Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PiHoleDNS in docker causing issues with DNS response times #33

Closed
Jack-Punter opened this issue May 5, 2024 · 10 comments
Closed

PiHoleDNS in docker causing issues with DNS response times #33

Jack-Punter opened this issue May 5, 2024 · 10 comments

Comments

@Jack-Punter
Copy link

I'm trying to use this tool, and also have a custom PiHole DNS server running on my local network in another docker container. My machines all access this dns server on the hosts IP (192.168.0.91) which is also the same machine I'm trying to run this on, however when I set that as my DNS server in DNS_NAMESERVER_4_IP I get a consistent timeout with a response from a docker IP (although interestingly not the IP that portainer lists as pihole's IP. Is there someway this setup can be supported, or something i can do to work around the issue (aside from simply not monitoring my pihole DNS server

The resolution lifetime expired after 5.138 seconds: Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53); Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53); Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53); Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53); Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53); Server Do53:192.168.0.91@53 answered got a response from ('172.21.0.1', 53) instead of ('192.168.0.91', 53)
@securedpackets
Copy link
Contributor

securedpackets commented May 5, 2024 via email

@Jack-Punter
Copy link
Author

Thanks for the quick reply! Other than this minor issue this has worked perfectly, thanks for your work on it. 👍

@plaintextpackets
Copy link
Owner

@Jack-Punter can I get the version of Pihole you're running so I can test it myself

@Jack-Punter
Copy link
Author

Hi I am currently on the following version of Pihole:
Docker Tag 2024.05.0 Pi-hole v5.18.2 FTL v5.25.2 Web Interface v5.21

and the service is defined in a docker compose "stack" in my portainer . the snippet is:

  pihole:
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "8080:80/tcp"
    environment:
      TZ: 'Europe/London'
      WEBPASSWORD: ${PIHOLE_WEB_PASSWORD}
    volumes:
      - pihole:/etc/pihole
      - './etc/dnsmasq.d:/etc/dnsmasq.d'
    restart: unless-stopped

and the pihole volume is defined as an external volume at the bottom:

volumes:
  pihole:
    external: true

@Jack-Punter
Copy link
Author

I'll also add, that this is running in a portainer configured stack and i'm running this as per the readme manually using docker compose up so they're separate if that makes any difference (I'm kinda new to this stuff so idk if this is actually useful information or not)

@plaintextpackets
Copy link
Owner

So to be clear you're configuring "192.168.0.91" as your DNS server right?

@Jack-Punter
Copy link
Author

Ah sorry yes, the server is definitely running on "192.168.0.91" My PC's configuration is here:
image

The server is running PiHole is a VM on a proxmox machine, and is the same VM which is running these containers

@plaintextpackets
Copy link
Owner

Ok I've figured this out. When you are trying to route to the host's IP from within docker, for some reason the return traffic gets NAT'd to the gateway IP of your docker private network, so 192.168.x.x or 172.16.x.x. Unfortunately I think this is a defect in docker, I had this issue crop up on another project.

So what works:

If you specify the gateway of your netprobe-probe container as your DNS server, it will work, as the pihole DNS service is also available on this IP. Procedure:

  1. Stop netprobe but don't wipe it (docker compose down)

  2. Find the gateway IP of your netprobe-probe container:

chocolate@chocolate:/scripts/netprobe_lite$ docker inspect netprobe-probe | grep Gateway
            "Gateway": "",
            "IPv6Gateway": "",
                    "Gateway": "192.168.208.1",
                    "IPv6Gateway": "",
chocolate@chocolate:/scripts/netprobe_lite$

  1. Enter that IP into your .env file

  2. Restart netprobe (docker compose up)

--

I will see if there is another way to hack the network config to stop this behaviour but I think it might be the way it is. I can also manually define the subnet to make it easier but then we hit the conflicts issue.

Let me know if the above works, and I'll adjust the readme

@Jack-Punter
Copy link
Author

This did work, thanks 👍
Docker did assign the stack to a new subnet when bringing it up but taking it down, changing the env and restarting seemed to work.

@plaintextpackets plaintextpackets mentioned this issue May 13, 2024
Open
@plaintextpackets
Copy link
Owner

I'm going to close this issue as I've updated the readme for folks who use Pihole or other DNS servers in Docker

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@securedpackets @Jack-Punter @plaintextpackets