You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Priority 1 ISSUE: The DHCP Server in my AdguardHome Container is not receiving DHCP requests when Network Mode is a Gluten Service/container and network type is macvlan. See Docker Compose Below. If I set a static IP and DNS on the client, then DNS queries work perfectly under this configuration, and I get full ad blocking. When I connect my Adguard container directly to the macvlan network (without gluetun), then everything works including DHCP. Therefore it seems the problem is Gluetun related (not Macvlan). When i look at the adguard logs... its listening for DHCP on udp port 67. But nothing comes through. When i stop the adguard container it shows that port 67 is closed. (clearly i have it open in my ports within Gluten). I've tried remapping it, but same thing occurs.
My use case is Adguard home.
I want my encrypted DNS requests to go through VPN. This seems like the best privacy solution. VPN provider cant see DNS queries.... and DNS provider doesnt see the request coming from me (they see it coming from VPN. Hence why i would like to use gluetun
I want to use Adguard home as my DHCP server. This way i can use it for parental controls. I want to be able to restrict content broadly, and then have exceptions for specific MAC addresses. I can only do this if Adguard Home is the DHCP server. Else exceptions have to be by IP address, which seems much less fool proof. Also I want to tag the computers so they show up meaningfully in adguard home stats... which also requires me to use their DHCP server.
This is what I've tried and what works/doesnt work
<style type="text/css"></style>
Gluetun Container
Docker Network
Container receives DHCP?
Implications
Yes
Host
?
1. Im not able to successfully create a gluten network using host network mode
Yes
Bridge
YES
2. Adguard assigns IP in docker subnet to eth0 (not host subnet). Adguard Home DHCP server fails when attempting to assign/write a LAN IP in host subnet. Cant be used.
Yes
macvlan
NO
3. Best option, but currently DHCP requests arent being seen by gluetun container when network is macvlan
NO
Host
YES
4. DNS requests not going through VPN. Have to trust DNS provider
NO
Bridge
YES
BOTH 2 and 4 above
Priority 2 ISSUE: I connected my client machine to the gluetun container using shadowsocks proxy. The instance of gluetun has DOH off and DNS pointed to adguard @ 127.0.0.1. My connection is routed through my VPN, however I dont get ad blocking. Why is this so? Is there another way to have adblocking and all traffic going through VPN?
Share your logs (at least 10 lines)
ADGUARD logs starting
2024/02/06 18:59:08.999102 [info] go to http://10.5.0.2:80
2024/02/06 18:59:08.999112 [info] go to http://192.168.1.5:80
[dhcpv4] 2024/02/06 18:59:08 Server listening on 0.0.0.0:67
[dhcpv4] 2024/02/06 18:59:08 Ready to handle requests
2024/02/06 18:59:21.933806 [info] dnsproxy: starting dns proxy server
2024/02/06 18:59:21.933911 [info] Ratelimit is enabled and set to 20 rps, IPv4 subnet mask len 24, IPv6 subnet mask len 56
2024/02/06 18:59:21.933926 [info] The server is configured to refuse ANY requests
2024/02/06 18:59:21.933937 [info] dnsproxy: cache: enabled, size 4194304 b
2024/02/06 18:59:21.933957 [info] dnsproxy: max goroutines is set to 300
2024/02/06 18:59:21.933984 [info] dnsproxy: creating udp server socket 0.0.0.0:53
2024/02/06 18:59:21.934196 [info] dnsproxy: listening to udp://[::]:53
2024/02/06 18:59:21.934226 [info] dnsproxy: creating tcp server socket 0.0.0.0:53
2024/02/06 18:59:21.934338 [info] dnsproxy: listening to tcp://[::]:53
2024/02/06 18:59:21.934351 [info] dnsproxy: creating tls server socket 0.0.0.0:853
2024/02/06 18:59:21.934414 [info] dnsproxy: listening to tls://[::]:853
2024/02/06 18:59:21.934428 [info] Creating a QUIC listener
2024/02/06 18:59:21.935326 [info] Listening to quic://[::]:853
2024/02/06 18:59:21.935549 [info] dnsproxy: entering udp listener loop on [::]:53
2024/02/06 18:59:21.935709 [info] Entering the DNS-over-QUIC listener loop on [::]:853
2024/02/06 18:59:21.935748 [info] dnsproxy: entering tls listener loop on [::]:853
2024/02/06 18:59:21.935754 [info] dnsproxy: entering tcp listener loop on [::]:53
ADGUARD LOGS STOPPING
2024/02/06 19:27:20.401281 [info] Received signal "terminated"
2024/02/06 19:27:20.401331 [info] stopping AdGuard Home
2024/02/06 19:27:20.401340 [info] stopping http server...
2024/02/06 19:27:20.401684 [info] stopped http server
2024/02/06 19:27:20.401809 [info] dnsproxy: stopping dns proxy server
2024/02/06 19:27:20.402159 [info] dnsproxy: stopped dns proxy server
[dhcpv4] 2024/02/06 19:27:20 Error reading from packet conn: read udp 0.0.0.0:67: use of closed network connection
2024/02/06 19:27:20.433639 [info] dhcpv4: server is closed
2024/02/06 19:27:20.433815 [info] stopped
### Share your configuration
```yml
DOCKER COMPOSE
version: "1.5"
########################### NETWORKS########
networks:
VPN-MACVLAN:
driver: macvlan
driver_opts:
parent: eth0
ipam:
config:
- subnet: "192.168.1.0/24"
ip_range: "192.168.1.5/32"
gateway: "192.168.1.1"
##########################################
services:
gluetun-host:
image: qmcgaw/gluetun #image: ghcr.io/qdm12/gluetun:pr-1598
container_name: gluetun-host
privileged: true
restart: always
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 8888:8888/tcp # Gluetun Local Network HTTP proxy
- 8388:8388/tcp # Gluetun Local Network Shadowsocks
- 8388:8388/udp # Gluetun Local Network Shadowsocks
###########################################Ports for Adguard#########################################
- 53:53/udp
- 67:67/udp
- 68:68/tcp
- 68:68/udp
- 80:80/tcp
- 443:443/tcp
- 853:853/tcp
- 3000:3000/tcp
########################################################################################################
volumes:
- /opt/docker/gluetun-host:/gluetun-host
environment:
#- PUID=${PUID:?err}
#- PGID=${PGID:?err}
- TZ=${TIMEZONE:?err}
- VPN_TYPE=${VPN_TYPE}
- VPN_SERVICE_PROVIDER=${VPN_SERVICE_PROVIDER:?err}
- SERVER_CITIES=${SERVER_CITIES}
#- SERVER_HOSTNAMES=${SERVER_HOSTNAMES}
- FIREWALL_OUTBOUND_SUBNETS=${LOCAL_SUBNET:?err}
#- WIREGUARD_PUBLIC_KEY=${WIREGUARD_PUBLIC_KEY}
- WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
#- WIREGUARD_PRESHARED_KEY=${WIREGUARD_PRESHARED_KEY}
#- WIREGUARD_ADDRESSES=${WIREGUARD_ADDRESSES}
- SHADOWSOCKS_PASSWORD=${SHADOWSOCKS_PASSWORD:?err}
- DOT=off
- DNS_ADDRESS=127.0.0.1
- HTTPPROXY=on
- SHADOWSOCKS=on
networks:
- VPN-MACVLAN
adguard:
container_name: adguard
image: adguard/adguardhome
privileged: true
restart: unless-stopped
network_mode: "service:gluetun-host"
#networks:
#VPN-MACVLAN:
#ipv4_address: 192.168.1.5
#ports:
#- 53:53/udp
#- 67:67/udp
#- 68:68/tcp
#- 68:68/udp
#- 80:80/tcp
#- 443:443/tcp
#- 853:853/tcp
#- 3000:3000/tcp
volumes:
- type: bind
source: /opt/docker/adguard/conf/ca-certificates.crt
target: /etc/ssl/certs/ca-certificates.crt
- /opt/docker/adguard/conf:/opt/adguardhome/conf
- /opt/docker/adguard/work:/opt/adguardhome/work
The text was updated successfully, but these errors were encountered:
Doug411
changed the title
Bug:
Bug: Adguard DHCP Server Not Receiving DHCP requests when Network is a Glueten Service
Feb 5, 2024
Doug411
changed the title
Bug: Adguard DHCP Server Not Receiving DHCP requests when Network is a Glueten Service
Bug: PORT 67 is not communicating through Gluetun Service
Feb 6, 2024
Doug411
changed the title
Bug: PORT 67 is not communicating through Gluetun Service
Bug: PORT 67 is not communicating through Gluetun Service when network is macvlan (port is open)
Feb 7, 2024
Doug411
changed the title
Bug: PORT 67 is not communicating through Gluetun Service when network is macvlan (port is open)
Bug: PORT 67 is not communicating through Gluetun Service when network is macvlan (port is open in gluetun)
Feb 7, 2024
Doug411
changed the title
Bug: PORT 67 is not communicating through Gluetun Service when network is macvlan (port is open in gluetun)
Bug: (ONLY) PORT 67 is not communicating through Gluetun Service when network is macvlan (port is open in gluetun)
Feb 7, 2024
Hi, any chance you can take a look at this? I'd really appreciate being able to get my DNS requests going through my VPN, but am unable to do so until this is resolved (because my DHCP Server is being blocked by gluetun on macvlan).
Is this urgent?
Yes
Host OS
Debian Bullseye
CPU arch
arm64
VPN service provider
NordVPN
What are you using to run the container
docker-compose
What is the version of Gluetun
latest
What's the problem 馃
I have 2 current issues:
Priority 1 ISSUE: The DHCP Server in my AdguardHome Container is not receiving DHCP requests when Network Mode is a Gluten Service/container and network type is macvlan. See Docker Compose Below. If I set a static IP and DNS on the client, then DNS queries work perfectly under this configuration, and I get full ad blocking. When I connect my Adguard container directly to the macvlan network (without gluetun), then everything works including DHCP. Therefore it seems the problem is Gluetun related (not Macvlan). When i look at the adguard logs... its listening for DHCP on udp port 67. But nothing comes through. When i stop the adguard container it shows that port 67 is closed. (clearly i have it open in my ports within Gluten). I've tried remapping it, but same thing occurs.
My use case is Adguard home.
This is what I've tried and what works/doesnt work
<style type="text/css"></style>
Priority 2 ISSUE: I connected my client machine to the gluetun container using shadowsocks proxy. The instance of gluetun has DOH off and DNS pointed to adguard @ 127.0.0.1. My connection is routed through my VPN, however I dont get ad blocking. Why is this so? Is there another way to have adblocking and all traffic going through VPN?
Share your logs (at least 10 lines)
ADGUARD logs starting
The text was updated successfully, but these errors were encountered: