unbound is forwarding its address to pihole so pihole sees all clients as one, is there a way to change it so it forwards the real source address.
Thanks
Why don't you put Pi-hole in the chain before unbound?
1 Like
unbound is my TLS front for pi-hole so i can do DoT from my phone no VPN need it.
You could enable EDNS0 ECS support in unbound, provided unbound offers EDNS0 ECS support.
As this isn't a question for Pi-hole, you should consider unbound's documentation and support:
1 Like
Reading the unbound documentation it should be possible, but not easy. Pi-hole understands EDNS(0) information, eg. supplied subnet. (See Support for add-subnet option from dnsmasq (ECS/EDNS0 Client Subnet)).
Your unbound needs to be
built with EDNS client subnet support
Then you can enable the modules subnetcache validator iterator and send-client-subnet
2 Likes
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.