The issue I am facing:
After activating unbound and setting the DNS Server in pi.hole to use Custom Upstream DNS Server to: 127.0.0.1#5335, it starts to get serverfail, even from SSH
Details about my system:
Raspberry Pi 1B 512MB
Latest Raspberry Pi OS from https://www.raspberrypi.com/software/
What I have changed since installing Pi-hole:
Added some adlists first.
then installed Unbound, following this guide:
https://docs.pi-hole.net/guides/dns/unbound/
Notes:
/etc/unbound/unbound.conf.d/pi-hole.conf
is identic to the example file
ran the root.hints command, as I noticed that was missing at first
Have restarted services
Tests:
With 127.0.0.1#5335as DNS Server in pi.hole:
dig facebook.com @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> facebook.com @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 24804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;facebook.com. IN A
;; Query time: 19 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:25:01 CET 2022
;; MSG SIZE rcvd: 41
dig itavisen.no @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> itavisen.no @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 55906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;itavisen.no. IN A
;; Query time: 3309 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:24:26 CET 2022
;; MSG SIZE rcvd: 40
dig twitter.com @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> twitter.com @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 62526
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;twitter.com. IN A
;; Query time: 3869 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:42:31 CET 2022
;; MSG SIZE rcvd: 40
With 1.1.1.1 and 8.8.8.8 as DNS Servers in pi.hole:
dig facebook.com @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> facebook.com @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60678
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;facebook.com. IN A
;; ANSWER SECTION:
facebook.com. 0 IN A 31.13.72.36
;; Query time: 89 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:27:18 CET 2022
;; MSG SIZE rcvd: 57
dig itavisen.no @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> itavisen.no @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20066
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;itavisen.no. IN A
;; ANSWER SECTION:
itavisen.no. 300 IN A 104.22.35.180
itavisen.no. 300 IN A 172.67.40.115
itavisen.no. 300 IN A 104.22.34.180
;; Query time: 89 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:39:54 CET 2022
;; MSG SIZE rcvd: 88
dig pi-hole.net @127.0.0.1 -p 5335
; <<>> DiG 9.16.22-Raspbian <<>> pi-hole.net @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41976
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pi-hole.net. IN A
;; ANSWER SECTION:
pi-hole.net. 300 IN A 3.18.136.52
;; Query time: 79 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Sat Jan 15 18:40:12 CET 2022
;; MSG SIZE rcvd: 56