0

So basically I have an issue when I change my bridge br0 namerserver from 192.168.50.1 which points to a pfSense router, to my PiHole ad blocker. All clients get dhcp from the PiHole and are working as expected via DNS from the Pihole.

The PiHole is hosted on a qemu/kvm on a 24/7 Computer.

kvm Host: Kubuntu 20.04 Virt Manager 2.2.1

netplan- 
network:
  version: 2
  #renderer: NetworkManager
  renderer: networkd

ethernets:
    enp4s0:
      dhcp4: false
      dhcp6: false 
  bridges: 
    br0:
      interfaces: [enp4s0]
      addresses: [192.168.50.70/24]
      gateway4: 192.168.50.1
      nameservers:
        addresses: [192.168.50.1]
      parameters:
        stp: false
        forward-delay: 0
      dhcp4: no
      dhcp6: no

This works fine ( not using the PiHole), but if I change:

nameservers:
        addresses: [192.168.50.10]

which is the address of the Pihole DNS breaks

I did run a pcap, and I will not see any packets for dns as I would when I point to the GW.

KVM and bridging is new to me, so I must be missing a understanding of the configuration some how, and I hope to get a clue. Reading many of the posts similar to my issue did not seem to have the same issue where it is just the Host that was not working.

One clue that I see is when i use the command: route

when configured for the PiHole:

default         _gateway        0.0.0.0         UG    0      0        0 br0

and when configured for the pfsense:

default         pfsense.local        0.0.0.0         UG    0      0        0 br0

other then that, all the other routes are the same, and I can ping the PiHole.

It is like when I change the nameserver IP DNS just breaks, nothing leave the br0. Same if I were to use an IP like 8.8.8.8. I move it back to the GW of the pfSense, works.

Thoughts?

Much appreciated and best regards,

JC

Terrance
  • 41,612
  • 7
  • 124
  • 183
Lost_Ones
  • 21
  • 5
  • If you go into the virtual machine of the pi-hole, does nslookup www.google.com work? – Terrance Feb 03 '22 at 03:52
  • Hello Terrance, it will resolve. I tested from a couple of the VMs as the PiHole is set to use 9.9.9.9, and others will use the PiHole. All resolve except for the Host. – Lost_Ones Feb 03 '22 at 12:09
  • I don't use my pi-hole as my DHCP server as I use my DD-WRT router instead, but I am wondering if you still need to enable Conditional Forwarding on your pi-hole (under Settings -> DNS) to the router itself so that it knows still to forward the requests from the systems to the router to still get outbound traffic. I really don't know why the traffic doesn't seem to be forwarding through your pi-hole as that is normally configured by default when you setup the Pi-Hole software. – Terrance Feb 03 '22 at 14:20
  • Hello again, Good points and I did try several options with listening interface and the conditional forwarding, but no joy. I do recall that PiHole doesn't list to see more then one hop. I would think that if I was sending a DNS request, but it was not seen by the PiHole, the pcap would have shown at least the request, correct? Seems that only when I have the GW as the namerserver, it works. If I have no entry at all, it is broke, If I have 8.8.8.8 or PiHole, broke. Have the GW happy. I appreciate your suggestions as these are good. Regards, – Lost_Ones Feb 03 '22 at 17:59
  • Make sure on your VM itself that it has no firewalls, if applicable, usually they don't though. You may also want to look through the Raspberry Pi site and see if anyone else might have experienced the same issue as you: https://raspberrypi.stackexchange.com/search?q=pi-hole – Terrance Feb 03 '22 at 18:10
  • Thanks for the suggestion, I have the same type of question in the PiHole Forum. Being that this is a PiHole in a qemu/kvm not sure the Pi forums would help. I really think this is a issue with the bridge / configuration. I will continue to look at the KVM forums as well as there is lots of bridging used for the virtual machines. – Lost_Ones Feb 03 '22 at 18:43
  • Bridging might be a good place to start on that one. I know recently someone was asking about KVM and bridging. https://askubuntu.com/questions/1390603/how-can-i-share-the-hosts-network-interface-with-virtual-machines-so-that-they I only use VirtualBox so I wouldn't be much help with the KVM side, even though I used it once before. – Terrance Feb 03 '22 at 18:48

0 Answers0