Please follow the below template, it will help us to help you!
Expected Behaviour:
Resolve domain to hbogo.com
Resolve domain to playstation network
Actual Behaviour:
Domain will not resolve simply a 0.0.0.0
I have followed this how to on setting unbound as a recursive server but everytime I seem to get issues with unbound not resolving certain IP addresses. I get some PS4 online server errors when I play along with hbogo.com and hbonow.com simply not resolving.
I download the additional root.hints file and change the user to unbound, my thought was maybe the unbound servers were not being used or the file could not be used by unbound due to user permissions.
I am back to DNS over TLS at this time due to not wanting SO up my you know what.
pi@noads:~ $ pihole -q hbogo.com
Match found in list.0.raw.githubusercontent.com.domains:
metrics.hbogo.com
smetrics.hbogo.com
Match found in list.2.sysctl.org.domains:
metrics.hbogo.com
Leaving all of my lists the same which I use all of WaLLy's checked lists with a few pieces whitelisted I resolve all of these IPs just fine. But once I go unbound DNS these fail.
I know the main playstation issue revolves around fortnite and my connection to the PSN network. I wish I had the url for this.
When I use pi-hole with unbound using DNS over TLS and change nothing hbogo.com resolves just fine with about six replys with different IPs
When I switch pi-hole to unbound using root.hint servers it will not resolve it seems like even when configured the config is not pulling any servers from the root hints file? When I view hbogo.com it simply goes to 127.0.0.1
I realize I had this incorrect it does not go to 0.0.0.0 as I previously mentioned in my opening post.
This seems to be the error that it is going to the wrong location any recommendation on how to set a local for pihole to understand I am in fact in the correct location? I assume I need to setup my /etc/hosts file or setup a new file within dnsmas/FTL?
Ok I figured it out through ubound config and setting forward-zones I have it going to 1.1.1.1 over TLS for hbonow and hbogo and this does seem to work and I will investigate which playstation server I need to add.
This is happening to me with a local unRAID server. I'm using ssl to connect to the webUI so I'm not sure if unbound is seeing differently because of that? Should I enable something or whitelist my unRAID webUI?
What I have figured out is using the root.hints servers they seem to be giving my location incorrectly so they are not resolving hbo because it thinks I am in a country that does not have this service.
Also my system does not support ipv6 at this time therefore some cdn's are failing as they are ipv6 only or are not giving me their ipv4 version.
At this time I have gone to dnscrypt v2 connecting to cloudflare DOH. I need dns to work in my house unless I want to sleep on the couch for the foreseeable future.
Sep 01 18:49:45 pihole systemd[1]: Starting Unbound DNS server...
Sep 01 18:49:46 pihole package-helper[2847]: /var/lib/unbound/root.key has content
Sep 01 18:49:46 pihole package-helper[2847]: fail: the anchor is NOT ok and could not be fixed
Sep 01 18:49:46 pihole systemd[1]: Started Unbound DNS server.
Sep 01 18:49:46 pihole unbound[2878]: [2878:0] notice: init module 0: validator
Sep 01 18:49:46 pihole unbound[2878]: [2878:0] notice: init module 1: iterator
Sep 01 18:49:46 pihole unbound[2878]: [2878:0] info: start of service (unbound 1.6.0).
Seem to be getting this error on my start up of unbound. I have tried with unbound-anchor to fix the root.key file. I do not know if this is a permission error everything for unbound is under root at this time.
Also tried setting everything to unbound user/group with same error
Tried with setting everything in folder and folder to unbound:unbound restarted and same error. Tried running a unbound-anchor -a /var/lib/unbound/root.key no error but same error when i reboot unbound.
I tried with Sudo and without and still get the same error
. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
Here are the two keys that go in to that file. I changed the permission to unbound on root.key again after this install
EDIT: Unbound does show as started but it will not resolve anything due to I am guessing the root.key failure shown in the systemctl log.
So a change of gears is I was using DNS over TLS than using Unbound as a recursive resolver which was failing some resolves like hbogo and hbonow. I stopped that during this process and now I tried unbound as recursive but I keep getting the error:
Sep 01 18:49:46 pihole package-helper[2847]: fail: the anchor is NOT ok and could not be fixed
I have tried updating the anchor after the fact and it still fails. I am running NTP on Raspbian Lite my local time is correct it shows but my server time shows UTC time. I will investigate.
In searching this type of issue on DDG I am not finding that as a bug in any of my searches.
