Unbound connection problems

Xdrinkn · September 29, 2019, 7:13am

Please follow the below template, it will help us to help you!

Expected Behaviour:

Pihole is working fine, installing unbound was smooth no errors. Expected having a recursion DNS

Actual Behaviour:

After starting unbound, I get dns probe error everywhere along with refused headers on dig commands but dig on hosts 127.0.0.1 return noerror. So internet when I set the pihole fnd as 127.0.0.1

Debug Token:

<<>> DiG 9.11.5-P4-5.1-Raspbian <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 53449
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com.                       IN      A

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Sep 29 08:11:51 BST 2019
;; MSG SIZE  rcvd: 36

pi@raspberrypi:~ $ dig cnn.com @127.0.0.1 -p5353

; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> cnn.com @127.0.0.1 -p5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63039
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;cnn.com.                       IN      A

;; ANSWER SECTION:
cnn.com.                60      IN      A       151.101.65.67
cnn.com.                60      IN      A       151.101.129.67
cnn.com.                60      IN      A       151.101.193.67
cnn.com.                60      IN      A       151.101.1.67

;; Query time: 38 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Sun Sep 29 08:11:57 BST 2019
;; MSG SIZE  rcvd: 100

jfb · September 29, 2019, 11:42am

Please send us the token generated by

pihole -d

or do it through the Web interface:

Xdrinkn · September 29, 2019, 12:22pm

https://tricorder.pi-hole.net/8yegikf5bg

jfb · September 29, 2019, 12:57pm

You have Pi-Hole configured to use your router for DNS, not unbound.

PIHOLE_DNS_1=192.168.1.1#53

Xdrinkn · September 29, 2019, 1:10pm

Sorry that was just now but I had 127.0.0.1 before I'll up new log
Well it wouldn't let me upload it since I have no internet when I switch pihole dns to 127.0.0.1 so can't upload log

jfb · September 29, 2019, 1:28pm

This will temporarily reset the nameserver on the Pi to bypass Pi-Hole DNS.

sudo nano /etc/resolv.conf

edit nameserver 127.0.0.1 to nameserver 9.9.9.9 or your preferred third party DNS service, save and exit

Run pihole -d and upload the debug log

Xdrinkn · September 29, 2019, 1:35pm

https://tricorder.pi-hole.net/hpirxz4uhh
Thanks here's the new log

Xdrinkn · September 29, 2019, 1:40pm

https://tricorder.pi-hole.net/ab2o162cjx

This is is latest one after nameserver 1.1.1.1

I don't get it discourse.pi-hole.net is the only website I can visit everything else throws bad dns prob error

DL6ER · September 29, 2019, 2:28pm

server=192.168.1.1

You set

server=127.0.0.1

but forgot to set the port 5353. Without it, the Pi-hole would try to connect to itself resulting in an endless loop.

jfb · September 29, 2019, 3:00pm

The correct DNS assignment for a local instance of unbound in the web GUI looks like this.

Xdrinkn · September 29, 2019, 3:32pm

Ah that was the problem, thank you all working now

system · October 20, 2019, 3:32pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.