**VIDEO GUIDE** How to setup up a Pihole docker container for network wide adblocking **

[SpaceInvaderOne]

Hi Guys. After many requests I have made a tutorial for setting up a docker container for pi-hole. This gives us network wide adblocking. Hope you find it useful

 

 

 

[1812]

First off, this looks awesome. I set it up as shown in the video (I believe), and the pi-hole dashboard shows it is routing dns quarries from my pfsense vm to pi-hole, but not blocking anything. I even added the same single block list like you did. But when I go to the same Forbes site, it still shows ads. Any ideas what I did wrong?

 

----

 

edit:

 

Figured it out- needed to force DHCP renew on clients to get the new DNS server entry.  After that, works like a charm!

 

 

 

 

Edited March 26, 2018 by 1812

[hawihoney]

Thanks for posting. I can't see custom br0 on my docker details - it's custom eth0 only.

 

What do I need to do?

 

[bonienl]

30 minutes ago, hawihoney said:

Thanks for posting. I can't see custom br0 on my docker details - it's custom eth0 only.

 

What do I need to do?

 

 

Change your network setting for eth0 to use bridge function.

[bonienl]

Excellent video. Thanks gridrunner!

 

Personally I would set static network entries for unRAID itself and not rely on DHCP to avoid catch-22 situations.

Specifically leave the DNS entry for unRAID to its "normal" setting and not pointing to pi-hole. This ensures unRAID can keep on communicating with the Internet regardless of the state of pi-hole.

[SpaceInvaderOne]

On 3/26/2018 at 2:25 PM, bonienl said:

Excellent video. Thanks gridrunner!

 

Personally I would set static network entries for unRAID itself and not rely on DHCP to avoid catch-22 situations.

Specifically leave the DNS entry for unRAID to its "normal" setting and not pointing to pi-hole. This ensures unRAID can keep on communicating with the Internet regardless of the state of pi-hole.

Yeah thanks Bonienl. I didnt think to mention that.

[ijuarez]

2 minutes ago, gridrunner said:

Yeah thanks Bonienl. I didnt think to mention that.

 

Yep learn that the hard way but its an easy fix.

 

[minuzle]

I get connection refused every time I run the block lists update.  I'm running unraid 6.5 and have PiHole running on it's own IP.  I've forwarded my dhcp servers DNS ip to the PiHole ip.  Everything seems to be functioning except it isn't blocking anything.

 

Thoughts?

[sadkisson]

I get connection refused every time I run the block lists update.  I'm running unraid 6.5 and have PiHole running on it's own IP.  I've forwarded my dhcp servers DNS ip to the PiHole ip.  Everything seems to be functioning except it isn't blocking anything.  

Thoughts?

 

 

 It shows 0 domains on the block list. It is failing when downloading the lists it seems.

 

 

Do you have the dns entry in the extra cmd as seen in the picture?

 

[minuzle]

Well I'm not sure what changed but I tried changing the Extra Parameters to what yours says because mine is defaulted to 

 

--cap-add=NET_ADMIN

 

It didn't work so I upgraded to rc3 from rc2 on 6.5.1 did a clean boot and  when I went to go login to the PiHole admin page it listed domains in the blocklist.  I'm not sure what it was as I rebooted my server many times yesterday but I appreciate your effort.

 

Thanks

[bertrandr]

Fantastic work! 

Followed instructions to a "T" and now my moderate home network is add free!!!

 

Thank you,

 

BR

[Brettv]

I went to set this up, but dont have Custom br0 in my network type on the docker image page. 

I have a supermicro board with bonding enabled. Here are screen shots of my settings. I also have 2 Ubuntu VMs running. 

 

Any suggestions on what i need to configure?

 

 

[ijuarez]

So i had the unfortunate problem that when i rebooted my unraid because my docker page was not displaying, the webui did not load and stated bad gateway.

Posted for help then found spants post on pi-hole and read where another user had the same bad gateway issues and explained that its because this also runs on port 80 and therefore you get the error page.

 

looking at the setup changing the host ports would fix this problem?

[digiblur]

So i had the unfortunate problem that when i rebooted my unraid because my docker page was not displaying, the webui did not load and stated bad gateway.
Posted for help then found spants post on pi-hole and read where another user had the same bad gateway issues and explained that its because this also runs on port 80 and therefore you get the error page.
 
looking at the setup changing the host ports would fix this problem?

I believe the video states to put this on another IP address so you won't have this port 80 conflict issue.

[ijuarez]

I did thru br0

 

Once I killed docker and reboot it I was able to start the array. I didn't have pihole auto start so I'm good.

[skunkworker]

I ran into lot's of issues trying to get the pi-hole port 53 working correctly. I was using br0

for my interface with a custom fixed ip address.

I had to change Key 7: (INTERFACE) to eth0 as inside the docker image it didn't see the br0 interface but eth0.

 

Don't be afraid to run ifconfig inside the container to see what interface it is listening on.

 

I hope this helps anyone looking for recent fixes.

[Firejack]

Update: Pi-hole can't be used effectively with a BT Smart Hub Router for IPv6 devices. Even with DHCP disabled the BT Smart Hub will send out Router Advertisements and IPV6 devices will use autoconfiguration to assign the BT Smart Hub as the IPv6 DNS server. There is no way to disable Router Advertisements. Time for a new Router!

 

Spent all yesterday evening troubleshooting why I was sometimes getting ads, even on websites I'd visited a few minutes earlier that were ad-free. Looking in the Pi-Hole Query log I could see IPv6 DNS requests to ad servers were not being Pi-holed. Which seemed a bit weird as only a few weeks ago on my old Ubuntu Home Server, I had Pi-hole up and running without issues.

 

Turns out my BT Smart Hub has been updated and now uses IPv6 for all Internet traffic except strangely DNS that still uses IPv4. (Seems IPv6 BT DNS is being rolled out gradually across the whole network.)  Checking with nslookup I could see one response to my DNS query from my Pi-hole container using IPv4 and one from my BT Smart Hub using IPv6. This resulted in ad DNS requests being handled differently and sometimes ads being served.

IPv4: Client DNS request for ad >> Pi-hole container >> Pi-holed

IPv6: Client DNS request for ad >> BT Smart Hub >> BT IPv4 server >> ad served.

Trying every combination of settings I could think of I somehow found the additional steps to @gridrunner excellent video tutorial that you should take after following his instructions.

1.  Open the BT Smart Hub web interface and goto >> Advanced Settings >> IPv6 >> Configuration. Enable ULA and select Stateless Allocation mode.
2. Open unRAID's web interface and goto >> Settings >> Network Settings. Change the Network Protocol to IPv4 + IPv6 and set Static addresses for both IPv4 and IPv6. (You can't use the BT Smart Hubs DHCP server for Pi-hole. You need to use Pi-hole DHCP server. Because Pi-hole is running on unRAID you therefore need Static addresses. You should set the IPv4 DNS servers to Google DNS/ OpenDNS or whatever you prefer so unRAID has DNS access even when the Pi-hole Container isn't running.)
3. Now goto your Docker tab and click on Pi-hole and open the Console. Type ifconfig and make a note of your IPv6 Pi-hole Container address. (It will be the longer address that starts with fc or fd). While you are here, double-check the Interface the container is using as @skunkworker points out in the post above mine.)
4. Click Pi-hole on the Docker tab again and hit Edit. Change Key 4 to True and then hit +Add another Path, Port, Variable, Label or Device and enter this new variable;

• Config Type: Variable
• Name: Key 9
• Key: ServerIPv6
• Value: <enter the IPv6 Pi-hole container address you just noted down>
• Description: Container Variable: ServerIPv6

hit Apply.

 

5. Now open the Pi-hole web interface, login and goto >> Settings >> DHCP. Enable the DHCP server and set the IP range and gateway. e.g From 192.168.1.50 to 192.168.1.100 and Router 192.168.1.254. Check the Enable IPv6 support (SLAAC + RA) and Save.

 

 

If you browse some website, all the ads should be gone and the Pi-Hole Query log should now show IPv6 ads being Pi-holed too.

 

Hope this makes sense. First time using unRAID and Docker

Edited July 25, 2018 by Firejack
Added Update.

[Nyghthawk]

Having issues like many others. 

 

Installed following the video.

 

Changed to br0, custom IP different than unraid ip.

 

matched server ip to custom ip

 

tried interface as eth0 and br0 both failed.

 

have --dns 127.0.0.1 or whatever it is in the custom are, including --dns 1.1.1.1 and 8.8.8.8

 

Issue:

 

Blocklist = 0 and I cannot get gravity to update, nor access pi.hole/admin.  so i know something is going wrong here.

 

Pi-hole blocking is enabled

Neutrino emissions detected...

[✗] Pulling blocklist source list into range

No source list found, or it is empty

Number of domains being pulled in by gravity: 0

Nothing to whitelist!

Number of regex filters: 0

[✓] Parsing domains into hosts format

[✓] Cleaning up stray matter

[✓] DNS service is running

[✓] Pi-hole blocking is Enabled

 

 

any help here?

 

i dont want to just add in lists if gravity wont update.

 

 

EDIT:

 

Did a pihole -d

 

said could not find IPv4 on the config file, it had the same ip but it said could not find 192.168.0.132/24 and in the config file it only had 192.168.0.132, so i added the /24....

 

this still didn't fix the issue.

 

then tried a pihole -r, selected the first option, this did NOT work

 

tried pihole -r selecting the second option, did NOT change any settings, and it seems to work now.

Edited February 7, 2019 by Nyghthawk

[jowi]

I've installed this using the excellent video  i can get into the webui etc, everything seems to work. I gave it an ip address of 192.168.1.10, and i'm using the cloudflare dns (1.1.1.1 / 1.0.0.1). Now, if i change my router's DNS (Netgear WNDR3700) to use 192.168.1.10, i can't browse to any sites... it just won't work.

 

If i return the router to 1.1.1.1/1.0.0.1 and configure my mac maually so it uses pihole as it's DNS server, i can browse perfectly, and i can see in pihole's query log everything is also logged etc. so it does work... But why won't it work if i configure it on my router?

 

I also made the pihole docker a static ip adress in the router.

 

What am i missing?

Edited March 18, 2019 by jowi

[xhaloz]

Does anyone know how to point a local domain "subdomain.domain.com" to a local IP address? Whenever I reach my subdomain, pihole thinks I am coming from an external network.  I want pihole to resolve any devices from the LAN going to this subdomain to stay internal.  There are lots of answers online to resolve this but they all involve pihole running on a raspberry_pi and not docker. 

I have exhausted many of my resources to figure this out. Thanks in advance.

[xhaloz]

On 3/18/2019 at 12:26 PM, jowi said:

I've installed this using the excellent video  i can get into the webui etc, everything seems to work. I gave it an ip address of 192.168.1.10, and i'm using the cloudflare dns (1.1.1.1 / 1.0.0.1). Now, if i change my router's DNS (Netgear WNDR3700) to use 192.168.1.10, i can't browse to any sites... it just won't work.

 

If i return the router to 1.1.1.1/1.0.0.1 and configure my mac maually so it uses pihole as it's DNS server, i can browse perfectly, and i can see in pihole's query log everything is also logged etc. so it does work... But why won't it work if i configure it on my router?

 

I also made the pihole docker a static ip adress in the router.

 

What am i missing?

Hey jowi,

 

Can you ping your netgear from pihole's docker?  meaning you terminal into unraid and type "docker exec -it pihole ping 192.168.1.X" where the X is the last octet of your netgear device.  See if you get replies.  They may not be communicating.

[jowi]

I've solved it by installing dd-wrt on the netgear router. dd-wrt lets you set an internal DNS server, pihole in this case. Now all clients on my network are indeed using pihole as dns.

 

But... i have a new 'problem' now; some clients are using a vpn (goosevpn) and the vpn tunnel probably is not affected by pihole. 

[Drazzilb]

Okay so I followed the tutorial from Space Invader One to the letter. None of the Ads are blocked.

Setting up the IP address for the pi-hole server using the Custom: br0 network type and a fixed IP address

 

I as well made sure to have the ServerIP the same. 

 

From within Pi-Hole I setup the blacklists to include all the lists that were mentioned on https://firebog.net/

From there my domains skyrocketed up to showing me this. 

 

From there i went into my router settings (which is an Asus CM-32) to change my DNS w/in my DHCP Server to point to the IP address for the pi-hole:

 

I also made sure to change my DNS server for my UnRaid due to the fact i was not able to receive any updates for plugins or dockers.

 

I then proceeded to check to see if pi-hole was working from my system by visiting a very add intensive website www.dailymail.co.uk the very first things i see on there are ads..

 

I from there went to make sure my system was pointing to the new DNS server.  ipconfig /all

 

I've even /released and /renewed  to make sure. I've restarted my router/PC/and Server

 

Not very sure where I go from here. 

 

Here is my debug log from pi-hole if this helps.

https://pastebin.com/bYNdDPEp

(oh I've also tried from all devices on the network with no luck)

Edited May 10, 2019 by Drazzilb

[WashingtonMatt]

Your windows device should only show a single ipv4 dns address of your pi-hole. I'm not even sure what that other address is... I assume it's a valid ipv6 short format. It's probably what's doing your dns name resolution.

 

open a command prompt and run command: 

 

nslookup www.google.com

 

Edited May 11, 2019 by WashingtonMatt

[Drazzilb]

This is what i get back

Edited May 11, 2019 by Drazzilb