No internet after configuring router’s Primary DNS as Unbound Host IP Address

Alan_Simon · May 27, 2025, 3:44pm

Server specs:

GMKtec Mini PC N150, G3 Plus Intel Twin Lake N150 (3.4GHz), 8GB DDR4 RAM 256GB PCIe M.2 SSD, Desktop Computer 4K Dual HDMI/USB3.2/WiFi 6/BT5.2/2.5G RJ45
Ubuntu 24.04.2 LTS
connected to router via Wi-Fi

Router: TP-Link Archer AXE75 AX5400 Wireless Tri-Band Gigabit Router

I have unbound + pi-hole running on the aforementioned server. I also have a separate UnRAID server which currently has a GlueTun container configured with WireGuard and NordVPN to tunnel outbound traffic from other app containers running on the server, but I have not configured the containers for the other apps just yet so I’m under the impression that the tunnel is not actively sending any data at the moment. I don’t think GlueTun is affecting the issues I’m experiencing.

Expected Behaviour:

Changing Primary DNS field in router settings from the default one to the ip address of my server should result in normal web browsing experience with ad-blocking enhancements and local DNS upstream resolver Unbound being used instead of a 3rd party resolver defaulted to by ISP.

Actual Behaviour:

No internet. I have pihole active and running, I verified with systemctl check. Unbound is not running due to syntax errors in etc/unbound.conf.d/pi-hole.conf. It’s not recognizing keyword ‘keyserver’ which appears to be yaml key at root level of the file

Debug Token:

“Replace this text with the debug token provided from running pihole -d”

^ Working on providing this but the curl uploaded link doesn’t work of course because of DNS failing so trying to transfer the log onto USB device which I can upload to this post from my Mac with hotspot from phone but the usb device isn’t getting read by Mac for some reason…

Do I need to restart my router? Do I need to do anything on my local clients? I saw some threads mentioning renewing DHCP leases or something like that?

jfb · May 27, 2025, 5:19pm

This will temporarily reset the nameserver on the Pi to bypass Pi-Hole DNS.

sudo nano /etc/resolv.conf

Edit the nameserver line to nameserver 9.9.9.9 or your preferred third party DNS service, save and exit

Run

pihole -d

and upload the debug log.

jfb · May 27, 2025, 5:25pm

Change this line to server and restart unbound.

Alan_Simon · May 27, 2025, 7:36pm

I did so and then service unbound restart, now the logs say it has started, but when I go back to my MacBook and try to access a website, still get no data

Alan_Simon · May 28, 2025, 12:31am

I’m seeing “Error in NTP Client: cannot resolve ntp server address:Try Again” in Pi-hole diagnosis tab in the UI. The thing is in the pre-requisites steps, I did not specify the NTP ports for any of those commands in those steps since I only want the https and http and dns, so I’m not sure where that’s coming from? NTP configs seem to be enabled in the pihole toml file as child nodes of the dhcp config node if I’m interpreting things correctly… but I have dhcp disabled? Is the NTP test unrelated to dhcp?

Alan_Simon · May 28, 2025, 12:32am

Also I have nginx configured as reverse proxy on a separate host which has ports 80 and 443 forwarded to it. I saw something mentioning that if another host is listening to these ports, then pihole will listen on 8080 and 8443 Prerequisites - Pi-hole documentation

Alan_Simon · May 28, 2025, 12:47am

I turned off all the NTP settings in the toml file (ipv4, ipv6, sync) and don’t see that particular error any more. However, I still see red x checked off for custom ftl zone not detected . The dig cmd fails with 1 when retrieving ipv4 addr for ns1.pi-hole.net

jfb · May 28, 2025, 1:04am

Have you run the test commands from our unbound guide?