Adguard / Unbound Problems

Dear all,

this is my first post in this forum. I am new to diet pi. I was using pi-hole without unbound on a raspi-4 with raspi-os and for a short time adguard+unbound inside docker containers on my synology NAS. Since using the NAS makes noise caused by many HDD accesses I wanted to change my setting using a pi-zero 2w.

I have easily installed dietpi, configured a static ip adress and the installed adguard+unbound using dietpi-software cammand. Everything went fine and I got access to adguard using the web-interface. When I changed my router dns settings to use the newly installed adguard, I got no acces to the internet. Inside the adguard web-interface, I was not able to update or add new dns-filters.
After removing unbound, adguard operates without any problems.
Any ideas to solve the problem?

cat /boot/dietpi/.version
G_DIETPI_VERSION_CORE=8
G_DIETPI_VERSION_SUB=25
G_DIETPI_VERSION_RC=1
G_GITBRANCH=‘master’
G_GITOWNER=‘MichaIng’

echo $G_DISTRO_NAME $G_RASPBIAN
bookworm 0

uname -a
Linux DietPi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux

dpkg --print-architecture
arm64

echo $G_HW_MODEL_NAME
RPi Zero 2 W (aarch64)

Could this article help somehow?

Thank you for the link. I think there is somerhing wrong with unbound on my system which is not covered there. The configuration of unbound/adguard eas made during the installation using the dietpi Software installer.

can you share following to check functionality of Unbound.

apt install dnsutils
systemctl status unbound.service
journalctl -u unbound.service
dig @127.0.0.1 -p 5335 dietpi.com
systemctl status unbound.service

 unbound.service - Unbound DNS server
     Loaded: loaded (/lib/systemd/system/unbound.service; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/unbound.service.d
             └─dietpi.conf
     Active: active (running) since Sat 2024-01-20 16:50:42 CET; 2h 8min ago
       Docs: man:unbound(8)
    Process: 409 ExecStartPre=/usr/libexec/unbound-helper chroot_setup (code=exited, status=0/SUCCESS)
    Process: 416 ExecStartPre=/usr/libexec/unbound-helper root_trust_anchor_update (code=exited, status=0/SUCCESS)
   Main PID: 418 (unbound)
      Tasks: 1 (limit: 478)
        CPU: 1.976s
     CGroup: /system.slice/unbound.service
             └─418 /usr/sbin/unbound -d -p

Jan 20 16:50:40 DietPi systemd[1]: Starting unbound.service - Unbound DNS server...
Jan 20 16:50:41 DietPi unbound[418]: [418:0] warning: subnetcache: serve-expired is set but not working for data originating from the subnet module cache.
Jan 20 16:50:41 DietPi unbound[418]: [418:0] warning: subnetcache: prefetch is set but not working for data originating from the subnet module cache.
Jan 20 16:50:42 DietPi systemd[1]: Started unbound.service - Unbound DNS server.
Jan 20 16:50:42 DietPi unbound[418]: [418:0] info: start of service (unbound 1.17.1).
journalctl -u unbound.service

Jan 20 16:50:40 DietPi systemd[1]: Starting unbound.service - Unbound DNS server...

Jan 20 16:50:41 DietPi unbound[418]: **[418:0] warning: subnetcache: serve-expired is set but not working for data originating from the subnet module cache.**
Jan 20 16:50:41 DietPi unbound[418]: **[418:0] warning: subnetcache: prefetch is set but not working for data originating from the subnet module cache.**
Jan 20 16:50:42 DietPi systemd[1]: Started unbound.service - Unbound DNS server.
Jan 20 16:50:42 DietPi unbound[418]: [418:0] info: start of service (unbound 1.17.1).
dig @127.0.0.1 -p 5335 dietpi.com

;; communications error to 127.0.0.1#5335: timed out
;; communications error to 127.0.0.1#5335: timed out
;; communications error to 127.0.0.1#5335: timed out
; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> @127.0.0.1 -p 5335 dietpi.com
; (1 server found)
;; global options: +cmd
;; no servers could be reached

Looks like something on your local network is blocking Unbound. Similar to this one. Unbound + Pi-hole warnings and communications error Where the user is running an OpenWRT router. And it seems this one is blocking internet traffic on port 53

That was the clue! I am using a Fritz!Box and there was a strange setting in one of my profiles that influences DNS queries. I have removed this setting - everything is working now.
Thank you for your help!