Https://docs.pi-hole.net/guides/unbound/ - unbound and iptables question

Finally got Pihole working great on the same pi I'm using as a WAP and router, which saves me from having to carry one more device when I travel. Now I'm turning on the recursive DNS server in the web admin, and I have a question.

Your guide at Redirecting... works perfectly on my setup, right out of the box. And I didn't even have to add any new firewall rules, which left me wondering - why didn't I have to open up 5353 for unbound?

I'm clearly not a router expert. Could it be because unbound's calls to the DNS server do not traverse any iptables chains at all?

Thanks for any hints that might clarify this for me (and possibly others).

George

Port 5353 is local to the Pi in this application. 127.0.0.1:5353

OK, that makes sense.

Now that I have it running, tcpdump shows some packets on 5353, but still a lot of packets on port 53. Is that normal?

I assume tcpdump is running on the Pi? The port 5353 traffic is between Pi-Hole and unbound. The port 53 traffic is from unbound to the name servers.

Yes, tcpdump is running on the pi.

Thanks. That helps.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.