Talk:Pi-hole

From ArchWiki

DHCP not working

After several hours battling this, I came to the conclusion that pi-hole-serverAUR 5.15.5-1 has problems with the DHCP server, and is not working at all.

Diagnostic

Weird permissions on /etc/dnsmasq.d/

Upon installing pihole-FTL, /etc/dnsmasq.d/ get the following files:

 jorge in 🌐 hp-laptop-server in /etc/dnsmasq.d🔒
 ❯ ls -lFgh
 Permissions Size User Group Date Modified Name
 .rw-r--r--  2,3k root root   8 mar 03:25   01-pihole.conf
 .rw-r--r--  2,2k root root   5 mar 01:41   06-rfc6761.conf

However, if you try to add an static DHCP entry in your pihole configuration, the web interface greets you with an error because the file used to store this data does not exist and is not allowed to be accessed by pihole from the web interface. But once you touch it, you need to change its permissions to user pihole, group pihole otherwise dnsmasq won't be able to read-write the file:

cat /run/log/pihole-ftl/pihole-FTL.log
# ...
[2023-03-08 00:32:00.230 13042M] FATAL ERROR in dnsmasq core: cannot read /etc/dnsmasq.d//04-pihole-static-dhcp.conf: Permission denied

Thus, you end with something like this:

 jorge in 🌐 hp-laptop-server in /etc/dnsmasq.d🔒
 ❯ ls -lFgh
 Permissions Size User   Group  Date Modified Name
 .rw-r--r--  2,3k root   root    8 mar 03:25   01-pihole.conf
 .rw-------    97 pihole pihole  8 mar 14:17   04-pihole-static-dhcp.conf
 .rw-r--r--  2,2k root   root    5 mar 01:41   06-rfc6761.conf

And still, somehow the entries won't show on the web interface, Showing 0 to 0 of 0 entries

Firewall seems fine

Probably the firewall configuration of the machine is doing something that blocks the DHCP server from working, I got this with ufw and ports 67 UDP and 68 UDP are open :

sudo ufw status verbose
Status: active
Logging: on (full)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
Anywhere                   ALLOW IN    192.168.1.0/24
22                         LIMIT IN    Anywhere
53 (DNS)                   ALLOW IN    Anywhere
80,443/tcp (WWW Full)      ALLOW IN    Anywhere
67/udp                     ALLOW IN    Anywhere
68/udp                     ALLOW IN    Anywhere
22 (v6)                    LIMIT IN    Anywhere (v6)
53 (DNS (v6))              ALLOW IN    Anywhere (v6)
80,443/tcp (WWW Full (v6)) ALLOW IN    Anywhere (v6)
67/udp (v6)                ALLOW IN    Anywhere (v6)
68/udp (v6)                ALLOW IN    Anywhere (v6)

Broadcast seems fine

I ran nmap -sP 192.168.1.0/24 in my personal computer and on the "laptop server" and I got 5 hosts up for my personal computer and 4 hosts up for the "laptop server".

There is no DHCP server anywhere in my network

I ask Chat GPT for a nmap command to check for DHCP servers in my network, I got something useless, so I had to improvise a bit and came up with this:

sudo nmap -sU -p 67 --script=dhcp-discover 192.168.1.0/24
Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-08 14:43 CST
Nmap scan report for 192.168.1.1
Host is up (0.00033s latency).

PORT   STATE  SERVICE
67/udp closed dhcps
MAC Address: 64:58:AD:88:44:DB (China Mobile IOT Company Limited)

Nmap scan report for pi.hole (192.168.1.2)
Host is up (0.0012s latency).

PORT   STATE  SERVICE
67/udp closed dhcps
MAC Address: 78:E3:B5:60:7F:76 (Hewlett Packard)

Nmap scan report for 192.168.1.20
Host is up (0.0070s latency).

PORT   STATE  SERVICE
67/udp closed dhcps
MAC Address: 42:49:AB:C5:15:95 (Unknown)

Nmap scan report for 192.168.1.10
Host is up (0.000052s latency).

PORT   STATE  SERVICE
67/udp closed dhcps

Nmap done: 256 IP addresses (4 hosts up) scanned in 3.07 seconds

"Hewlett Packard" is the "laptop server" in question, nothing seems listening on port 67 even thought pihole-FTL is up and running and its DHCP server option is turned on:

cat /etc/pihole/setupVars.conf
PIHOLE_INTERFACE=eno1
IPV4_ADDRESS=192.168.1.2/16
IPV6_ADDRESS=
INSTALL_WEB_INTERFACE=true
QUERY_LOGGING=true
BLOCKING_ENABLED=true
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
REV_SERVER=false
DNSMASQ_LISTENING=all
WEBUIBOXEDLAYOUT=boxed
WEBTHEME=default-dark
DHCP_ACTIVE=true
DHCP_START=192.168.1.4
DHCP_END=192.168.1.254
DHCP_ROUTER=192.168.1.1
DHCP_LEASETIME=12
PIHOLE_DOMAIN=lan
DHCP_IPv6=true
DHCP_rapid_commit=true
WEBPASSWORD=
TEMPERATUREUNIT=C
REV_SERVER_CIDR=192.168.0.0/16
REV_SERVER_TARGET=192.168.1.2
REV_SERVER_DOMAIN=
PIHOLE_DNS_1=4.2.2.1
PIHOLE_DNS_2=4.2.2.2
PIHOLE_DNS_3=84.200.69.80
PIHOLE_DNS_4=84.200.70.40
PIHOLE_DNS_5=2001:1608:10:25:0:0:1c04:b12f
PIHOLE_DNS_6=2001:1608:10:25:0:0:9249:d69b
PIHOLE_DNS_7=1.1.1.1
PIHOLE_DNS_8=1.0.0.1
PIHOLE_DNS_9=2606:4700:4700::1111
PIHOLE_DNS_10=2606:4700:4700::1001
sudo systemctl status pihole-FTL.service
● pihole-FTL.service - Pi-hole FTLDNS engine
      Loaded: loaded (/usr/lib/systemd/system/pihole-FTL.service; enabled; preset: disabled)
      Active: active (running) since Wed 2023-03-08 14:16:12 CST; 32min ago
     Process: 53377 ExecStartPre=/usr/bin/chown -R pihole:pihole /etc/pihole (code=exited, status=0/SUCCESS)
     Process: 53378 ExecStartPre=/usr/bin/chown root:root /etc/pihole/logrotate (code=exited, status=0/SUCCESS)
     Process: 53379 ExecStartPre=/usr/bin/sh -c /usr/bin/rm -f /dev/shm/FTL-* (code=exited, status=0/SUCCESS)
    Main PID: 53380 (pihole-FTL)
       Tasks: 19 (limit: 4598)
      Memory: 7.4M
         CPU: 2.577s
      CGroup: /system.slice/pihole-FTL.service
              └─53380 /usr/bin/pihole-FTL no-daemon

Pihole won't respond to any DHCP inquire

I installed dhcping and tested for the last time if Pihole was responding to any DHCP inquire at all, unsurprisingly it is not:

sudo dhcping -c 192.168.1.10 \
∙ -s 192.168.1.2 \
∙ -h 04:d9:f5:7d:50:2a
no answer

In short...

DHCP in pihole-FTL is not working as expected.