Expected Behaviour:
Hello, I have a pihole+unbound container set up (GitHub - aleksanderbl29/docker-pihole-unbound: Run Pi-Hole + Unbound on Docker)
My current setup as follows:
- OS: Debian GNU/Linux 11 (bullseye)
- Raspberry Pi 4
- docker-compose.yaml:
---
volumes:
etc_pihole-unbound:
etc_pihole_dnsmasq-unbound:
services:
pihole:
# dns:
# - 127.0.0.1
container_name: pihole-unobund
image: aleksanderbl/pihole-unbound:latest
hostname: ${HOSTNAME}
domainname: ${DOMAIN_NAME}
ports:
#- 443:443/tcp #Not needed
- 53:53/tcp
- 53:53/udp
- 83:80/tcp #Allows use of different port to access pihole web interface when other docker containers use port 80
# - 5335:5335/tcp # Uncomment to enable unbound access on local server
# - 22/tcp # Uncomment to enable SSH
environment:
- TZ=${TZ:-UTC}
- FTLCONF_webserver_api_password=${WEBPASSWORD}
- FTLCONF_webserver_interface_theme=${WEBTHEME:-default-light}
- FTLCONF_dns_upstreams=127.0.0.1#5335
- FTLCONF_dns_dnssec="true"
- FTLCONF_dns_listeningMode=single
volumes:
- /srv/dev-disk-***/Config/Pihole/etc-pihole/:/etc/pihole/:rw
- /srv/dev-disk-***/Config/Pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/:rw
restart: unless-stopped
- Docker Engine 27.4.1
- ASUS RT-AX58U Merlin 3004.388.9
When I run dnsleaktest it shows me Google DNS servers as my name resolvers. As far as I understand I should only see my ISP WAN IP, but this behavior is only achievable if Pihole is set as WAN DNS resolver, what is not recommended by the official manual.
I have found a similar question here DNS leak test shows Google IP addresses when using unbound
and here DNS leak test shows other IPs when using unbound - #6 by jfb
But by the looks of it these cases don't apply to mine because I run Pihole and unbound in a single container. I checked resolvconf_resolvers.conf inside the container and on system level, there were no forward rules set.
For the record - I am not connecting from Finnland, if that is important.
Actual Behaviour:
Google DNS showing up as name resolvers in dnsleaktest