Alternative upstream DNS (Unbound)


#23

How woulld I go about installing this on Raspbian stretch then, any hints? :slight_smile:


#24

Do you have Unbound already installed and working? If not then you can click the manual linked in the first posting.

first install Unbound for Stretch and we upgrade it to current 1.90 version.


#25

I have Unbound installed and working but what I don’t know is how to get it upgraded to 1.90? I didn’t think there was an unstable branch in Raspbian?


#26

I use SID to obtain Unbound 1.90

Change /etc/apt/sources.list as follows:

add line and save file: deb http://ftp.us.debian.org/debian sid main

Run apt update which takes a short time and you get a big number of packages that can be upgraded. Ignore those because we only want Unbound 1.90

Now you enter: apt install unbound

It will go through some dependencies and it should install Unbound.

After that you change back the /etc/apt/sources.list by adding a # in front of the added line.

Now you run again apt update so that it again on Stretch.


#27

Thanks! Will that work with Raspbian on a Pi3 as well? I guess I could do apt-pinning as well to set priorities of the sources?


#28

I have it running on a Pi3 B and B+ but it should also run on lower versions.

There are not that frequent updates of Unbound and I find way of working not that difficult.


#29

Thanks, much appreciated!

Since you’re running it on a Pi, I have a question for you if you don’t mind… I discovered last night that when running speedtest-cli on my Pi 3B+ I only get about 20-30Mbps. If I set the port to 100Mbps using ethtool I get 90Mbps or more. Tried with iPerf3 too, same thing. Do you have this problem too? 3B+ should manage 2-300Mbps…


#30

I will check this later.
There is a thread on this in the RaspberryPI forum.

https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=208512&sid=b3b57adcfc3c5045450413f44720f3fe&start=175


#31

Thanks! It’s been driving me crazy! Read that thread too but some people manage to get full speed but others not, wondering if it could have something to do with the router/switch. Tried an older Raspbian image too but same thing…


#32

It made no difference when enabling or disabling RX/TX flowcontrol.

Testing with Speedtest-cli

Port set to 1Gbps
Download: 227.60 Mbits/s
Upload: 203.69 Mbits/s

Port set to 100Mbps
Download: 23.44 Mbits/s
Upload: 3.87 Mbits/s


#33

Thanks! It’s almost the opposite to what I get, very weird. I have an Asus router and nowhere I can set RX/TX flowcontrol. I will try connecting it to an external switch instead and see if that makes a difference.

EDIT: Nope, external switch didn’t make a difference…


#34

I get an error like this when running apt update…

pi@raspberrypi:~ $ sudo apt update
Hit:1 http://raspbian.raspberrypi.org/raspbian stretch InRelease
Hit:2 http://archive.raspberrypi.org/debian stretch InRelease
Get:3 http://ftp.us.debian.org/debian sid InRelease [242 kB]
Err:3 http://ftp.us.debian.org/debian sid InRelease
The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Reading package lists… Done
W: GPG error: http://ftp.us.debian.org/debian sid InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
E: The repository ‘http://ftp.us.debian.org/debian sid InRelease’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

EDIT: added “deb [trusted=yes] http://ftp.us.debian.org/debian sid main” instead and it worked…

EDIT2: Unbound doesn’t start completely though, something is not right…


#35

If something is wrong then I run normally:

sudo unbound -d -vvvvv

You can see where it goes wrong. Is your date and time correct?


#36

Thanks, sorry for the lack of details but it was getting late last night. Am I supposed to install the old Stretch version of Unbound first? I tried this on a fresh Pi…


#37

I can’t say that because I upgraded it each time the new unstable version came out.

First check my line to start unbound and check the log if generated in /var/log/unbound.log

And check if you following files in /var/lib/unbound

root.hints
root.key

and maybe

root.zone
root.ds

Did install it dependencies like Python3.7

Look at: https://packages.debian.org/sid/unbound


#38

Thanks for all the help but it was a silly mistake on my part, forgot to allow port 53 for that Pi in my router… :blush: Looks like it’s working now!

About the speed problem with the Pi on wired Gig. I bough a TP-link switch which I hooked it up to, then I discovered that it had a setting for flow control on each port so I enabled that on the Pi-port on the external switch and after that my speeds with iperf3 are 230Mbps+… looks like my Asus router doesn’t have flow control on.


#39

No problem and I am pleased that I could help you as good as possible.

Also good news from you that you now know why you didn’t got the speed. And maybe you can force the Asus to enable flow control:

ethtool -A eth0 tx on rx on
Then, you need to make sure auto-negotiation is enabled and restart it.
ethtool -A eth0 autoneg on
ethtool -r eth0

Check with: ethtool -a eth0


#40

Thanks again, I might give that a try as well… :slight_smile:


#41

Now in TESTING as well…

https://tracker.debian.org/pkg/unbound


#42

That is normal after a few days. It would be really sweet when it trickled down to other version.

If I would not have made the jump in to updating it myself I would still be on version 1.4 wich is from August 2017.