[SOLVED] AdGuard Home - Unbound web interfaces not loading after install

derebo · 23 May 2023 13:56

I noticed the following as well:

dietpi@DietPi:~$ sudo journalctl -u unbound
-- Journal begins at Tue 2023-05-23 09:11:43 CEST, ends at Tue 2023-05-23 15:24:22 CEST. --
May 23 15:22:25 DietPi systemd[1]: Starting Unbound DNS server...
May 23 15:22:26 DietPi package-helper[21770]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
May 23 15:22:26 DietPi unbound[21774]: [21774:0] info: start of service (unbound 1.13.1).
May 23 15:22:26 DietPi systemd[1]: Started Unbound DNS server.

but…

dietpi@DietPi:~$ sudo systemctl status unbound-resolvconf.service
● unbound-resolvconf.service - Unbound DNS server via resolvconf
     Loaded: loaded (/lib/systemd/system/unbound-resolvconf.service; disabled; vendor preset: enabled)
     Active: inactive (dead)

May 23 15:22:26 DietPi systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
May 23 15:22:27 DietPi systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.

dietpi@DietPi:~$ sudo systemctl status unbound.service
● unbound.service - Unbound DNS server
     Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/unbound.service.d
             └─dietpi.conf
     Active: active (running) since Tue 2023-05-23 15:22:26 CEST; 2min 36s ago
       Docs: man:unbound(8)
   Main PID: 21774 (unbound)
      Tasks: 1 (limit: 1024)
        CPU: 344ms
     CGroup: /system.slice/unbound.service
             └─21774 /usr/sbin/unbound -d -p

May 23 15:22:25 DietPi systemd[1]: Starting Unbound DNS server...
May 23 15:22:26 DietPi package-helper[21770]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
May 23 15:22:26 DietPi unbound[21774]: [21774:0] info: start of service (unbound 1.13.1).
May 23 15:22:26 DietPi systemd[1]: Started Unbound DNS server.

dietpi@DietPi:~$ sudo systemctl status adguardhome.service
● adguardhome.service - AdGuard Home (DietPi)
     Loaded: loaded (/etc/systemd/system/adguardhome.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-05-23 15:23:05 CEST; 4min 24s ago
   Main PID: 22201 (AdGuardHome)
      Tasks: 10 (limit: 1024)
        CPU: 53.733s
     CGroup: /system.slice/adguardhome.service
             └─22201 /mnt/dietpi_userdata/adguardhome/AdGuardHome

May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234622 [error] hosts container: host "zn_cutbb1dknby3njp-tuigroup.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234656 [error] hosts container: host "zn_cydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234789 [error] hosts container: host "zn_d0bfdqlqg9ciloh-uber.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234834 [error] hosts container: host "zn_dd4yceaftzmcwcz-tiaa2.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234876 [error] hosts container: host "zn_eb5fvg8zad5ghtt-crain.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234910 [error] hosts container: host "zn_ed65ynwxvsuk9lf-cbs.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234947 [error] hosts container: host "zn_ejsytbr8b8t6jel-sonycorporation.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234982 [error] hosts container: host "zn_elgllynyxrpbdgz-sygenta.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.235017 [error] hosts container: host "zn_exutbix8lsj3arv-mayoclinicsurveys.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.235051 [error] hosts container: host "zn_ezyilxhyzpbamlp-telus.siteintercept.qualtrics.com" is invalid, ignoring
dietpi@DietPi:~$

I don’t know up to what point unbound-resolvconf.service should show as Active, that might be the reason? opening e.g. Sonarr web interface should take a few seconds and now it takes like 1-2 minutes

Ok, just to try, I restored my backup again (followed by reboot) just to try dig and notice after restore
dietpi@DietPi:~$ dig 192.168.1.10 -p 53 google.com
runs perfect

but…

dietpi@DietPi:~$ dig 127.0.0.1 -p 5335 google.com

; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 5335 google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

;; connection timed out; no servers could be reached

Also, I have an extra Raspberry hostname DietPiDev Pi 192.168.1.30 eth0 STATIC (no WiFi) so I have tested the same commands

dietpi@DietPiDev:~$ cat /etc/resolv.conf
nameserver 1.1.1.1
nameserver 1.0.0.1

dietpi@DietPiDev:~$ dig 192.168.1.30 -p 53 google.com

runs perfect

dietpi@DietPiDev:~$ dig 127.0.0.1 -p 53 google.com

; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 53 google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1240
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;127.0.0.1.                     IN      A

;; AUTHORITY SECTION:
.                       86400   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2023052300 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:57:52 CEST 2023
;; MSG SIZE  rcvd: 113

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29390
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             277     IN      A       142.250.200.142

;; Query time: 24 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:57:52 CEST 2023
;; MSG SIZE  rcvd: 55

Dig on port 53 obviously (not 5335) runs perfect.

Just to test I run dig on 127.0.0.1 port 53 (after restore so no unbound nor adguard home):

dietpi@DietPi:~$ dig 127.0.0.1 -p 53 google.com

; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 53 google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 173
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;127.0.0.1.                     IN      A

;; AUTHORITY SECTION:
.                       86400   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2023052300 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:59:22 CEST 2023
;; MSG SIZE  rcvd: 113

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20179
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             178     IN      A       142.250.184.174

;; Query time: 16 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:59:22 CEST 2023
;; MSG SIZE  rcvd: 55

So it seems the issue is with dig dig 127.0.0.1 -p 5335 google.com after installing adguard home (and unbound automatically)