Welcome to my website

Configure static ip for a pi-hole server

Category: Linux | Published: 11 July 2025 07:44:56

Last Updated: 11 July 2025 09:48:47

How to Configure a Static IP and Pi-hole DNS on Ubuntu Server with Netplan


Solving Persistent DNS Overwrites (Including Router DNS Issues)



Introduction

Setting up a static IP address for your Ubuntu server is crucial, especially when it's running services like Pi-hole. A static IP ensures your Pi-hole is always reachable at a predictable address. Ubuntu's modern network configuration tool, Netplan, simplifies this process.

However, things can get complicated when other services or your router try to force their own DNS settings, leading to "Temporary failure in name resolution" errors or unwanted DNS servers appearing in your /etc/resolv.conf. This guide will walk you through a robust configuration to ensure your Pi-hole server consistently uses its own Pi-hole instance for DNS, even if your router is stubborn!

Prerequisites


  • An Ubuntu Server installation (this guide assumes a recent version using Netplan).
  • SSH access to your server.
  • Your desired static IPv4 address (e.g., 192.168.178.10).
  • Your network's gateway (router's IP address, e.g., 192.168.178.1).
  • The name of your network interface (e.g., eno2, enp0s3, eth0).
  • Pi-hole already installed on this server (using 127.0.0.1 as the primary DNS for the server itself).


Step-by-Step Guide



Step 1: Identify Your Network Interface Name
First, you need to know the exact name of your network interface.
ip a

Look for the interface with your current IP address (e.g., 192.168.178.10). In our example, we'll use eno2.

Step 2: Backup Existing Netplan Configurations (Safety First!)
It's good practice to back up any existing Netplan configuration files before making changes.


ls /etc/netplan/

sudo cp /etc/netplan/00-installer-config.yaml /etc/netplan/00-installer-config.yaml.bak

# Repeat for any other .yaml files you find, e.g., 50-cloud-init.yaml, 01-network-manager-all.yaml


Step 3: Create Your Primary Netplan Configuration File
This will be the definitive source for your network configuration. We'll name it 00-static-config.yaml to ensure it's processed first.
sudo nano /etc/netplan/00-static-config.yaml

Paste the following content, making sure to replace eno2 with your actual interface name, and adjust the IP address, subnet mask, and gateway to match your network.

Explanation of Key Settings:
  • renderer: networkd: This tells Netplan to use `systemd-networkd`, the recommended network renderer for servers, which is more stable than NetworkManager for static configurations.
  • dhcp4: no: Prevents the server from requesting IPv4 addresses and DNS servers via DHCP.
  • dhcp6: no: Prevents the server from requesting IPv6 addresses and DNS servers via DHCPv6.
  • accept-ra: no: Crucial for router DNS issues! This tells the server to ignore IPv6 Router Advertisements (RAs), which are often used by routers to push IPv6 addresses and IPv6 DNS servers (like your `2a10:50c0::` addresses). By setting this to `no`, the server will not automatically configure IPv6 or its DNS based on router broadcasts.
  • nameservers: addresses: [127.0.0.1, 1.1.1.1]:
  • 127.0.0.1: This is the most important. It tells your server to use its own local Pi-hole instance for DNS resolution.
  • 1.1.1.1: This is a public DNS server (Cloudflare) that acts as a fallback, in case your Pi-hole service is temporarily down (though ideally, it should always be up!).




# /etc/netplan/00-static-config.yaml

network:

  version: 2

  renderer: networkd

  ethernets:

    eno2: # IMPORTANT: Replace with your actual interface name (e.g., enp0s3, eth0)

      dhcp4: no

      dhcp6: no         # Disable IPv6 DHCP

      accept-ra: no     # Stop accepting IPv6 Router Advertisements (crucial for router DNS issues)

      addresses:

        - 192.168.178.10/24 # Your server's static IP address and subnet mask

      routes:

        - to: default

          via: 192.168.178.1 # Your router's IP address (gateway)

      nameservers:

        addresses:

          - 127.0.0.1         # PRIMARY: Use Pi-hole running on THIS server

          - 1.1.1.1           # SECONDARY: A public DNS server (e.g., Cloudflare) as a fallback

Save the file (Ctrl+O, Enter, Ctrl+X in Nano).

Step 4: Disable Conflicting Netplan Files
Other Netplan files, especially those related to NetworkManager or cloud-init, can override your settings. We need to disable them.
ls /etc/netplan/

You might see files like:
  • 01-network-manager-all.yaml
  • 50-cloud-init.yaml
  • 90-NM-xxxxxxxxxxxx.yaml (where x's are a long string)

Rename them to disable them so Netplan ignores them:


sudo mv /etc/netplan/01-network-manager-all.yaml /etc/netplan/01-network-manager-all.yaml.disabled

sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/50-cloud-init.yaml.disabled

sudo mv /etc/netplan/90-NM-80ab1970-e833-372e-8635-f330b7d9f1f0.yaml /etc/netplan/90-NM-80ab1970-e833-372e-8635-f330b7d9f1f0.yaml.disabled

# (Adjust the 90-NM- file name to match yours)

Note: Only run the `mv` command for files that actually exist in your /etc/netplan/ directory.

Step 5: Configure NetworkManager to Release Control (If Installed and Active)
If NetworkManager is installed (common on desktop Ubuntu, sometimes on servers), it can interfere even with Netplan's `networkd` renderer. We need to tell it to step aside for DNS and your interface.

Edit NetworkManager's main configuration:
sudo nano /etc/NetworkManager/NetworkManager.conf

Under the [main] section, add or ensure these lines exist:


[main]

plugins=ifupdown,keyfile

dns=none        # Tells NM not to manage DNS

rc-manager=file # Helps NM not to overwrite resolv.conf

Save the file.

Tell NetworkManager to ignore your interface:
Create a new NetworkManager configuration file:
sudo nano /etc/NetworkManager/conf.d/disable-eno2.conf

Add the following content (again, replace eno2 with your interface name):


[keyfile]

unmanaged-devices=interface-name:eno2

Save the file.

Restart NetworkManager:
sudo systemctl restart NetworkManager


Step 6: Set Correct File Permissions
Netplan is security-conscious and will warn you if configuration files are too open. Ensure only root can read/write them.


sudo chmod 600 /etc/netplan/00-static-config.yaml

sudo chmod 600 /etc/netplan/*.disabled # Applies to all files you disabled


Step 7: Apply Netplan Configuration
This command will read your Netplan files, generate the necessary configuration for `systemd-networkd`, and apply the changes.


sudo netplan generate

sudo netplan apply

Important: You should see no errors or warnings during `netplan generate` or `netplan apply`. If you do, double-check your YAML syntax (indentation is crucial – use spaces, not tabs!) and file names/permissions. If `systemd-networkd` wasn't running, `netplan apply` might restart it. You can check its status with `sudo systemctl status systemd-networkd`.

Step 8: Verify DNS Configuration Immediately
Check the contents of your /etc/resolv.conf file. It should now reflect your Netplan settings.
cat /etc/resolv.conf

You should see:
[Code]
nameserver 127.0.0.1
nameserver 1.1.1.1
search .
[/Code]
The unwanted 192.168.178.50 and IPv6 DNS entries should be gone.

Test your DNS resolution:


ping google.nl

nslookup google.nl

`nslookup` should show 127.0.0.1 as the server used for resolution.

Step 9: Reboot and Verify Persistence
This is the ultimate test to ensure your changes survive a system restart.
sudo reboot

After the server reboots and you log back in, immediately check resolv.conf again:
cat /etc/resolv.conf

If it still shows only 127.0.0.1 and 1.1.1.1, then your static IP and DNS configuration is permanent!

Common Problems & Solutions (Revisited)



Problem: Router is Broadcasting Unwanted DNS Servers (Especially IPv6)
  • Solution: This is what `dhcp6: no` and `accept-ra: no` in your `00-static-config.yaml` are designed to fix. Your router might be providing DNS via DHCPv6 or Router Advertisements (RAs) and cannot be configured to hand out your Pi-hole's IP. By setting these Netplan options, you tell your server to ignore those network-provided DNS details and rely solely on what you've specified in your `nameservers` section.


Problem: /etc/resolv.conf Keeps Reverting or Showing Wrong DNS
  • Solution: This typically points to NetworkManager or `cloud-init` interfering. Ensure you've completed Step 4 (disabling conflicting Netplan files) and Step 5 (configuring NetworkManager to release control). The `renderer: networkd` in your primary Netplan file is key to handing control to `systemd-networkd`, which should then strictly adhere to your static configuration.


Problem: Netplan Warnings About Permissions
  • Solution: Netplan is warning you that your .yaml files are too readable by other users. This is a security measure. Use `sudo chmod 600 /path/to/your/file.yaml` for each file mentioned in the warning to restrict access to only the root user.


Conclusion



Congratulations! You now have a robust and persistent static IP and DNS configuration for your Pi-hole Ubuntu server.

Enjoy a cleaner, more controlled network! Happy Pi-holing!

Back to Knowledge Base