I noticed the following as well:
dietpi@DietPi:~$ sudo journalctl -u unbound
-- Journal begins at Tue 2023-05-23 09:11:43 CEST, ends at Tue 2023-05-23 15:24:22 CEST. --
May 23 15:22:25 DietPi systemd[1]: Starting Unbound DNS server...
May 23 15:22:26 DietPi package-helper[21770]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
May 23 15:22:26 DietPi unbound[21774]: [21774:0] info: start of service (unbound 1.13.1).
May 23 15:22:26 DietPi systemd[1]: Started Unbound DNS server.
but…
dietpi@DietPi:~$ sudo systemctl status unbound-resolvconf.service
● unbound-resolvconf.service - Unbound DNS server via resolvconf
Loaded: loaded (/lib/systemd/system/unbound-resolvconf.service; disabled; vendor preset: enabled)
Active: inactive (dead)
May 23 15:22:26 DietPi systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
May 23 15:22:27 DietPi systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
dietpi@DietPi:~$ sudo systemctl status unbound.service
● unbound.service - Unbound DNS server
Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/unbound.service.d
└─dietpi.conf
Active: active (running) since Tue 2023-05-23 15:22:26 CEST; 2min 36s ago
Docs: man:unbound(8)
Main PID: 21774 (unbound)
Tasks: 1 (limit: 1024)
CPU: 344ms
CGroup: /system.slice/unbound.service
└─21774 /usr/sbin/unbound -d -p
May 23 15:22:25 DietPi systemd[1]: Starting Unbound DNS server...
May 23 15:22:26 DietPi package-helper[21770]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
May 23 15:22:26 DietPi unbound[21774]: [21774:0] info: start of service (unbound 1.13.1).
May 23 15:22:26 DietPi systemd[1]: Started Unbound DNS server.
dietpi@DietPi:~$ sudo systemctl status adguardhome.service
● adguardhome.service - AdGuard Home (DietPi)
Loaded: loaded (/etc/systemd/system/adguardhome.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-05-23 15:23:05 CEST; 4min 24s ago
Main PID: 22201 (AdGuardHome)
Tasks: 10 (limit: 1024)
CPU: 53.733s
CGroup: /system.slice/adguardhome.service
└─22201 /mnt/dietpi_userdata/adguardhome/AdGuardHome
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234622 [error] hosts container: host "zn_cutbb1dknby3njp-tuigroup.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234656 [error] hosts container: host "zn_cydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234789 [error] hosts container: host "zn_d0bfdqlqg9ciloh-uber.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234834 [error] hosts container: host "zn_dd4yceaftzmcwcz-tiaa2.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234876 [error] hosts container: host "zn_eb5fvg8zad5ghtt-crain.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234910 [error] hosts container: host "zn_ed65ynwxvsuk9lf-cbs.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234947 [error] hosts container: host "zn_ejsytbr8b8t6jel-sonycorporation.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.234982 [error] hosts container: host "zn_elgllynyxrpbdgz-sygenta.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.235017 [error] hosts container: host "zn_exutbix8lsj3arv-mayoclinicsurveys.siteintercept.qualtrics.com" is invalid, ignoring
May 23 15:25:43 DietPi AdGuardHome[22201]: 2023/05/23 15:25:43.235051 [error] hosts container: host "zn_ezyilxhyzpbamlp-telus.siteintercept.qualtrics.com" is invalid, ignoring
dietpi@DietPi:~$
I don’t know up to what point unbound-resolvconf.service should show as Active, that might be the reason? opening e.g. Sonarr web interface should take a few seconds and now it takes like 1-2 minutes
Ok, just to try, I restored my backup again (followed by reboot) just to try dig and notice after restore
dietpi@DietPi:~$ dig 192.168.1.10 -p 53 google.com
runs perfect
but…
dietpi@DietPi:~$ dig 127.0.0.1 -p 5335 google.com
; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 5335 google.com
;; global options: +cmd
;; connection timed out; no servers could be reached
;; connection timed out; no servers could be reached
Also, I have an extra Raspberry hostname DietPiDev Pi 192.168.1.30 eth0 STATIC (no WiFi) so I have tested the same commands
dietpi@DietPiDev:~$ cat /etc/resolv.conf
nameserver 1.1.1.1
nameserver 1.0.0.1
dietpi@DietPiDev:~$ dig 192.168.1.30 -p 53 google.com
runs perfect
dietpi@DietPiDev:~$ dig 127.0.0.1 -p 53 google.com
; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 53 google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1240
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;127.0.0.1. IN A
;; AUTHORITY SECTION:
. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023052300 1800 900 604800 86400
;; Query time: 28 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:57:52 CEST 2023
;; MSG SIZE rcvd: 113
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29390
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 277 IN A 142.250.200.142
;; Query time: 24 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:57:52 CEST 2023
;; MSG SIZE rcvd: 55
Dig on port 53 obviously (not 5335) runs perfect.
Just to test I run dig on 127.0.0.1 port 53 (after restore so no unbound nor adguard home):
dietpi@DietPi:~$ dig 127.0.0.1 -p 53 google.com
; <<>> DiG 9.16.37-Debian <<>> 127.0.0.1 -p 53 google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 173
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;127.0.0.1. IN A
;; AUTHORITY SECTION:
. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023052300 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:59:22 CEST 2023
;; MSG SIZE rcvd: 113
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20179
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 178 IN A 142.250.184.174
;; Query time: 16 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue May 23 15:59:22 CEST 2023
;; MSG SIZE rcvd: 55
So it seems the issue is with dig dig 127.0.0.1 -p 5335 google.com after installing adguard home (and unbound automatically)