HA Pi-hole config static DNS servers

Help
1

Expected Behaviour:

Hardware: Raspberry Pi 3B+
Operating System: Debian GNU/Linux 11 (bullseye)
Kernel: Linux 5.10.92-v8+
Architecture: arm64
I was previously running on the same hardware with Buster (Debain 10) which is why I rebuilt my setup.

I have 2x Raspberry Pi 3B+ running Pi-hole using Unbound in a HA configuration using Gravity Sync to keep them in sync and Keepalived for VRRP.

Pi-hole 1 (3kl-dns-01) = 10.165.11.8
Pi-hole 2 (3kl-dns-02) = 10.165.11.9
VRRP = 10.165.11.10

3kl-dns-01 ~/etc/hosts

127.0.0.1            localhost
::1                  localhostip6-localhost ip6-loopback
{f02::1              ip6-allnodes
£{02:=2              ip6-allrouters

127.0.1.1            3k1-dns-01

10.165.11.10         3kl-dns
10.165.11.9          3kl-dns-02
10.165.11.8          3kl-dns-01

3kl-dns-02 ~/etc/hosts

127.0.0.1            localhost
::1                  localhostip6-localhost ip6-loopback
{f02::1              ip6-allnodes
£{02:=2              ip6-allrouters

127.0.1.1            3k1-dns-02

10.165.11.10         3kl-dns
10.165.11.9          3kl-dns-02
10.165.11.8          3kl-dns-01

Previously I was running with the VRRP IP as the static DNS server for both Pi-hole instances which meant they followed the active FTL and always remained controlled/logged/blocked, configured like this:

3kl-dns-01 ~/etc/dhcpcd.conf

interface eth0
static ip_address=10.165.11.8/27
static routers=10.165.11.1
static domain name servers=10.165.11.10

Unbound is configured on port 5335 and setup in Pi-hole as the only Upstream DNS Server (127.0.0.1#5335):

Screenshot 2022-02-26 at 01.21.09
Screenshot 2022-02-26 at 01.21.09968×504 39.8 KB

The Interface Settings are set to Respond only on interface etho:

Screenshot 2022-02-26 at 01.24.22
Screenshot 2022-02-26 at 01.24.22960×1058 164 KB

The Advanced DNS Settings are configured as follows:

Screenshot 2022-02-26 at 00.41.47
Screenshot 2022-02-26 at 00.41.471920×1778 249 KB

Actual Behaviour:

Despite this being an identical configuration which worked on Buster, now on Bullseye Pi-hole gets spammed with lookups which despite being from other devices appear multiple times (like it's looping) from the local server, in this example 3kl-dns-01:

Screenshot 2022-02-26 at 00.37.33
Screenshot 2022-02-26 at 00.37.331954×1030 294 KB

In a very short period of time limits are hit and requests are ignored, making the network grind to a halt until the dhcpcd.conf is changed to use the router (10.165.11.1) as the static DNS server, bypassing both Pi-hole instances.

This same behaviour is seen on both instances and despite trying a lot of different configurations, I can't get this to behave as it used to in Buster. Am I missing something?

Debug Token:

[https://tricorder.pi-hole.net/62tsfXiM/]

2

I have since found this thread which I think has solved my problem:

This is what I did:

  • disable and stop unbound-resolvconf.service
  • commenting resolv_conf=/etc/resolv.conf and unbound_conf=/var/cache/unbound/resolvconf_resolvers.conf in /etc/resolvconf.conf
  • deleting /etc/unbound/unbound.conf.d/resolvconf_resolvers.conf
  • reboot
4

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.