The issue I am facing:
I have installed pi-hole along with unbound on my pi and set it up to query the authoritative servers (eg root servers etc) and not as a forwarder dns. ie I have nothing in my phhole - dns - upstream dns listed but under custom 1 I have 127.0.0.1#5335
Pihole is working and blocking ads.
I did a dns leak test at dnsleaktest.com.and I expected to see my IP address as the dns servers or the dns of the authoritative dns servers but all I got was a list of 26 Google DNS servers all based in London.
Is this correct and I making the wrong assumption
How can I see what DNS servers pi-hole/unbound is actually talking to?
Details about my system:
Pi-hole installed a vanilla Raspberry Pi Zero W running the latest raspbian (bullseye)
My clinet windows PC is win10 and configured for DNS to 192.168.0.2, the ip of pihole What I have changed since installing Pi-hole:
Nothing.
Additional info, my etc/dhcpcd.conf is...
> # A sample configuration for dhcpcd.
> # See dhcpcd.conf(5) for details.
>
> # Allow users of this group to interact with dhcpcd via the control socket.
> #controlgroup wheel
>
> # Inform the DHCP server of our hostname for DDNS.
> hostname
>
> # Use the hardware address of the interface for the Client ID.
> clientid
> # or
> # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
> # Some non-RFC compliant DHCP servers do not reply with this set.
> # In this case, comment out duid and enable clientid above.
> #duid
>
> # Persist interface configuration when dhcpcd exits.
> persistent
>
> # Rapid commit support.
> # Safe to enable by default because it requires the equivalent option set
> # on the server to actually work.
> option rapid_commit
>
> # A list of options to request from the DHCP server.
> option domain_name_servers, domain_name, domain_search, host_name
> option classless_static_routes
> # Respect the network MTU. This is applied to DHCP routes.
> option interface_mtu
>
> # Most distributions have NTP support.
> #option ntp_servers
>
> # A ServerID is required by RFC2131.
> require dhcp_server_identifier
>
> # Generate SLAAC address using the Hardware Address of the interface
> #slaac hwaddr
> # OR generate Stable Private IPv6 Addresses based from the DUID
> slaac private
>
> # Example static IP configuration:
> #interface eth0
> #static ip_address=192.168.0.10/24
> #static ip6_address=fd51:42f8:caae:d92e::ff/64
> #static routers=192.168.0.1
> #static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
>
> # It is possible to fall back to a static IP if DHCP fails:
> # define static profile
> #profile static_eth0
> #static ip_address=192.168.1.23/24
> #static routers=192.168.1.1
> #static domain_name_servers=192.168.1.1
>
> # fallback to static profile on eth0
> #interface eth0
> #fallback static_eth0
>
> interface wlan0
> inform 192.168.0.2
> static routers=192.168.0.1
> static domain_name_servers=192.168.0.1
> static domain_search=192.168.0.2
> interface wlan0
> static ip_address=192.168.0.2/24
> static routers=192.168.0.1
> static domain_name_servers=8.8.8.8 8.8.4.4
**my /etc/resolv.conf is...**
# Generated by resolvconf
search 192.168.0.2
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver fdb7:aaec:b855:0:7250:afff:fe44:4078
and my /etc/resolvconf.conf is...
# Configuration for resolvconf(8)
# See resolvconf.conf(5) for details
resolv_conf=/etc/resolv.conf
# If you run a local name server, you should uncomment the below line and
# configure your subscribers configuration files below.
#name_servers=127.0.0.1
> # Mirror the Debian package defaults for the below resolvers
> # so that resolvconf integrates seemlessly.
> dnsmasq_resolv=/var/run/dnsmasq/resolv.conf
> pdnsd_conf=/etc/pdnsd.conf
> unbound_conf=/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf
For more information for any noobs like me, I followed a tutorial on how to install pi-hole and use it as a recursive dns server using unbound. The tutorial is Youtube-Craft Computing
If you install on the latest Raspbian (Bullseye) it appears that there is differences (from Buster) and you need to shut down the unbound-resolvconf.service.
Refer to the unbound section https://docs.pi-hole.net/guides/dns/unbound/ and find the " Disable resolvconf for unbound (optional)" and implement this to shut the service down. Then you need to follow the solution above by jpgpi250 to comment out lines from /etc/resolvconf.conf
and delete /etc/unbound/unbound.conf.d/resolvconf_resolvers.conf