Nein, lass sie weg.
Du könntest es auch mit
# If no logfile is specified, syslog is used
logfile: "/var/log/unbound/unbound.log"
verbosity: 1
in der unbound.conf versuchen. Evtl. wird etwas protokolliert.
1 Like
Du könntest mal versuchen für Unboud einen Log einzurichten und dann nach und nach das verbosity Level hochzudrehen:
Du schreibst in /etc/unbound/unbound.conf.d/pi-hole.conf einfach
logfile: "/var/log/unbound/unbound.log"
log-time-ascii: yes
verbosity: 2
rein, erstellst die log Datei und ordnest sie dem Nutzer unbound zu.
sudo touch /var/log/unbound/unbound.log
sudo chown unbound /var/log/unbound/unbound.log
startest unbound neu
sudo service unbound restart
Führst die Abfrage aus und lässt dir dann das Log mal ausgeben.
cat /var/log/unbound/unbound.log
Danke für die hilfreiche Anleitung! Ich habe das so eingerichtet und hoffe, dass sich hilfreiche log-Einträge zeigen werden.
Am Rande für n00bs wie mich:
vor dem sudo touch musste noch ein sudo mkdir /var/log/unbound ausgeführt werden.
Danke, hatte ich vergessen.
Unbound ist sehr gesprächig, das log wird sich schnell füllen.
Ist das normal?
(...)
Aug 04 10:24:35 unbound[22040:0] info: resolving f.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving w****.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving f.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving w****.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving f.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:35 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving w****.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving f.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving w****.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving f.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving z.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
Aug 04 10:24:40 unbound[22040:0] info: resolving a.nic.de. A IN
(echte Domains habe ich durch **** gekürzt)
Also ist die Flut an a.nic.deund z.nic.de echt?
Welcher Client flutet da so?
Scheinbar hat sich das wieder etwas gelegt. Aber eine "Flut" bleibt es trotzdem - viele Anfragen werden scheinbar 30-40 mal abgesetzt:
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:37 unbound[22040:0] info: resolving star.c10r.facebook.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Aug 04 11:49:39 unbound[22040:0] info: resolving play.google.com. A IN
Diese Anzahl von log-Einträgen sehe ich für unterschiedlichste Domains ständig. Im Moment läuft sonst aber alles noch recht gut. Ich melde mich wieder, wenn ich SERVFAILs bekomme.
Mein nächster Versuch wäre das vollständige Abklemmen von Hyperlocal; sprich Sektion auth-zone in der Config von Unbound entfernen.
Wie erwartet sind die SERVFAILs wie immer nach spätestens einigen Stunden nach einem Unbound-Restart wiedergekommen.
Ich habe nun als neuen Versuch die gesamte /etc/unbound/unbound.conf.d/localroot.conf (= auth-zone) auskommentiert.
Zuvor hatte ich jede Menge Meldungen wie diese:
Aug 05 23:08:38 unbound[5668:0] info: query response REC_LAME: recursive but not authoritative server
Aug 05 23:08:38 unbound[5668:0] info: mark as REC_LAME
Kann mir jemand sagen, was die bedeuten?
Ja die Anleitung ist schon nicht schlecht, auch ich habe mich daran orientiert. Im nachhinein bin ich mir jedoch nicht mehr so sicher wie gut die Idee war. Wenn man sich durch die Kommentare liest, scheint die Anleitung ein einziger Scherbenhaufen. Ich hab vielleicht 3/4 geschafft, bevor ich den faden verloren habe.
Bereits auf Seite 3 gab es ein Update.
auf Seite 4 eine korrektur
Weiter hinten wurde unter anderem der Unbound-Port geändert: 5353 → 5335. was ebenfalls wieder in frage gestellt wurde, weil sowohl der eine wie auch der andere benutzt werden (irgendwas mit mDNS und PiHole FTL). Daher verwende ich Port 8953. IANA listet den Port für Unbound.
ich mag mich auch wage daran erinnern, dass der Guide für ein altes Debian geschrieben wurde, und es auch dafür irgend wo in den Kommentaren eine Anleitung gab.
Das habe ich ja umgesetzt - aber ich muss sagen, jetzt sehe ich im Unbound-Log kaum noch Informationen zu den SERVFAILs, die jedoch trotzdem auftreten (und per dig verifiziert werden können). Hier z.B. der Eintrag für de.wikipedia.org:
Aug 05 23:13:01 unbound[5668:0] info: resolving de.wikipedia.org. A IN
Aug 05 23:13:01 unbound[5668:0] info: response for de.wikipedia.org. A IN
Aber:
pi@raspberrypi:~ $ dig @127.0.0.1 -p 5335 de.wikipedia.org
; <<>> DiG 9.11.5-P4-5.1+deb10u1-Raspbian <<>> @127.0.0.1 -p 5335 de.wikipedia.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52874
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;de.wikipedia.org. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Thu Aug 06 08:44:47 CEST 2020
;; MSG SIZE rcvd: 45
Muss ich die verbosity hochschrauben? Bzw. sieht es ja so aus als wäre das Abklemmen von Hyperlocal auch nicht die Lösung des Problems 
Haben die Änderungen nicht ihren Weg in den ersten Post gefunden? Dort steht zumindest:
Stand: 10.04.2020; Raspbian Buster
Kennst du eine bessere Anleitung für PH+UB+HL? Wie gesagt, ich lerne zwar momentan viel, aber insgesamt muss ich mich ob meines Wissensstandes eben doch auf eine Anleitung verlassen
Sorry, damit kenne ich mich nicht aus - was bedeutet das?
1 Like
So kommst du nicht weiter 
Schmeiß ausnahmslos alles aus dem Guide von deinem System (Unbound*, Skripte, Cronjobs, Konfigurationen, ...), und starte mit dem Pi-hole Guide neu.
* sudo apt-get autoremove --purge unbound
1 Like
Die Frage ist noch nicht beantwortet. Gibt oder gab es denn zu der hohen Anzahl an Anfragen in unbound eine Entsprechung in Pi-holes Query Log, oder denkt unbound sich diese Anfragen selbst aus?
Deine Logauszüge zeigen bislang auch keine Schritte aus der Rekursion. Findet diese tatsächlich überhaupt nicht statt?
Die IANA führt ein Portnummern-Register, In diesem ist Port 8953 tatsächlich unbound zugeordnet - allerdings ist das der Port für unbound's remote server control utility. Für DNS-Anfragen sollte 8953 also besser nicht verwendet werden.
Für Dein Problem ist das nicht relevant.
mibere hat recht:
Mit dem sauberen Aufsetzen sind die Probleme vielleicht erledigt.
Und falls nicht, hätten wir zumindest dieselbe Basis.
1 Like
Okay, dann mache ich meinen Pi nochmal platt. Bis zu Unbound kann ich aber der Anleitung für die Installation von pi-hole folgen, right? Den Benutzer pi belasse ich ohne einen neuen anzulegen, sichere aber gut mit Passwort ab.
Sorry, bei dem Durcheinander bin ich nicht jedem Strang gefolgt. Gerne kann ich das aber nach der Neuinstallation nachholen.
So, neues Pi-Hole inkl. Unbound (aber bislang ohne Hyperlocal) ist aufgesetzt. Hier der Vollständigkeit halber mein Vorgehen.
Vorbereitung Raspberry Pi 3B+
- Bereits in Router eingestellt: Static IP für Pi (192.168.1.5)
- Image: "2020-05-27-RASPIOS-BUSTER-LITE.ARMHF.IMG" von https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2020-05-28/
- Auf microSD mithilfe von Raspberry Pi Imager v1.4 @ macOS
- Leere Datei "ssh" auf Volume "boot" für SSH-Zugang hinzugefügt
- microSD in Raspberry Pi 3B+ eingelegt, an Router angeschlossen, gebootet.
$ ssh-keyscan -t ed25519 192.168.1.5 >> ~/.ssh/known_hosts
$ ssh pi@192.168.1.5
$ sudo raspi-config
- Advanced Options → Expand Filesystem
- Localisation Options → Change Timezone → Europe → Berlin
- Finish, Reboot
$ ssh pi@192.168.1.5
$ sudo apt update && sudo apt upgrade
$ sudo reboot
$ ssh pi@192.168.1.5
$ passwd
- [Vergabe eines starken Passworts]
$ sudoedit /etc/sudoers.d/010_pi-nopasswd
- "NOPASSWD" -> "PASSWD", STRG+X, Y, Enter
$ sudoedit /etc/systemd/timesyncd.conf
- "#NTP" -> "NTP=213.136.94.10 80.241.218.68 78.46.223.134"
Installation Pi-Hole
$ curl -sSL https://install.pi-hole.net | bash
- Alles im Folgenden ungenannte mit "Ok"/"Yes" bestätigt
- Upstream DNS Provider: Custom -> "103.86.96.100, 103.86.99.100" (NordVPN DNS)
- Select Protocols: "IPv6" deselektiert
$ pihole -a -p
- [Vergabe eines starken Passworts]
- Browser: 192.168.1.5/admin -> Group Management -> Adlists -> Copy&Paste des Inhalts von https://v.firebog.net/hosts/lists.php?type=nocross
- Browser: 192.168.1.5/admin -> Tools -> Update Gravity -> Update -> Warten bis "Success!"
- FreshTomato Browser GUI -> Advanced -> DHCP/DNS -> Use internal DNS [Y]
- FreshTomato Browser GUI -> Advanced -> DHCP/DNS -> Intercept DNS port [Y]
- FreshTomato Browser GUI -> Advanced -> DHCP/DNS -> Dnsmasq Custom Configuration: "dhcp-option=6,192.168.1.5 # PiHole's IPv4 address"
- FreshTomato Browser GUI -> Advanced -> DHCP/DNS -> Save
- FreshTomato Browser GUI -> VPN Tunneling -> Client 1 -> Advanced -> Accept DNS configuration: "Disabled" (war: "Strict")
- FreshTomato Browser GUI -> VPN Tunneling -> Client 1 -> Advanced -> Save
- FreshTomato Browser GUI -> Reboot -> Warten auf Router-Reboot
Installation Unbound
$ sudo apt install unbound
$ wget -O root.hints https://www.internic.net/domain/named.root
$ sudo mv root.hints /var/lib/unbound/
$ sudo mkdir /var/log/unbound
$ sudo touch /var/log/unbound/unbound.log
$ sudo chown unbound /var/log/unbound/unbound.log
$ sudoedit /etc/unbound/unbound.conf.d/pi-hole.conf
- Hier Vorlage von https://docs.pi-hole.net/guides/unbound/ eingefügt
- Änderungen: "# " vor logfile entfernt, "verbosity: 2"
$ sudo service unbound start
$ dig pi-hole.net @127.0.0.1 -p 5335
$ dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335
- Hier SERVFAIL erwartet
$ dig sigok.verteiltesysteme.net @127.0.0.1 -p 5335
- Hier NOERROR erwartet
- Pi-Hole GUI: http://192.168.1.5/admin -> Settings -> DNS -> Custom 1 (IPv4) -> 127.0.0.1#5335
- Pi-Hole GUI: http://192.168.1.5/admin -> Settings -> DNS -> Alle anderen Haken der Upstream DNS Server entfernen
- Pi-Hole GUI: http://192.168.1.5/admin -> Settings -> DNS -> Save
Quellen:
Hatte jetzt für mehrere Minuten ein Problem mit mail.XXXXX.de (aus Datenschutzgründen URL geändert). Im Log zu sehen waren Einträge wie:
Aug 06 14:05:44 unbound[1461:0] info: resolving mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: resolving posteo.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: response for mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 77.67.63.105#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for posteo.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 81.91.164.5#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 194.146.107.6#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for posteo.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 195.243.137.26#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 194.0.0.53#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for posteo.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 194.246.96.1#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 194.246.96.1#53
Aug 06 14:05:44 unbound[1461:0] info: query response REC_LAME: recursive but not authoritative server
Aug 06 14:05:44 unbound[1461:0] info: mark as REC_LAME
Aug 06 14:05:44 unbound[1461:0] info: response for posteo.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 194.146.107.6#53
Aug 06 14:05:44 unbound[1461:0] info: query response was ANSWER
Aug 06 14:05:44 unbound[1461:0] info: response for mail.XXXXX.de. A IN
Aug 06 14:05:44 unbound[1461:0] info: reply from <de.> 77.67.63.105#53
Aug 06 14:05:44 unbound[1461:0] info: query response was ANSWER
Das Problem löste sich nach ein paar Minuten.
War heute den ganzen Tag unterwegs, komme nach Hause und begegne jeder Menge SERVFAILs. Hier z.B. die Anfragen für www.inoreader.com (mittels grep aus unbound-log extrahiert):
Aug 07 08:38:32 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 08:38:32 unbound[1461:0] info: response for www.inoreader.com. A IN
Aug 07 08:38:32 unbound[1461:0] info: response for www.inoreader.com. A IN
Aug 07 08:38:32 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 08:38:32 unbound[1461:0] info: resolving inoreader.com. DS IN
Aug 07 08:38:32 unbound[1461:0] info: response for inoreader.com. DS IN
Aug 07 22:03:33 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 22:07:22 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 22:07:45 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 22:08:42 unbound[1461:0] info: resolving www.inoreader.com. A IN
Aug 07 22:09:48 unbound[1461:0] info: resolving www.inoreader.com. A IN
Wie man sehen kann war heute morgen um 08:38 Uhr die Welt noch in Ordnung, jetzt am Abend sehe ich auch bei mehreren Versuchen nur noch "resolving", aber bekomme scheinbar keine "response" mehr?
Natürlich ist der SERVFAIL auch mittels dig nachvollziehbar:
pi@raspberrypi:~ $ dig @127.0.0.1 -p 5335 www.inoreader.com
; <<>> DiG 9.11.5-P4-5.1+deb10u1-Raspbian <<>> @127.0.0.1 -p 5335 www.inoreader.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36871
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;www.inoreader.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Fri Aug 07 22:13:23 CEST 2020
;; MSG SIZE rcvd: 46
Mit der neuen Installation (ohne Hyperlocal) kommt es derzeit nicht zu derselben Flut an Log-Einträgen. Insgesamt sieht alles recht geordnet und nachvollziehbar aus, aber die vielen SERVFAILs bleiben 
Ich kann immer noch keine Rekursion sehen. Für die weiterführende Analyse müsste man ja herausfinden, mit welchem DNS-Server es welche Probleme gibt.
Vielleicht werden die aber auch nur durch Dein grep versteckt. Ich bin bisher davon ausgegangen, dass Du zeitlich zusammemhängende Logauszüge zeigst. Zeilennummern per -n in grep wären nicht schlecht, um eine gefilterte Ausgabe auf einen Blick zu verdeutlichen.
Wie sieht denn das Kommando genau aus, mit dem Du Log-Auszüge erzeugt hast?
Das habe ich auch 
Nur im letzten Post war es mit grep. Das hat es in meinen Augen etwas anschaulicher gemacht, was sich verändert hat (nur noch resolving-Aufrufe, keine response mehr.)
Aufruf für den letzten Eintrag mit grep war:
cat /var/log/unbound/unbound.log | grep inoreader
und ansonsten eben nur
cat /var/log/unbound/unbound.log
Danke, das werde ich künftig bedenken.
Ich scheue mich etwas davor, zu viel log zu zeigen, da darin natürlich viele Elemente meiner privaten Kommunikation erkennbar sind. Hast du eine gute Idee, wie ich einen besseren Einblick ermöglichen kann?