Partial/no connection after enteringUnbound DNS settings

Expected Behaviour:

I would expect more blocking and for the DNS to be running locally. Also for notifications from smart devices to get through.

I'm on a headless pi 4 64bit with all the latest updates installed.

Actual Behaviour:

I've spent a week trying various things and sadly have not made any progress! Any help would be much appreciated.

I used to have a pihole running fine on a PiZero. I've upgraded to a new pi and trying to get it installed on the new hardware. Everything seemed to be working, and I have followed the process for installing unbound: unbound - Pi-hole documentation
Everything went well, including testing the DNSSEC validation, until I changed the DNS settings on the pihole itself. As soon as I put in the custom server settings the internet connection partially stops working. If I change the IP4 setting back to one on the list everything works as expected.

Odd points:

1. with the custom DNS setting of 127.0.0.1:5335 the internet seems to work for browsing, but certain things will not work, such as apt update on the pi and the debug log would not upload either. Some notifications from devices will not be sent out either.
2. Total queries is massive - 500,000 in a day or so. Blocked queries is essentially nothing: https://imgur.com/a/E7FO33C
3. pi.hole, XXX.lan and localhost are the top 3 clients, with pi.hole almost reaching the 500,000 mark. Again this is over a day or so as I wiped the stats over the weekend: https://imgur.com/hphM8EY
4. diag.meethue.com and ntp.org are the top permitted domains with, again, a huge amount of use: Imgur: The magic of the Internet
5. I seem to be getting queries forwarded to localhost in the query log and the chart on the homepage shows most queries through localhost or cache

Tried:

1. Disable resolvconf for unbound from the main install page, then put it all back
2. Checked /etc/resolv.conf to make sure the nameserver was right
3. Tried the comments around resolvconf.conf here: https://www.reddit.com/r/pihole/comments/r88zv8/comment/hn8ao1s/

Package resolvconf in Raspbian Bullseye is configuring unbound as a forwarding, not recursive resolver. Here's the fix:

1. Edit file /etc/resolvconf.conf and comment out the last line which should read:

unbound_conf=/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf

2. Delete the unwanted unbound configuration file:

sudo rm /etc/unbound/unbound.conf.d/resolvconf_resolvers.conf

3. Restart unbound:

sudo service unbound restart

Debug Token:

I have run the debug but it could not upload (catch 22 here!). I have it in a text file if there's a way for me to get that to the devs?

Put the DNS settings back to one on the list so that it works again, then run

sudo cat your_existing_debug_log_file | pihole tricorder

and you'll have a token URL you can post here

Thanks! Here you go:
https://tricorder.pi-hole.net/xFgyM180/

This will temporarily reset the nameserver on the Pi to bypass Pi-Hole DNS.

sudo nano /etc/resolv.conf

Edit the nameserver line to nameserver 9.9.9.9 or your preferred third party DNS service, save and exit

Run

pihole -d

and upload the debug log.

Here it is: https://tricorder.pi-hole.net/zlnT3OPY/

Thank you.

image1754×369 47.5 KB

Just checked my graph and you can see where I switched from the unbound DNS server to quad 9 this morning!

Finally worked it out after going through everything again. I was checking the information here: Pihole + Unbound not working as it should - #12 by jfb and ran

sudo grep -v '#|^$' -R /etc/unbound/unbound.conf*

This still showed unbound was still not acting as recursive but forwarding. It was because I had renamed resolvconf_resolvers.conf to resolvconf_resolvers_old.conf rather than removing the file completely. Turns out it was still being picked up even with the new name. Removed the file and everything seems to be working correctly now.
Odd specific case but that answer might help someone!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.