I’ve installed Pi-Hole and Unbound from optimized software. I was under the impression that no additional configuration was needed for Unbound to work. However, during the install Pi-hole still asks for an upstream DNS provider, and after the install there is no custom address listed for the upstream DNS. In the web interface if I enter 127.0.0.1#5335 for a custom upstream DNS, uncheck the previously selected upstream DNS, and then click ok, DNS resolution does not work. What additional steps are needed to get Unbound functioning?
Since the forcefully interactive Pi-hole installer asks you for the upstream IP, we thought it might be strange of that choice is then overwritten by our script. But maybe we can communicate that first and then do it. I mean it’s pretty clear that Pi-hole shall use Unbound in that combination.
You manually added it correctly, so that should work. Is Unbound running correctly?
systemctl status unbound journalctl -u unbound ss -tulp
Well now I’m embarrassed. After taking another look I realized I mistyped the custom DNS address. It’s working perfectly now. The only post-configuration steps I had to take were exactly what I did…deselect the upstream DNS provider and enter the CORRECT custom upstream provider address. I suppose I could have even skipped all of that if I had entered the custom address during setup. I will say however it is a bit confusing at that step in the initial setup. When one of the standard upstream DNS provides is chosen, which many people will do, it’s easy to think Unbound is working, when in fact it is not until the custom address is added, and the other is deselected.
While I have your attention I’d like to say thank you for DietPi. I’m running Homebridge and now Pi-hole on two DietPi VM’s on my home lab ESXi server. They run brilliantly light and fast, and are a pleasure using as a Linux platform. I wasn’t even aware of DietPi software until I started looking at Pi-hole. Now that I see how easy it is I’m looking forward to exploring more. Thank you!
yeah that’s a little bit tricky as PiHole own installer is asking for the DNS server. Something we can’t suppress.
maybe we can do a pop-up within the config section if Unbound was selected together with PiHole? It is still double user input but not sure how to do it better way
I’ll have a look into the installer. Probably there is a way via setupVars files to pre-configure the upstream DNS and skip or remove the whiptail. Otherwise I think best is a prompt before the Pi-hole installer call that the whiptail can just be ignored, hitting return, as it’s overwritten afterwards.
Hey, I was hoping I could piggy back off this topic to confirm the same thing and another related question regarding unbound.
I setup pihole/unbound as this gentleman did except I didn’t set a custom DNS in the web admin page as I selected one from the installation menu instead. I assumed it was running, but realized through reading that is not the case. All I need to do though is input 127.0.0.1#5335 and it should work?
With that should one change the settings that are posted in this reddit post meant to improve DNS performance? DNSSEC, cache-size, and memory values? Or has that already been implemented?
Also, this post while older like the above one (2019) has “suggested improvements” too, but not sure if this is relevant/necessary anymore?
Yes, that should be all you need to do to have Pi-hole start using Unbound. DietPi provides an optimized configuration file for Unbound, which seems to provide many of the optimizations listed in that Reddit post. Specifically, the 3 that you asked about have been put into the config file.
Awesome! Thank you!