PiHole - port 53 appears to be conflicting

alecjtaylor · May 29, 2025, 9:55pm

Hi All,

I’ve been running my TrueNAS Scale instance for a few weeks without issue. After a powercut yesterday, all the apps came back up, apart from Pihole.

After looking into the /var/log/app_lifecycle.log for more details as advised, I found this.

11.12MB/11.12MB
9fe644bd1a92 Pull complete 
pihole Pulled 
Network ix-pihole_default  Creating
Network ix-pihole_default  Created
Container ix-pihole-pihole-1  Creating
Container ix-pihole-pihole-1  Created
Container ix-pihole-pihole-1  Starting
Error response from daemon: driver failed programming external connectivity on endpoint ix-pihole-pihole-1 (18a41e823f3a49e29c0b8243e65bae93119ae7405cf26f5cbcc9e563c89b3961): failed to bind port 0.0.0.0:53/tcp: Error starting userland proxy: listen tcp4 0.0.0.0:53: bind: address already in use\n

I can see that some other service is using port 53.

How can I stop this or alter the config of Pihole??

LarsR · May 29, 2025, 10:00pm

Its propably incus using port 53 for internal dns resolution.

you can try with

sudo incus network set incusbr0 raw.dnsmasq="port=5354"

to rebind the incus port and free up port 53

alecjtaylor · May 29, 2025, 10:15pm

Amazing!! Thanks for the rapid and very useful response!
That worked a treat!

watashiwa · June 7, 2025, 12:35am

this helped me reinstall pihole !! hey development team are you taking notes!?

Justin_H · August 17, 2025, 6:25pm

Took me forever to get here but this solved my problem thank you.

Mario_Robles · September 1, 2025, 2:32am

This also resolved container creation erroring on 25.04

Thanks

If I may ask, how did you knew/guess it was incus?
and how would I go about stumbling my way into finding it was incus?

I appreciate the help immensely, my question is simply my drive to understand something I do not.

LarsR · September 1, 2025, 10:29am

When incus was first announced i played around with it extensively to see if it can be a 1:1 replacement for my jailmaker nspawn-container which hosts my docker stack. One of the docker container i run in there is blocky, a dns-sinkhole like pi-hole which also needs port 53. I then googled around and found the command i posted in this tread above in a post on the incus forum.

So basically i’ve been in the same position 6 months ago

lbelof · December 18, 2025, 1:26pm

Does this raw.dnsmasq setting survive:

TrueNAS SCALE reboots?
TrueNAS SCALE upgrades?

LarsR · December 18, 2025, 1:29pm

It does for me. As already mentioned, changed it almost a year ago and did every update that truenas got during that time.

hasmar04 · January 30, 2026, 1:33am

I just did the upgrade from 25.04 to 25.10, now that it is considered stable, and I had to run this command again to get Pihole working again. At least it was an easy fix.

Badger · May 3, 2026, 11:17pm

Seeing as I had to redo this when I did the 25.10 upgrade, i’m presuming that this will revert with all upgrades (or at least significant ones), here’s a script to inject the incus networkcommand into the /etc/init.d/docker file so it will run on start of the docker service

#!/usr/bin/bash

set -e

PORT_TO_SET=5354

if [ "$(id -u)" != '0' ]; then
    echo "Must be run as root"
    exit 1
fi

function getThePort () {
  local portString
  portString=$(incus network get incusbr0 raw.dnsmasq || true | grep -oP 'port=\K\d+')
  echo "${portString#port=}"
}


thePort=$(getThePort)
initd=/etc/init.d/docker

if [[ ! -f "$initd" ]]; then
  echo "Docker init script not found at $initd. Exiting."
  exit 1
fi

if [[ -z "$thePort" ]]; then
    echo "No port found in incusbr0 configuration. Setting to default $PORT_TO_SET."
    thePort=$PORT_TO_SET
    doSet=true
elif [[ "$thePort" -ne "$PORT_TO_SET" ]]; then
    echo "Current DNS port is $thePort. Updating to $PORT_TO_SET."
    doSet=true
else
    echo "Port is already set to $PORT_TO_SET. No changes needed."
    doSet=false
fi

cmdOpen="incus network set incusbr0 raw.dnsmasq="
theCmd="${cmdOpen}\"port=$PORT_TO_SET\""

lineExists=$(grep -c "$cmdOpen" "$initd" || true) 

if [[ "$doSet" == true || "$lineExists" -eq 0 ]]; then
    echo "Setting DNS port to $PORT_TO_SET."
    if [[ "$doSet" == true ]]; then
        # do it now
        eval "$theCmd"
        echo "DNS port updated to $PORT_TO_SET."
    fi

    # Inject the command into the init script before the start-stop-daemon line
    sed -i "/$cmdOpen/d" "$initd"
    sed -i "/start-stop-daemon --start/i\\        $theCmd" "$initd"
    echo "Injected command into $initd before start-stop-daemon line."
fi

also available as a github gist at https://gist.github.com/itsalljustdata/aff96c558b40f026fa5c572252e31ee9

Topic		Replies	Views
Local DNS on Fangtooth Apps and Virtualization SCALE , Apps , Custom-Apps , Fangtooth	19	1894	November 14, 2025
Dumb question regarding Instances port 53 and pihole conflict TrueNAS General	10	2015	July 17, 2025
Unable to Install pi-hole App TrueNAS General SCALE , Networking	4	365	September 4, 2025
Error Setting Up Instances - [EFAULT] The DNS and DHCP service exited prematurely: exit status 2 Apps and Virtualization	10	1205	May 14, 2025
Upgrade to Fangtooth dident go as planned TrueNAS General	16	685	April 26, 2025

PiHole - port 53 appears to be conflicting

Related topics