I have Pi-hole (FTLDNS) running in an Ubuntu 16.04 Server VM. I wanted to configure it as my own recursive server instead of having upstream servers like Google/Cloudflare.
I followed this tutorial: Pi hole as recursive DNS server · pi-hole/pi-hole Wiki · GitHub but at 'Start your local recursive server and test that it's operational:' it didn't respond like it should.
Expected Behaviour:
Pi-hole (FTLDNS) working together happily with unbound, as i want to be my own recursive DNS.
Actual Behaviour:
At first unbound was not working (could not start i guess) as the 'dig' command from the wiki gave a timeout. After a reboot it did, but then FTLDNS was broken.
Before reboot:
May 12 13:35:07 pihole-vm systemd[1]: Starting unbound.service...
May 12 13:35:07 pihole-vm unbound[2768]: * Starting DNS server unbound
May 12 13:35:07 pihole-vm unbound-anchor[2788]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
May 12 13:35:07 pihole-vm unbound-anchor[2788]: /var/lib/unbound/root.key has content
May 12 13:35:07 pihole-vm unbound-anchor[2788]: success: the anchor is ok
May 12 13:35:07 pihole-vm unbound[2768]: [1526124907] unbound[2798:0] error: can't bind socket: Address already in use for ::1
May 12 13:35:07 pihole-vm unbound[2768]: [1526124907] unbound[2798:0] fatal error: could not open ports
May 12 13:35:07 pihole-vm unbound[2768]: ...fail!
May 12 13:35:07 pihole-vm systemd[1]: Started unbound.service.
May 12 13:35:58 pihole-vm systemd[1]: Started unbound.service.
So unbound cannot start because the socket is already in use. The 'dig' test from wiki is not working (which makes sense, as unbound is not running).
I did a reboot of the VM and unbound seemed to work, as did the dig test (it now resolved).
However, pihole/FTLDNS seems to be broken. It displayed 'Lost connection to API' and 'FTL offline' in the webinterface. Ads are also displayed again. When i run dnsleaktest.com i still see Cloudflare (which was the resolver before messing with Unbound) where it should have shown my ISP as i am now my own resolver.
I checked the status of FTL and it is not running:
frank@pihole-vm:~$ service pihole-FTL status
● pihole-FTL.service - LSB: pihole-FTL daemon
Loaded: loaded (/etc/init.d/pihole-FTL; bad; vendor preset: enabled)
Active: active (exited) since Sat 2018-05-12 12:19:06 CEST; 1min 40s ago
Docs: man:systemd-sysv-generator(8)
Process: 3551 ExecStop=/etc/init.d/pihole-FTL stop (code=exited, status=0/SUCCESS)
Process: 3560 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)
May 12 12:19:05 pihole-vm systemd[1]: Starting LSB: pihole-FTL daemon...
May 12 12:19:05 pihole-vm pihole-FTL[3560]: Not running
May 12 12:19:05 pihole-vm pihole-FTL[3560]: chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory
May 12 12:19:05 pihole-vm su[3587]: Successful su for pihole by root
May 12 12:19:05 pihole-vm su[3587]: + ??? root:pihole
May 12 12:19:05 pihole-vm su[3587]: pam_unix(su:session): session opened for user pihole by (uid=0)
May 12 12:19:06 pihole-vm pihole-FTL[3560]: dnsmasq: failed to create listening socket for port 53: Address already in use
May 12 12:19:06 pihole-vm systemd[1]: Started LSB: pihole-FTL daemon.
May 12 12:20:35 pihole-vm systemd[1]: Started LSB: pihole-FTL daemon.
frank@pihole-vm:~$
It seems unbound is keeping port 53 or some socket hostage. But i don't understand why, as i copy/pasted the config file from the wiki, where it says that unbound should only listen to 5353. After a reboot i think unbound is being started earlier than FTLDNS, so that is why unbound is working now, but FTLDNS not?
Debug Token:
jjuqcpf7yp