Community discussions

MikroTik App
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Docker - pihole

Sun Sep 11, 2022 12:02 am

Hello
I just folow the instruction from
https://help.mikrotik.com/docs/display/ROS/Container

My subnet is 192.168.1.0/24
The Docker Pi-hole is 192.168.10.26

How i can ping/connect that 2 subnet / get access to 192.168.10.26
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sun Sep 11, 2022 12:41 am

i Change /bridge port veth 2 to bridge ( main bridge)
and
/interface veth veth2 to primary subnet 192.168.1.0 with gateway 192.168.1.1
and .... its look like its working i think

(on 192.168.1.26 got real raspi4 with pihole also)
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sun Sep 11, 2022 12:55 am

My solution :

#Type all manual to terminal in mikrotik#
192.168.1.27/24 ( use your subnet .. for example start subnet 192.168.88.27 or what you got at the moment)
/interface/veth/add name=veth2 address=192.168.1.27/24 gateway=192.168.1.1



/interface/bridge/add name=dockers
/ip/address/add address=192.168.1.1/24 interface=dockers
/interface/bridge/port add bridge=dockers/bridge interface=veth2




/container/envs/add name=pihole_envs key=TZ value="Europe/Riga"
/container/envs/add name=pihole_envs key=WEBPASSWORD value="yourPassword"
/container/envs/add name=pihole_envs key=DNSMASQ_USER value="root"

#root = do not change#
#Yourpassword - change it#


#go to disk and check your pendrive/hdd/ssd disk number = do not install on internal memory of mikrotik!!#

/container/mounts/add name=etc_pihole src=disk4/etc dst=/etc/pihole
/container/mounts/add name=dnsmasq_pihole src=disk4/etc-dnsmasq.d dst=/etc/dnsmasq.d



/container/config/set registry-url=https://registry-1.docker.io tmpdir=disk4/pull


/container/add remote-image=pihole/pihole:latest interface=veth2 root-dir=disk4/pihole mounts=dnsmasq_pihole,etc_pihole envlist=pihole_envs

#To check status of progress write this#
/container/print


#To start Container :#
/container/start 0

# To check do container is run go to winbox Container/Container check "status" -should be running#

#aditional firewall rules if you already used port 80#
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.1.1 dst-port=800 protocol=tcp to-addresses=192.168.10.26 to-ports=80

#depend of your mikrotik model - check that on winbox : /system/resources Free memory (for example my model is RB3011UiAS) i got 850MiB free #
/container/config/set ram-high=400M

#before doo that.. go to winbox /containers/ select your veth . and STOP then go command then Click Start #
/container/set 0 start-on-boot=yes

Pihole in beggin like i see used Used memory: 5.94 MB


I got raspi4 with maaany extra package and its used
Used memory: 9.17 MB


Mikrotik :
Image

Raspi4 pihole 2 year use ( after 10h of restart)
Image
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2989
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Docker - pihole

Sun Sep 11, 2022 2:23 am

nice, in which hardware you deploy that?
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sun Sep 11, 2022 2:29 am

"(for example my model is RB3011UiAS)" + Audience
like my signature :)
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2989
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Docker - pihole

Sun Sep 11, 2022 2:44 am

using only the 128MB of integrated storage ?
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sun Sep 11, 2022 5:49 am

According to my knowleadge...
its getting 4-5MB
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sun Sep 11, 2022 6:09 am

BUT

im wondering
Why mikrotik eat almost 100% CPU in speed test when DNS pihole Mikrotik is enabled.
after back to Raspi pihole still getting 100% cpu and max 450Mb download on speedtest.net
( My internet 1Gb)
Before easy reach 800-990Mb
hmmmm
its look like HW off??

Update :
Image

HW ON...hmm
 
AidanAus
Member Candidate
Member Candidate
Posts: 177
Joined: Wed May 08, 2019 7:35 am
Location: Australia
Contact:

Re: Docker - pihole

Mon Sep 12, 2022 9:53 am

enabling hardware offloading does not mean that it is active, it is like fasttrack, you can enable it but it does not mean that the traffic will be hitting it as there are other things that can effect this.
The best way to see if hardware offloading is actually online is by going to the bridge interface then looking at the ports tab, in there you should see a H next to each interface that is actively using hardware offloading: https://help.mikrotik.com/docs/display/ ... Offloading

I dont think that hardware offloading would of effected the traffic that much, if it broke before and after switching back even more so when you think that hardware offloading is not really used when going online since you will have to go to the cpu to route and nat the traffic.
Can you send through your configuration so we might be able to see what was going on? my guess will be that it is something to do with fasttrack but again thats just a guess.
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Tue Sep 13, 2022 12:55 pm

I have another question. What needs to be done so that all hosts are visible in PiHole, e.g. phones, computers (their IP addresses), at the moment when logging in to PiHole I see only one "user" - the local address of Mikrotik. I would like to add that everything was done according to the Mikrotik manual.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: Docker - pihole

Tue Sep 13, 2022 2:18 pm

I have another question. What needs to be done so that all hosts are visible in PiHole, e.g. phones, computers (their IP addresses), at the moment when logging in to PiHole I see only one "user" - the local address of Mikrotik. I would like to add that everything was done according to the Mikrotik manual.
1.jpg
2.jpg
3.jpg
You do not have the required permissions to view the files attached to this post.
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Tue Sep 13, 2022 4:07 pm

Moderator: Why do you quote previous post? Use Post Replay not Quote button.
Hi,

but if it will be working if I did all based on Mikrotik tutorial and I have different subnet than my MT? E.X - MT 172.16.0.1, PiHole 172.17.02?
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: Docker - pihole

Tue Sep 13, 2022 4:32 pm


but if it will be working if I did all based on Mikrotik tutorial and I have different subnet than my MT? E.X - MT 172.16.0.1, PiHole 172.17.02?
As far as I know, it should. I used a container at MT for pi-hole.
You should know what is in MT documents is an example. That is not a complete walkthrough on how to use pi-hole.
The address should be the CIDR of your DHCP server. if you have 172.16.0.0/24 at your MT then it should be that.
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Tue Sep 13, 2022 4:40 pm

Moderator: Why do you quote previous post? Use Post Replay not Quote button.
So in my case what I should write in PiHole console? My MT address/gateway or PiHole? BTW - maybe You can write some additional tips complementary MT manual? :)
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: Docker - pihole

Tue Sep 13, 2022 5:26 pm

So in my case what I should write in PiHole console? My MT address/gateway or PiHole? BTW - maybe You can write some additional tips complementary MT manual? :)
  • additional tips complementary MT manual
https://docs.pi-hole.net/
  • set your DNS server at your DHCP server to 172.17.0.2 and also inside your pi-hole go to setting and in the first tab, you should see the same setting as screenshot blow.
2022-09-13_15-45-09.jpg
You do not have the required permissions to view the files attached to this post.
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Tue Sep 13, 2022 11:27 pm

Moderator: Why do you quote previous post? Use Post Replay not Quote button.
Hi, sorry, but I did all as You wrote and it not working. Maybe You have any more idea what I should do? Thx.
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Wed Sep 14, 2022 12:20 pm

My solution :
Moderator: trim the quote.
@Andrew162,

how its look in Your case - Do You see in Pi-Hole all of Clients (thiers IPs), or only one Client (gateway of Pi-Hole)???
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sat Sep 17, 2022 2:02 am

To start using Pihole
Go to ip DHCP server
networks
Double click on your
and change DNS server to.. what you use for pihole
after off on wifi and off on lan.. its should start using pihole

After some update - tested on 7.6 beta6
updated code
/interface/veth/add name=veth1 address=192.168.1.30/24 gateway=192.168.1.1


/interface/bridge/port add bridge=bridge interface=veth1
/ip/firewall/nat/add chain=srcnat action=masquerade src-address=192.168.1.0/24
/container/envs/add name=pihole_envs key=TZ value="Europe/Riga"
/container/envs/add name=pihole_envs key=WEBPASSWORD value="YourPassword"
/container/envs/add name=pihole_envs key=DNSMASQ_USER value="root"
/container/mounts/add name=etc_pihole src=disk1/etc dst=/etc/pihole
/container/mounts/add name=dnsmasq_pihole src=disk1/etc-dnsmasq.d dst=/etc/dnsmasq.d
/container/config/set registry-url=https://registry-1.docker.io tmpdir=disk1/pull
/container/add remote-image=pihole/pihole:latest interface=veth1 root-dir=disk1/pihole mounts=dnsmasq_pihole,etc_pihole envlist=pihole_envs
/container/print

/container/start 0

#after start = wait 1 min#
/container/config/set ram-high=200M
Remember to edit password before you paste
Copy paste dont like from notepad
Use notepad C++
 
Jarek9008
just joined
Posts: 21
Joined: Sun Dec 05, 2021 12:38 pm

Re: Docker - pihole

Tue Sep 20, 2022 4:52 pm

moderator note: do not quote whole preceding post. Use "Post Reply" button instead. Is it so hard task to find it?
Hi,

why masquerade is for address 192.168.1.0/24? And did You see all of Client IP's in PiHole site?
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Thu Mar 25, 2021 9:40 am

Re: Docker - pihole

Sat Sep 24, 2022 12:22 am

Im not sure what you mean by... do i can see ip clients in PiHole
All devices "react" and work with that Pihole if that what you are asking for
 
majorlogic
just joined
Posts: 16
Joined: Sun Jul 24, 2022 6:22 am

Re: Docker - pihole

Mon Oct 17, 2022 9:56 am

hello, can somebody help me with this? viewtopic.php?t=190031
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2855
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Docker - pihole

Mon Oct 17, 2022 10:52 am

If you started own new topic of "docker+pihole" then wait for help in it.
 
User avatar
qatar2022
Member Candidate
Member Candidate
Posts: 141
Joined: Mon Aug 24, 2020 11:12 am

Re: Docker - pihole

Sun Jan 15, 2023 8:04 pm

thanks, I'll try it.
 
User avatar
qatar2022
Member Candidate
Member Candidate
Posts: 141
Joined: Mon Aug 24, 2020 11:12 am

Re: Docker - pihole

Wed Jan 18, 2023 10:38 am

I did exactly but the pihole page not open I got this page
Image
any help please
regards
 
d412s
just joined
Posts: 17
Joined: Fri May 08, 2020 1:32 pm
Location: Ukraine

Re: Docker - pihole

Tue Jan 31, 2023 1:23 am

I got the same Placeholder page
try admin ex: http://10.10.10.1:888/admin
 
blackseaboy
just joined
Posts: 1
Joined: Wed Feb 01, 2023 3:58 pm

Re: Docker - pihole

Wed Feb 01, 2023 4:02 pm

I got the same Placeholder page
try admin ex: http://10.10.10.1:888/admin
try to use a different build of pihole (not the "latest"), the 2022.09 has worked for me:
/container/add remote-image=pihole/pihole:2022.09 interface=veth1 root-dir=disk2/pihole mounts=dnsmasq_pihole,etc_pihole envlist=pihole_envs
check the root dir, accodingly
 
damador
just joined
Posts: 1
Joined: Sun Feb 05, 2023 12:20 pm

Re: Docker - pihole

Sun Feb 05, 2023 3:44 pm

this could be due these changes https://pi-hole.net/blog/2023/01/15/pi- ... ge-content anyway cant run even previous versions
:latest should wok with adiing /admin to IP but got connection refued od all potrs except 80 and 80 return placeholder page :)
 
4L3xN3t
just joined
Posts: 12
Joined: Mon Feb 07, 2022 3:11 pm

Re: Docker - pihole

Tue Jan 23, 2024 10:15 am

Hi All,
I had a RPi4 Pihole for a couple year perfectly working and heard of the possibility to configure a Pihole container into my RB5009 so I decided to give it a try.
I'll avoid for now to fill this message with all the ROS configuration, maybe I could post it later if something punctual is needed.
I have ROS 7.13.1

Well, I configured the container following the guide and I give also a try to something different (as someone here already did).
A this point I have 2 pihole container (with the same internal configuration), both of them have issues but different ones.

To filter all the possible suggestions I want to remark that:
- both the containers can access the internet
- both are reached from the devices in the network
- pihole software works as intended (note: according to what provided by the router, see second container issue)
- I already tried multiple flushes of the network tables and restarts of the dns resolver

The first one, configured without using a specific docker bridge has a veth with an address on the same range of the router's dhcp (192.168.1.0/24).
It works smoothly as the RPi4 did, but randomly, when rebooting the router, the container can't start, nor automatically (is set to start on boot), nor manually, even when trying to start it from the terminal, hitting enter print a "space" and nothing appear in the log. When this happends I can't even ping the assigned ip, but looking at the interface or the bridge port there's nothing strange. It seems something related to the veth/bridge management, maybe on boot sometimes something come up before, sometime after the veth is started (I know that network people is reading this and screaming, but I'm not a "super guru network guy") and this make it not working

The second one, configured using the docker bridge (with an addres into the 192.168.5.0/24 range), works too, but with a frustrating behaviour. In the pihole web interface, under tools>network, all the devices (except itself) don't show anymore the mac address...and of course all the client rules uses the mac address to bind, so this way, binding to a specific group is broken and only default rules works. I should bind again all the clients using their IPs (not a huge problem because all of my devices have static leases in the DHCP, but still an issue) but this approach really sucks. Because the second one was a "late night try" I still didn't try to reboot to see if the "not starting" first container's issue happend with this too.
In this case it seems I miss to configure something to let the docker bridge be able to "know" the mac addresses of the clients from the main bridge, but, as I said, I'm not a "super guru network guy", and I don't know how to fix it.

can someone please help me?
thank you
 
4L3xN3t
just joined
Posts: 12
Joined: Mon Feb 07, 2022 3:11 pm

Re: Docker - pihole

Tue Jan 23, 2024 12:49 pm

Well, apparently I accidentally discovered the reason why container weren't able to start after a reboot. It was an USB issue discussed here viewtopic.php?p=1050954#p1050954

I think I will go with the container in the same ip range of the DHCP, but I'm still bit curious about how to resolve the issue of the second container
 
teleport
newbie
Posts: 41
Joined: Mon Sep 07, 2020 11:51 pm

Re: Docker - pihole

Fri Mar 15, 2024 3:09 pm

Hi All,
I had a RPi4 Pihole for a couple year perfectly working and heard of the possibility to configure a Pihole container into my RB5009 so I decided to give it a try.
I'll avoid for now to fill this message with all the ROS configuration, maybe I could post it later if something punctual is needed.
I have ROS 7.13.1

Well, I configured the container following the guide and I give also a try to something different (as someone here already did).
A this point I have 2 pihole container (with the same internal configuration), both of them have issues but different ones.

To filter all the possible suggestions I want to remark that:
- both the containers can access the internet
- both are reached from the devices in the network
- pihole software works as intended (note: according to what provided by the router, see second container issue)
- I already tried multiple flushes of the network tables and restarts of the dns resolver

The first one, configured without using a specific docker bridge has a veth with an address on the same range of the router's dhcp (192.168.1.0/24).
It works smoothly as the RPi4 did, but randomly, when rebooting the router, the container can't start, nor automatically (is set to start on boot), nor manually, even when trying to start it from the terminal, hitting enter print a "space" and nothing appear in the log. When this happends I can't even ping the assigned ip, but looking at the interface or the bridge port there's nothing strange. It seems something related to the veth/bridge management, maybe on boot sometimes something come up before, sometime after the veth is started (I know that network people is reading this and screaming, but I'm not a "super guru network guy") and this make it not working

The second one, configured using the docker bridge (with an addres into the 192.168.5.0/24 range), works too, but with a frustrating behaviour. In the pihole web interface, under tools>network, all the devices (except itself) don't show anymore the mac address...and of course all the client rules uses the mac address to bind, so this way, binding to a specific group is broken and only default rules works. I should bind again all the clients using their IPs (not a huge problem because all of my devices have static leases in the DHCP, but still an issue) but this approach really sucks. Because the second one was a "late night try" I still didn't try to reboot to see if the "not starting" first container's issue happend with this too.
In this case it seems I miss to configure something to let the docker bridge be able to "know" the mac addresses of the clients from the main bridge, but, as I said, I'm not a "super guru network guy", and I don't know how to fix it.

can someone please help me?
thank you
in the case where the veth was not on the docker bridge, did you add it to main bridge? do you have vlan on your network..did you have to change anything else on the bridge veth port(if you assigned it to main bridge) to get it to work
 
4L3xN3t
just joined
Posts: 12
Joined: Mon Feb 07, 2022 3:11 pm

Re: Docker - pihole

Fri Mar 15, 2024 3:17 pm

Hi All,
I had a RPi4 Pihole for a couple year perfectly working and heard of the possibility to configure a Pihole container into my RB5009 so I decided to give it a try.
I'll avoid for now to fill this message with all the ROS configuration, maybe I could post it later if something punctual is needed.
I have ROS 7.13.1

Well, I configured the container following the guide and I give also a try to something different (as someone here already did).
A this point I have 2 pihole container (with the same internal configuration), both of them have issues but different ones.

To filter all the possible suggestions I want to remark that:
- both the containers can access the internet
- both are reached from the devices in the network
- pihole software works as intended (note: according to what provided by the router, see second container issue)
- I already tried multiple flushes of the network tables and restarts of the dns resolver

The first one, configured without using a specific docker bridge has a veth with an address on the same range of the router's dhcp (192.168.1.0/24).
It works smoothly as the RPi4 did, but randomly, when rebooting the router, the container can't start, nor automatically (is set to start on boot), nor manually, even when trying to start it from the terminal, hitting enter print a "space" and nothing appear in the log. When this happends I can't even ping the assigned ip, but looking at the interface or the bridge port there's nothing strange. It seems something related to the veth/bridge management, maybe on boot sometimes something come up before, sometime after the veth is started (I know that network people is reading this and screaming, but I'm not a "super guru network guy") and this make it not working

The second one, configured using the docker bridge (with an addres into the 192.168.5.0/24 range), works too, but with a frustrating behaviour. In the pihole web interface, under tools>network, all the devices (except itself) don't show anymore the mac address...and of course all the client rules uses the mac address to bind, so this way, binding to a specific group is broken and only default rules works. I should bind again all the clients using their IPs (not a huge problem because all of my devices have static leases in the DHCP, but still an issue) but this approach really sucks. Because the second one was a "late night try" I still didn't try to reboot to see if the "not starting" first container's issue happend with this too.
In this case it seems I miss to configure something to let the docker bridge be able to "know" the mac addresses of the clients from the main bridge, but, as I said, I'm not a "super guru network guy", and I don't know how to fix it.

can someone please help me?
thank you
in the case where the veth was not on the docker bridge, did you add it to main bridge? do you have vlan on your network..did you have to change anything else on the bridge veth port(if you assigned it to main bridge) to get it to work
yes, I addet it to the main bridge. I have no VLAN and no other specific configuration for the veth was needed (just copied the other bridge ports configuration).
as a suggestion, I noticed strange behaviours adding a static entry for the veth on the ARP list (I then understood this is because after every reboot it changes the MAC), adding a static entry on the DNS for its IP and the same with the kid control too
 
tangent
Forum Guru
Forum Guru
Posts: 1329
Joined: Thu Jul 01, 2021 3:15 pm
Contact:

Re: Docker - pihole

Sat Mar 16, 2024 10:32 pm

I noticed strange behaviours adding a static entry for the veth on the ARP list (I then understood this is because after every reboot it changes the MAC), adding a static entry on the DNS for its IP

If you want to keep static DHCP assignments of IPs for that switch, another option is to disable the auto-mac setting, then set admin-mac to the value it would have if veth1 wasn't there competing for "bridge MAC address".
 
4L3xN3t
just joined
Posts: 12
Joined: Mon Feb 07, 2022 3:11 pm

Re: Docker - pihole

Sun Mar 17, 2024 8:38 pm


If you want to keep static DHCP assignments of IPs for that switch, another option is to disable the auto-mac setting, then set admin-mac to the value it would have if veth1 wasn't there competing for "bridge MAC address".
I've recently disabled auto-mac for other reasons, because I wanted to decide which of the ports' MAC had to be used, but when auto-mac was enabled the veth1's MAC was never the one chosen for the bridge. As far as I remember it was just the first lan port available.
I think this wouldn't solve the continuously changing veth1 MAC address, but to be honest it's not even a big problem, it's just my psychological problem 🤣

Who is online

Users browsing this forum: Sailwebwifi, teleport and 36 guests