Unbound: Connnection times out

ChaosFrosted · August 4, 2018, 6:31pm

Expected Behaviour:

Per Redirecting..., when using command
dig pi-hole.net @127.0.0.1 -p 5353
it should be slow but receive a response

Actual Behaviour:

This is what I get every time:
; <<>> DiG 9.10.3-P4-Raspbian <<>> pi-hole.net @127.0.0.1 -p 5353
;; global options: +cmd
;; connection timed out; no servers could be reached

I also have this error in my debug log

[✓] IPv6 address(es) bound to the wlan0 interface:
fe80::3594:871:9e77:7921 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

Debug Token: axtetcznzqf

I followed the link about the IPv6, but the pst went over my head. in the unbound.conf.d./pi-hole.conf file, I set do-IPv6 to no. I have since changed that to 'yes' and added the IPv6 IP address to the pihole.conf from the debug log. I am still getting the above time out error on the dig command,

TIA

jfb · August 4, 2018, 6:53pm

This is not abnormal. As long as you have an IPV4 address assigned (shows a few lines above in your debug log), you're OK.

pi-hole.net @127.0.0.1 -p 5353
;; global options: +cmd
;; connection timed out; no servers could be reached

Test your DNS function on something other than unbound - dig pi-hole.net @8.8.8.8. If this returns an address, and since unbound did not, it indicates something is wrong with unbound.

When you installed unbound, did you put a "/var/lib/unbound/root.hints" file in place? The installer does not do this for you. This file contains the addresses of the root servers. Should look like this (just the first few lines shown):

;       This file holds the information on root name servers needed to 
;       initialize cache of Internet domain name servers
;       (e.g. reference this file in the "cache  .  <file>"
;       configuration file of BIND domain name servers). 
; 
;       This file is made available by InterNIC 
;       under anonymous FTP as
;           file                /domain/named.cache 
;           on server           FTP.INTERNIC.NET
;       -OR-                    RS.INTERNIC.NET
; 
;       last update:     May 08, 2018 
;       related version of root zone:     2018050801
; 
; FORMERLY NS.INTERNIC.NET 
;
.                        3600000      NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
;

ChaosFrosted · August 4, 2018, 6:57pm

Yes, i added and moved the root.hints file as outlined

this is what I get when I use the other DNS test
pi@raspberrypi:~ $ dig pi-hole.net @8.8.8.8

; <<>> DiG 9.10.3-P4-Raspbian <<>> pi-hole.net @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65170
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;pi-hole.net. IN A

;; ANSWER SECTION:
pi-hole.net. 13568 IN A 206.189.252.21

;; Query time: 65 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Aug 04 12:54:41 MDT 2018
;; MSG SIZE rcvd: 56

jacob.salmela · August 4, 2018, 7:00pm

I could not find your debug token on our server. Could you try uploading it again?

ChaosFrosted · August 4, 2018, 7:09pm

sure!

new token is:

[✓] Your debug token is: fhzdlmc9sy

jfb · August 4, 2018, 7:20pm

You are on the master branch of Pi-Hole, which does not support mapping to port 5353.

You can map to unbound on either the FTLDNS beta or on release 4.0 development. I recommend the latter.

echo release/v4.0 | sudo tee /etc/pihole/ftlbranch 
pihole checkout core release/v4.0 
pihole checkout web release/v4.0

After this is installed, set your DNS server to 127.0.0.1#5353 as shown below.

Let us know if this solves the problem.

ChaosFrosted · August 4, 2018, 7:54pm

It did not. I still got the connection time out error and when I assigned the dns server, my router disconnected from the internet. So thanks for your help everyone, but I'm gonna just use the regular pi-Hole setup and skip unbound for now.
Just donated on PayPal as well.

jacob.salmela · August 5, 2018, 12:07pm

Thanks for the donation. In any case, we'll be releasing 4.0 soon.

system · August 26, 2018, 12:07pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.