I’m about to throw my entire Pihole out the window
I’m about to throw my entire Pihole out the window
Every month or so all my devices lose internet and the only way to connect them all back is to disconnect them from the DNS server that Pihole is running.
I set my Pihole to have a static IP but for some reason after around a month or maybe longer, it just fails. This has happened 4 times over the last while and the only fix is to essentially uninstall everything on my Pihole, disable it, and then reconfigure it from scratch again.
I’m not sure what’s going on so any help would be appreciated.
If you can't access your server and your router's web interface, that's a subnetting/DHCP allocation issue. Nothing to do with Pi-Hole.
For reference, there's 2 ways to allocate static addresses to devices:
- Define DHCP range, and configure the application to use a static address outside of the allocation pool.
- Give out static addresses by MAC.
"Skill issue bro" /s
Definitely a skill issue haha. I’m brand new to this stuff so I’m trying to learn as fast as possible. Appreciate the help and the explanations!
First thought: Is your PiHole's static IP within the range of addresses your DHCP server hands out?
My Pihole lives on my server computer and so the DNS is the same IP address as that computer
Irrelevant, unless your pihole is running on your DHCP server. Does the server running pihole have a statically assigned IP that is within the DHCP range being assigned to other devices?
Static addresses should be outside of your DHCP range, ideally. If you can’t change the range, and assuming sequential handouts of IPs from your router among other things, you can try setting the server’s static IP to a bigger number.
Do you run your PiHole on top of Docker? There's an issue with docker and Raspberry Pis which makes the network crap out periodically. So if your PuHole becomes unavailable until you restart your Pi it might be this:
https://github.com/raspberrypi/linux/issues/4092/
Solution is to add "denyinterfaces veth*" to the dhcpd.conf
Oh my gosh. I have been trying to figure this issue out with my docker containers for months. If this is the fix, THANK YOU.
I have had this issue for about a year, while trying different monitoring and logging solutions to try and find out what's going on.
This was such a bitch! Now I'm spreading the word, so that other won't suffer as long as I have.
PuHole 🤣
Hahaha! I'm keeping this typo 😂
My first thought on this was immediately "did you also reserve that static IP address on your router to make sure it remains assigned". From what I've read that does seem to be the issue, so that's a little validating.
I managed to get into my router and my Pihole server shows up as static and I’ve assigned it an address at the higher end of the DHCP range so we’ll see when the lease expire 🤷
Don't set the static IP within the DHCP range (well you can, but it then depends on how smart your dhcp server is, just avoid the situation).
You run a risk of the same IP being assigned to another device.
As long as the router has the IP explicitly reserved for the device your PiHole is running off of then it won't be reassigned.
Are you assigning the static address on your pi, or are you assigning a static address on the router?
This. I’ve always done dynamic IPs on my devices and set static IPs for them on my router. Never had an issue.
This is the way. Although, to clarify, you should assign static IPs on your DHCP server, which for most SOHO networks, that's going to be your router.
If you assign statics on your hosts, your DHCP server will assign them the preferred address if available, but if it's already assigned then the DHCP server is going to give your device the middle finger and assign them whatever the fuck it wants.
Taking a look at your Pihole logs is going to be helpful. Also knowing what kind of device is running the Pihole software may also help.
I had Pihole running on a raspberry pi 3 years ago, and I had pretty consistent issues. I've run it on other hardware since without a problem.
It could be an issue with the SD card, if you're using a raspberry pi. I've also read that the log file can grow large enough to cause issues with your Pihole instance.
So there are a number of possibilities.
I’ll have to take a peak at the logs. I’ve been running the server nearly headless but with this issue I cannot access my server over my lan so I’m going to have to physically plug a screen and keyboard into it later.
Yep, not having DNS/DHCP is a pain in the ass. When mine went down it would take my network with it because the Pihole was handling both. Expected but also a pain in the ass.
I would HIGHLY recommend that for something as essential as DNS, you should be running it on its own hardware. Considering, as you’ve experienced, that any issues result in a complete loss of normal access to the internet.
You can run pihole on something as small as a Raspberry Pi zero w, then just set it with a static IP and forget about it.
Considering you said you’re currently using WSL I suspect there is an extra layer of networking bullshit that is breaking your routing. If you haven’t already looked at this document, it might have the information you need https://learn.microsoft.com/en-us/windows/wsl/networking#accessing-windows-networking-apps-from-linux-host-ip
But for the sake of stable DNS services you will thank yourself for just getting a dedicated device of any power level to ONLY handle DNS.
I'm very happy with my little PiHole on a Pi Zero 2 W running DietPi, easy set up and then you can just forget about it apart from periodic updates. No issue with it being via WiFi either, which makes placing it much easier.
Where does he mention wsl?
Down in a reply to some other comments https://lemmy.ca/comment/3915756
I am horrified, but equally impressed 😂
Your static IP probably isn't set on the router
I had similar issues when SLAAC wasn't properly configured for my network. Every however many days my ISP forced a modem reboot and if the delegated prefix happened to change I'd start having pihole problems. I finally tracked that down, made sure SLAAC was working everywhere and assigned my pihole container a SLAAC token so its address relative to everything else on the network didn't change and I'm good to go. These days the pihole is always ...253 and ::253.
For those that don't know SLAAC is the "new DHCP" IPv6, I had to remember what it was.
Yeah, SLAAC is stateless autoconfig for ipv6. It's a little like DHCP in that the client gets an address automatically but it's handled by the client machine rather than having a DHCP server running.
SLAAC capable machines give themselves an address based on the ipv6 prefix advertised on the network then do a duplicate address check with all of the other devices to make sure they're unique and away you go. There's no central tracking of all dynamic addresses on the network segment, hence the stateless part of the name, but you can poll them with a neighbor request or broadcast ping when you want to see what's there. The benefit is that basically everything you plug into your network probably supports SLAAC out of the box without needing to run server software anywhere to delegate addresses so new v6 clients just work without specific configuration.
If the client supports it you can specify a SLAAC token that the machine will combine with the advertised network prefix rather than generating its own, which is how I have pihole showing up at ::253 as well as its DHCPv4 assigned ...253. It's a convenient configuration.
I'd ignored SLAAC the first time around and given everything static v6 addresses without realizing that my provider would periodically change my prefix. That was fun to untangle, things worked if they made v4 requests but failed over v6 whenever my prefix changed so the failure mode appeared to be somewhat random depending on whether the service or application supported dual stack and was trying to connect over broken v6. Fun times.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT DNS Domain Name Service/System HA Home Assistant automation software ~ High Availability IP Internet Protocol NAS Network-Attached Storage NAT Network Address Translation PiHole Network-wide ad-blocker (DNS sinkhole) RPi Raspberry Pi brand of SBC SBC Single-Board Computer SSD Solid State Drive mass storage SSH Secure Shell for remote terminal access
10 acronyms in this thread; the most compressed thread commented on today has 12 acronyms.
[Thread #209 for this sub, first seen 11th Oct 2023, 11:55] [FAQ] [Full list] [Contact] [Source code]
I haven't done any research on pi-hole (I use firewalla) but is a raspberry Pi even powerful enough to support a small home network?
What kind of CPU/RAM usage for a your unit normally have?
My RPi4 is running PiHole, mailu and HomeAssisstant, without hickups.
Clue in name.
Ya from my research raspberry pi is powerful enough to act as a DNS server for a home. I probs wouldn’t put a 4k plex library on it but it should do the job.
In my case however I’m not running a raspberry pi. I have installed PiOS into Windows using WSL (like a lunatic) in an effort to not reformat my whole server computer and install something more practical (like Ubuntu server).
Just fyi you can install pihole on a barebones Debian system too. Mine is running in a Debian 11 vm on my threadeipper proxmox hypervisor. Only gave it 2 cores and 2gb ram and it’s basically transparent to my devices, performance wise. DNS is very light.
I give my pihole container about 1GB of RAM and one core and it's good to go (two cores helps with maintenance tasks though.) An entire RPi just to run pihole is such overkill.
It's not that much of a strain since it only handles DNS traffic.
When you go to e.g. programming.dev, you computer needs to know the actual IP and not just domain name so it asks a DNS server and recieves an answer like 172.67.137.159 for example. The pihole will just route the traffic to a real DNS server if it's a normal website or give a unkown ip kind of answer if it's a blacklisted domain. Actually transmitting the website which is the bulk of trafic is handled without the piholes involvement.
Give an alternative a go, see if you have better luck. There's adguard home, blocky, and Technitium DNS for you to consider.
Alternatively, the window trick should work.
I had reliability issues with PiHole and moved to AdGuardHome a couple of years ago. It has never, ever crashed and the updates takes a couple of seconds. It rocks.
How do you set the static IP for the pi? From your router's DHCP server, or from pi's network configuration?
I set it directly on the computer hosting Pi since my router doesn’t let me log into it.
There is a chance that the dhcp server on your router actually hand out the same ip address to other client, causing the pi to become inaccessible due to ip address conflict. Assigning the static ip address from the router will prevent this issue.
If your router is from your ISP, maybe you can ask them to give you access to the lan configuration options. ISP routers usually have two accounts, the full admin account which usually aren't handed out to their subscribers, and a user account that would let their subscriber configure various lan settings.
I have a 5G CGNAT ISP router, but distanced myself from it by adding my own full access router connected via a LAN cable to my ISP one and using its wifi instead of the ISP's wifi. This prevents the ISP router from stealing IP addresses (it can literally do whatever it wants to its IP ranges as long as it feeds internet through the LAN cable), and gives me full control over local network IP addresses (as I also am not provided any login to the ISP router).
Might be an extra NAT, but that kinda becomes moot being behind CGNAT that can't open external ports anyway.
Not a solution to your current problem, but an alternative to consider depending on your network setup.
I've been running unbound as my DNS via OPNSense. Same capabilities for blocklists, plus some nice privacy benefits with DoH/DoT. I think you can use unbound with pihole too, fwiw, i just don't have a need for that.
I have up on Pihole a long time ago because of constant issues. Went with self hosted AdGuard and haven't had a single issue since.