MichaIng
DietPi-Config | Add network check IP and hostname choice
I am using Pi-hole and to prevent devices from using hardcoded DNS servers I blocked 8.8.8.8, 8.8.4.4, 1.1.1.1 and 1.0.0.1 in my router only to find out that dietpi-update does a ping to 1.1.1.1 to check internet connectivity.
Checking network connectivity │
│ - Command: ping -nc 1 -W 5 1.1.1.1 │
│ - Exit code: 1 │
│ - DietPi version: v8.1.2 (MichaIng/master) | HW_MODEL: 21 | HW_ARCH: 10 | DISTRO: 6 │
│ - Image creator: DietPi Core Team │
│ - Pre-image: Debian mini.iso │
│ - Error log: │
│ PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. │
│ From 192.168.178.1 icmp_seq=1 Destination Host Unreachable │
│ │
│ --- 1.1.1.1 ping statistics --- │
│ 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
Perhaps it is better to have it use the system DNS server set by dietpi-config instead of a hardcoded ip?
If I select Change command and change 1.1.1.1 to the ip of my pi-hole, router or another public DNS that is not blocked it still does not work for some reason..
Edit: hmm, after the first manual change to my routers ip it pings one.one.one.one so after adjusting that one to my routers ip as well it does work:
DietPi-Update
─────────────────────────────────────────────────────
Phase: Checking for available DietPi update
[FAILED] DietPi-Update | Checking network connectivity
- Command: ping -nc 1 -W 5 1.1.1.1
[ INFO ] DietPi-Update | Executing alternative command: ping -nc 1 -W 5 192.168.178.1
PING 192.168.178.1 (192.168.178.1) 56(84) bytes of data.
64 bytes from 192.168.178.1: icmp_seq=1 ttl=64 time=0.690 ms
--- 192.168.178.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.690/0.690/0.690/0.000 ms
[ OK ] Alternative command execution | Completed
[FAILED] DietPi-Update | Checking DNS resolver
- Command: ping -nc 1 -W 5 one.one.one.one
[ INFO ] DietPi-Update | Executing alternative command: ping -nc 1 -W 5 192.168.178.1
PING 192.168.178.1 (192.168.178.1) 56(84) bytes of data.
64 bytes from 192.168.178.1: icmp_seq=1 ttl=64 time=0.697 ms
--- 192.168.178.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.697/0.697/0.697/0.000 ms
[ OK ] Alternative command execution | Completed
[ OK ] Network time sync | Completed
[ INFO ] DietPi-Update | Getting latest version from: https://raw.githubusercontent.com/MichaIng/DietPi/master/.update/version
[ OK ] DietPi-Update | Got valid latest version: 8.1.2
[ OK ] DietPi-Update | No update required, your DietPi installation is already up to date:
[ INFO ] DietPi-Update | Current version : v8.1.2
[ INFO ] DietPi-Update | Latest version : v8.1.2
[ INFO ] DietPi-Update | Checking for new available live patches
[ INFO ] DietPi-Update | APT update, please wait...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://deb.debian.org/debian-security bullseye-security InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Reading package lists...
[ OK ] DietPi-Update | APT update
[ INFO ] DietPi-Update | No APT upgrades were found, not creating file: /run/dietpi/.apt_updates
This check is not hardcode. DNS as well as IP check can be configured via /boot/dietpi.txt
Many thanks for your report.
It uses the IP from dietpi.txt: https://github.com/MichaIng/DietPi/blob/747a37b/dietpi.txt#L180
Lol doubled post.
We need to add this to network settings dialogs, probably an additional entry to change this right from the G_CHECK_CON/G_CHECK_DNS error prompts.
Thanks for the quick reply :).
Learned something new. But this is never asked during installation or initial configuration right? So why not use the DNS from dietpi-config or make settings like these configurable via a menu (dietpi-config)?
It's a value set in configuration file dietpi.txt. Aim is to verify real internet connection. Means using a local DNS check against the router, which might be assigned via DHCP, would undermine the purpose of this check.
I agree that setting the routers ip is a dirty hack to bypass the check and undermines the purpose but perhaps this parameter can be made editable via dietpi-config instead of "hidden" away in dietpi.txt?
That way users can set there own real internet ip and address if they want to.
I think Pi-hole and Adguard Home users are more and more starting to block public DNS servers to prevent devices from bypassing there local DNS.
So not a bug but an improvement request :)
You mean some special error handle for the connection/DNS check?
Yes, generally G_EXEC allows this: https://github.com/MichaIng/DietPi/blob/d4dc959/dietpi/func/dietpi-globals#L931-L932 We just don't make use of it yet 😅.
Learned something new. But this is never asked during installation or initial configuration right? So why not use the DNS from dietpi-config or make settings like these configurable via a menu (dietpi-config)?
No, indeed, it is not somewhere in the dialogs yet. It should be. The IP and hostname used for the checks are however not in any way related, nor should they be, to the systems nameserver IP. A DNS provider's IP and hostname is only used since those are usually anycast IPs with many servers around the globe, the quickest/closed one responding. So those are the most reliable ones as defaults for testing Internet connectivity and DNS resolver functionality. With the second test, the system's/dietpi-config configured upstream DNS is tested, but by asking him to resolve another hostname (not its own), which is only for mentioned reason an upstream DNS hostname as well 😄. When adding those options to dietpi-config, we should make that point clear: The only things which are important when choosing IP and hostname for those checks is that those are guaranteed to be responding, that they are remote/WAN IP/hostname (since we want to check Internet connectivity) and that they are at best responding quickly, of course.