipam:
config:
- subnet: 172.16.251.0/24
gateway: 172.16.251.1
To clarify everything was going to 172.16.251.3#53
which was Custom 2 in the UI and then I switched them around
Ah, docker
. @PromoFaux do you know off-hand how DNS1
and DNS2
make it from environment variables to 01-pihole.conf
?
DNS1
and DNS2
are deprecated.. you should be using the PIHOLE_DNS_
variable described in the README. (The DNS1/2
variables still work for now but they could be removed in a future release)
BUT, that all said I don't think this is to do with docker.
You're adding the environment variables, they're going into setupVars.conf
as PIHOLE_DNS_1
and PIHOLE_DNS_2
in that order. This sounds more like something in dnsmasq
/ FTL
. I don't know how the strict-order
thing is supposed to work
@DL6ER - batting the ball back to you πΎπ
I did some tests myself and everything seems to work, all my queries got forwarded to the first server I have defined - with one exception - that was a query from an impatient client that retried a query before the reply from the first server arrived. In this case, dnsmasq
/FTL chose to deviate from strict-order
and decided it would better forward to the second server.
Back to your particular issue - I'll summarize what we have:
docker-compose.yaml
DNS1: 172.16.251.3#53
DNS2: 172.16.251.4#5053
becomes
/etc/pihole/setupVars.conf
PIHOLE_DNS_1=172.16.251.3#53
PIHOLE_DNS_1=172.16.251.4#5053
becomes
/etc/dnsmasq.d/01-pihole.conf
server=172.16.251.3#53
server=172.16.251.4#5053
However, FTL is still sending everything to 172.16.251.4#5053
even though this is the second DNS server and strict-order
is given in another file that is always present in the container.
@HarvsG Is this correct?
Can your provide the output of the command
grep "using nameserver" /var/log/pihole.log
from inside your container?
Your summary was correct
grep "using nameserver" /var/log/pihole.log
returned nothing
This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.
Versions
Platform
Expected behavior
It would make more sense for Custom 1 to be queried before Custom 2 A clear and concise description of what you expected to happen.
Actual behavior / bug
The reverse happens A clear and concise description of what the bug is.
Steps to reproduce
Steps to reproduce the behavior:
Set 2 custom DNS servers in etc/pihole
echo "strict-order" > 09-strict-order.conf
and restart pihole Look at the logs and then all will be forwarded to Custom 2