[Dnsmasq-discuss] DHCP from dnsmasq in docker container

Geert Stappers stappers at stappers.nl
Sun Dec 16 15:24:54 GMT 2018 

On Thu, Dec 13, 2018 at 09:10:59AM -0500, Craig Younkins wrote:
> First, thank you for dnsmasq!
> 
> I'm among a number of people[1][2][3][4] having trouble using dnsmasq for
> DHCP when it is running in a docker container. Everyone seems to get "no
> address range available for DHCP request via eth0" in their log unless they
> change to host networking mode.
> 
> The code path for that error message is at [5]. I'm having a little trouble
> understanding the 'contexts', but I think the problem is that the container
> is running in bridged networking mode, and thus the interface has an IP
> address outside the netmask range.
> 
> Is there a way to make this work without using host networking? Maybe
> adding the external IP to the container interface? Thank you for any
> suggestions!
> 
> Relevant sample configuration:
> addn-hosts=/etc/pihole/gravity.list
> addn-hosts=/etc/pihole/black.list
> addn-hosts=/etc/pihole/local.list
> localise-queries
> no-resolv
> cache-size=10000
> log-queries=extra
> log-facility=/var/log/pihole.log
> local-ttl=2
> log-async
> server=8.8.8.8
> server=8.8.4.4
> interface=eth0
> dhcp-authoritative
> dhcp-range=192.168.1.200,192.168.1.251,24h
> dhcp-option=option:router,192.168.1.1
> dhcp-leasefile=/etc/pihole/dhcp.leases
> domain=local
> 
> root at 6082bda95199:/# ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
> default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>        valid_lft forever preferred_lft forever
> 10: eth0 at if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
> state UP group default
>     link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
>     inet *172.17.0.2/16 <http://172.17.0.2/16>* brd 172.17.255.255 scope global eth0
>        valid_lft forever preferred_lft forever
> 
> To reproduce, you can run something like what is in [6], then enabling the
> DHCP server through the non-ssl web interface. `docker exec -it pihole
> /bin/bash` to get into the container and `tail -f /var/log/pihole.log` for
> the log.
> 
> [1] https://github.com/pi-hole/docker-pi-hole/issues/355
> [2] https://discourse.pi-hole.net/t/dhcp-not-working-docker/12593
> [3] https://discourse.pi-hole.net/t/no-address-range-available-for-dhcp-request-via-eth0/14350
> [4] https://serverfault.com/questions/825497/running-dnsmasq-in-docker-container-on-debian-check-dhcp-ignores-dnsmasq
> [5] http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=src/rfc2131.c;h=56dc3d103741baeb68a730f0ce15a10338a2f885;hb=91421cb7575df7bb211dacc30dc7c7c715c38299#l345
> [6] https://github.com/pi-hole/docker-pi-hole/blob/master/docker_run.sh
> 

Summary in my words:

} pihole is the DNS part of dnsmasq with some extras.
} pihole is got dockerized
} pihole got DHCP server functionality from dnsmasq
} docker version of pihole had/has trouble with DHCP server,
}  their documentation says "host network"


Back to
> Is there a way to make this work without using host networking?

IIRC there wasn't yet a report on this mailinglist saying

   "FYI  dnsmasq (DNS + TFTP + DHCP) works inside docker"


I do hope that such succes will be reported.


Groeten
Geert Stappers
-- 
Leven en laten leven

More information about the Dnsmasq-discuss mailing list