Every month or so all my devices lose internet and the only way to connect them all back is to disconnect them from the DNS server that Pihole is running.
I set my Pihole to have a static IP but for some reason after around a month or maybe longer, it just fails. This has happened 4 times over the last while and the only fix is to essentially uninstall everything on my Pihole, disable it, and then reconfigure it from scratch again.
I’m not sure what’s going on so any help would be appreciated.
One of your biggest problems here is what we call high availability (HA). Your critical services should be HA, which means no single points of failure (SPOF). Your DNS services have a SPOF: your one pi-hole server. For any service to be resilient, it needs to be HA. This means full redundancy for all things in the whole stack that provide the service.
For pihole, this means running a pihole instance on two separate devices, with two separate IP addresses. Your dhcp server will send out two DNS servers with every lease. Most DNS clients will use at least two DNS servers.
If one of the servers goes down, your other, redundant pihole server will continue serving DNS.
This is why, contrary to other recommendations in this thread, I run pihole in docker on regular machines. If one of those machines dies, the other machine will continue serving requests, and it’s easy to launch the docker pihole on another machine and reconfigure my DNS server to hand out the new DNS server address.
That’s a good idea that I hadn’t considered. I’ll see if I can get Pihole running on an old android phone I have lying around.
Edit: I now have PiHole running on an old Pixel 3a and have decommissioned my PiHole docker container on my home server.
My server and a raspberry are running adguard home
Both have autoupdate with autoreboot. If I need to change something, connect, disconnected, everything will continue working
I have a google router and It allows me to enter 2 DNS servers incase the first DNS Server doesnt work.
I run pihole on a proxmox cluster (lxc containers), 2 separate IPs and I setup keepalived and made the virtual IP the primary dns ip that my dhcp server hands out, pihole1 is the master and pihole2 secondary. I use gravity sync to keep both piholes in sync. Works very well and I can reboot one at a time without losing dns at all. Techno tim on YouTube has a guide on how to setup keepalived on 2 pihole servers that helped me set it up.
You should probably also sync them. I use orbital sync for this. https://github.com/mattwebbio/orbital-sync
This is not an answer to the question at all
Yeah it is? There’s a reason your dns confutation has a backup IP address.
That is true. But a simple service like dsn doesn’t go sideways every month usually. If he gets two of these services running, he just had double the trouble.
Do you run your PiHole on top of Docker? There’s an issue with docker and Raspberry Pis which makes the network crap out periodically. So if your PuHole becomes unavailable until you restart your Pi it might be this:
https://github.com/raspberrypi/linux/issues/4092/
Solution is to add “denyinterfaces veth*” to the dhcpd.conf
Oh my gosh. I have been trying to figure this issue out with my docker containers for months. If this is the fix, THANK YOU.
PuHole 🤣
Hahaha! I’m keeping this typo 😂
My first thought on this was immediately “did you also reserve that static IP address on your router to make sure it remains assigned”. From what I’ve read that does seem to be the issue, so that’s a little validating.
I managed to get into my router and my Pihole server shows up as static and I’ve assigned it an address at the higher end of the DHCP range so we’ll see when the lease expire 🤷
As long as the router has the IP explicitly reserved for the device your PiHole is running off of then it won’t be reassigned.
Don’t set the static IP within the DHCP range (well you can, but it then depends on how smart your dhcp server is, just avoid the situation).
You run a risk of the same IP being assigned to another device.
I would HIGHLY recommend that for something as essential as DNS, you should be running it on its own hardware. Considering, as you’ve experienced, that any issues result in a complete loss of normal access to the internet.
You can run pihole on something as small as a Raspberry Pi zero w, then just set it with a static IP and forget about it.
Considering you said you’re currently using WSL I suspect there is an extra layer of networking bullshit that is breaking your routing. If you haven’t already looked at this document, it might have the information you need https://learn.microsoft.com/en-us/windows/wsl/networking#accessing-windows-networking-apps-from-linux-host-ip
But for the sake of stable DNS services you will thank yourself for just getting a dedicated device of any power level to ONLY handle DNS.
I’m very happy with my little PiHole on a Pi Zero 2 W running DietPi, easy set up and then you can just forget about it apart from periodic updates. No issue with it being via WiFi either, which makes placing it much easier.
Where does he mention wsl?
Down in a reply to some other comments https://lemmy.ca/comment/3915756
I am horrified, but equally impressed 😂
First thought: Is your PiHole’s static IP within the range of addresses your DHCP server hands out?
My Pihole lives on my server computer and so the DNS is the same IP address as that computer
Are you assigning the static address on your pi, or are you assigning a static address on the router?
This. I’ve always done dynamic IPs on my devices and set static IPs for them on my router. Never had an issue.
This is the way. Although, to clarify, you should assign static IPs on your DHCP server, which for most SOHO networks, that’s going to be your router.
If you assign statics on your hosts, your DHCP server will assign them the preferred address if available, but if it’s already assigned then the DHCP server is going to give your device the middle finger and assign them whatever the fuck it wants.
Not sure if I’m misunderstanding you, but the router/DHCP server doesn’t assign an IP at all to a host that you’ve assigned statically. Any given host can be statically assigned or use DHCP, not both.
The real problem with statically assigning IPs to hosts, is that your DHCP server won’t know that and could give a new device the same IP address as your statically assigned host, causing an IP conflict, if you statically assigned the host with an IP that’s inside the DHCP scope.
What you have to do is only assign static IPs that are outside the DHCP scope, or set all hosts to use DHCP and then use reservations in your DHCP server to make sure they get the same one each time.
For infrastructure critical services I recommend reservations on the DHCP server and then set static assignment on the device for the IP reserved in DHCP. This way if the device ever fails over to DHCP for any reason the IP will not change. I’ll usually also leave some small address space outside the DHCP scope available for static assignment if needed, usually at the front and usually around 20 IPs max as it’s easier to let DHCP do the heavy lifting.
Static IPs are important on infra critical devices if you ever find yourself in a situation where the DHCP services are not available, you don’t want them to be a single point of failure.
Just my 2 cents.
Probably a bit of both to be honest. Thanks for clarifying.
Your static IP probably isn’t set on the router
I had similar issues when SLAAC wasn’t properly configured for my network. Every however many days my ISP forced a modem reboot and if the delegated prefix happened to change I’d start having pihole problems. I finally tracked that down, made sure SLAAC was working everywhere and assigned my pihole container a SLAAC token so its address relative to everything else on the network didn’t change and I’m good to go. These days the pihole is always …253 and ::253.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT DNS Domain Name Service/System HA Home Assistant automation software ~ High Availability IP Internet Protocol NAS Network-Attached Storage NAT Network Address Translation PiHole Network-wide ad-blocker (DNS sinkhole) RPi Raspberry Pi brand of SBC SBC Single-Board Computer SSD Solid State Drive mass storage SSH Secure Shell for remote terminal access
10 acronyms in this thread; the most compressed thread commented on today has 12 acronyms.
[Thread #209 for this sub, first seen 11th Oct 2023, 11:55] [FAQ] [Full list] [Contact] [Source code]
Taking a look at your Pihole logs is going to be helpful. Also knowing what kind of device is running the Pihole software may also help.
I had Pihole running on a raspberry pi 3 years ago, and I had pretty consistent issues. I’ve run it on other hardware since without a problem.
It could be an issue with the SD card, if you’re using a raspberry pi. I’ve also read that the log file can grow large enough to cause issues with your Pihole instance.
So there are a number of possibilities.
I’ll have to take a peak at the logs. I’ve been running the server nearly headless but with this issue I cannot access my server over my lan so I’m going to have to physically plug a screen and keyboard into it later.
Yep, not having DNS/DHCP is a pain in the ass. When mine went down it would take my network with it because the Pihole was handling both. Expected but also a pain in the ass.
One last piece of advice: Pihole has great support. I’ve gotten a ton of answers and assistance from the Pihole Sub on Reddit. I don’t know if it’s still active since the migration away from Reddit, but you may ask.
I’d rather ask here and start building up the knowledge base off Reddit but you’re right.
I think I know my problem though (something I’m not able to fix aaaaa)
I agree. Unfortunately I don’t think u/jfb-pihole is on Lemmy and they’re one of the devs (I think) for Pihole. Best of luck with your issue!
Not a solution to your current problem, but an alternative to consider depending on your network setup.
I’ve been running unbound as my DNS via OPNSense. Same capabilities for blocklists, plus some nice privacy benefits with DoH/DoT. I think you can use unbound with pihole too, fwiw, i just don’t have a need for that.
Personally I given up on pihole.
it’s just caused too many issues blocking sites that my family were using.
And then even for local DNS use case - I figured it makes no sense for me. I can just configure one of my real sub domains to resolve to local IP and be done with it.No idea what specifically is your issue - but can’t you just connect the pihole to monitor and keyboard and look at the logs?
How do you set the static IP for the pi? From your router’s DHCP server, or from pi’s network configuration?
I haven’t done any research on pi-hole (I use firewalla) but is a raspberry Pi even powerful enough to support a small home network?
What kind of CPU/RAM usage for a your unit normally have?
It’s not that much of a strain since it only handles DNS traffic.
When you go to e.g. programming.dev, you computer needs to know the actual IP and not just domain name so it asks a DNS server and recieves an answer like 172.67.137.159 for example. The pihole will just route the traffic to a real DNS server if it’s a normal website or give a unkown ip kind of answer if it’s a blacklisted domain. Actually transmitting the website which is the bulk of trafic is handled without the piholes involvement.
I give my pihole container about 1GB of RAM and one core and it’s good to go (two cores helps with maintenance tasks though.) An entire RPi just to run pihole is such overkill.
Ya from my research raspberry pi is powerful enough to act as a DNS server for a home. I probs wouldn’t put a 4k plex library on it but it should do the job.
In my case however I’m not running a raspberry pi. I have installed PiOS into Windows using WSL (like a lunatic) in an effort to not reformat my whole server computer and install something more practical (like Ubuntu server).
My RPi4 is running PiHole, mailu and HomeAssisstant, without hickups.
Do you use ethernet to usb adapter?
Built in wifi on the mobo
Yeah…wifi.
Good luck!
