can anyone help me here?
best wishes!
Hi,
what is the ip address of your device?
192.168.2.14
how did you install unbound? did you use apt install or dietpi-software. Are you using PiHole?
using this guide:
https://docs.pi-hole.net/guides/unbound/
sudo apt install unbound
yes, pihole is in use.
You might want to use dietpi-software, as it has automatic integration with Pi-hole and a configuration file with increased privacy and speed settings (though a few limitations that will be fixed in 6.35). Regardless, what is the output of journalctl -u unbound?
journalctl -u unbound
-- Logs begin at Sat 2020-12-19 18:20:01 GMT, end at Mon 2021-01-11 23:20:01 GMT
. --
Jan 11 22:31:36 DietPi systemd[1]: Starting Unbound DNS server...
Jan 11 22:31:36 DietPi package-helper[10573]: /var/lib/unbound/root.key does not exist, copying from /usr/share/dns/root.key
Jan 11 22:31:36 DietPi package-helper[10573]: /var/lib/unbound/root.key has content
Jan 11 22:31:36 DietPi package-helper[10573]: success: the anchor is ok
Jan 11 22:31:36 DietPi unbound[10578]: [1610404296] unbound[10578:0] error: can't bind socket: Address already in use for ::1 port 53
Jan 11 22:31:36 DietPi unbound[10578]: [1610404296] unbound[10578:0] fatal error: could not open ports
Jan 11 22:31:36 DietPi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Jan 11 22:31:36 DietPi systemd[1]: unbound.service: Failed with result 'exit-code'.
Jan 11 22:31:36 DietPi systemd[1]: Failed to start Unbound DNS server.
Jan 11 22:31:36 DietPi systemd[1]: unbound.service: Service RestartSec=100ms expired, scheduling restart.
Jan 11 22:31:36 DietPi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Jan 11 22:31:36 DietPi systemd[1]: Stopped Unbound DNS server.
ok don’t do it this way. Unbound is available via dietpi-software. Try to remove unbound
apt purge unbound
reboot
dietpi-software install 182
reboot
- Command: systemctl restart unbound │
│ - Exit code: 1 │
│ - DietPi version: v6.34.3 (MichaIng/master) | HW_MODEL: 2 | HW_ARCH: 2 | DISTRO: 5 │
│ - Image creator: DietPi Core Team │
│ - Pre-image: Raspberry Pi OS (32-bit) Lite │
│ - Error log: │
│ Job for unbound.service failed because the control process exited with error code. │
│ See "systemctl status unbound.service" and "journalctl -xe" for details. │
│ │
│ Retry : Re-run the last command that failed │
│ DietPi-Config : Edit network, APT/NTP mirror settings etc │
│ Open subshell : Open a subshell to investigate or solve the issue │
│ Send report : Uploads bugreport containing system info to DietPi │
│ ●─ Devs only ──────────────────────────────────────● │
│ Change command : Adjust and rerun the command
can you post journalctl -u unbound again
Logs begin at Mon 2021-01-11 23:26:05 GMT, end at Mon 2021-01-11 23:36:01 GMT
. --
Jan 11 23:32:38 DietPi systemd[1]: Starting Unbound DNS server...
Jan 11 23:32:38 DietPi package-helper[1458]: /var/lib/unbound/root.key does notexist, copying from /usr/share/dns/root.key
Jan 11 23:32:38 DietPi package-helper[1458]: /var/lib/unbound/root.key has content
Jan 11 23:32:38 DietPi package-helper[1458]: success: the anchor is ok
Jan 11 23:32:38 DietPi unbound[1463]: [1610407958] unbound[1463:0] error: can'tbind socket: Address already in use for ::1 port 53
Jan 11 23:32:38 DietPi unbound[1463]: [1610407958] unbound[1463:0] fatal error:could not open ports
Jan 11 23:32:38 DietPi systemd[1]: unbound.service: Main process exited, code=exited, status=1/FAILURE
Jan 11 23:32:38 DietPi systemd[1]: unbound.service: Failed with result 'exit-code'.
Jan 11 23:32:38 DietPi systemd[1]: Failed to start Unbound DNS server.
Jan 11 23:32:38 DietPi systemd[1]: unbound.service: Service RestartSec=100ms expired, scheduling restart.
Jan 11 23:32:38 DietPi systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Jan 11 23:32:38 DietPi systemd[1]: Stopped Unbound DNS server.
--More--
unbound still trying to use the same port as Pihole leading to a port conflict. Usually configuration should be overwritten by dietpi-software
can you post following
ls -la /etc/unbound/unbound.conf.d/
cat /etc/unbound/unbound.conf
root@DietPi:~# ls -la /etc/unbound/unbound.conf.d/
total 24
drwxr-xr-x 2 root root 4096 Jan 11 23:32 .
drwxr-xr-x 3 root root 4096 Jan 11 23:32 ..
-rw-r--r-- 1 root root 32 Jan 11 23:32 dietpi-pihole.conf
-rw-r--r-- 1 root root 1274 Jan 11 23:32 dietpi.conf
-rw-r--r-- 1 root root 302 May 25 2020 qname-minimisation.conf
-rw-r--r-- 1 root root 190 May 25 2020 root-auto-trust-anchor-file.conf
root@DietPi:~# cat /etc/unbound/unbound.conf root@DietPi:~# ls -la /etc/unbound/unbound.conf.d/
cat: invalid option -- 'l'
Try 'cat --help' for more information.
root@DietPi:~# total 24
-bash: total: command not found
root@DietPi:~# drwxr-xr-x 2 root root 4096 Jan 11 23:32 .
-bash: drwxr-xr-x: command not found
root@DietPi:~# drwxr-xr-x 3 root root 4096 Jan 11 23:32 ..
-bash: drwxr-xr-x: command not found
root@DietPi:~# -rw-r--r-- 1 root root 32 Jan 11 23:32 dietpi-pihole.conf
-bash: -rw-r--r--: command not found
root@DietPi:~# -rw-r--r-- 1 root root 1274 Jan 11 23:32 dietpi.conf
-bash: -rw-r--r--: command not found
root@DietPi:~# -rw-r--r-- 1 root root 302 May 25 2020 qname-minimisation.conf
-bash: -rw-r--r--: command not found
root@DietPi:~# -rw-r--r-- 1 root root 190 May 25 2020 root-auto-trust-anchor-file.conf
-bash: -rw-r--r--: command not found
root@DietPi:~# root@DietPi:~# cat /etc/unbound/unbound.conf
-bash: root@DietPi:~#: command not found
looks like some copy past error on the last command and you invoke some more statements 
cat /etc/unbound/unbound.conf
cat /etc/unbound/unbound.conf.d/dietpi.conf
cat /etc/unbound/unbound.conf.d/dietpi-pihole.conf
root@DietPi:~# ls -la /etc/unbound/unbound.conf.d/
total 24
drwxr-xr-x 2 root root 4096 Jan 11 23:32 .
drwxr-xr-x 3 root root 4096 Jan 11 23:32 ..
-rw-r--r-- 1 root root 32 Jan 11 23:32 dietpi-pihole.conf
-rw-r--r-- 1 root root 1274 Jan 11 23:32 dietpi.conf
-rw-r--r-- 1 root root 302 May 25 2020 qname-minimisation.conf
-rw-r--r-- 1 root root 190 May 25 2020 root-auto-trust-anchor-file.conf
root@DietPi:~# cat /etc/unbound/unbound.conf
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
pls post content of the other 2 files as well
cat /etc/unbound/unbound.conf.d/dietpi.conf
cat /etc/unbound/unbound.conf.d/dietpi-pihole.conf
root@DietPi:~# cat /etc/unbound/unbound.conf.d/dietpi.conf
server:
verbosity: 0
interface: 0.0.0.0
port: 53
do-ip4: yes
do-udp: yes
do-tcp: yes
do-ip6: yes
prefer-ip6: no
root-hints: "/var/lib/unbound/root.hints"
harden-glue: yes
harden-large-queries: yes
harden-dnssec-stripped: yes
use-caps-for-id: yes
edns-buffer-size: 1472
rrset-roundrobin: yes
cache-min-ttl: 300
cache-max-ttl: 86400
serve-expired: yes
harden-algo-downgrade: yes
harden-short-bufsize: yes
hide-identity: yes
identity: "Server"
hide-version: yes
do-daemonize: no
neg-cache-size: 4M
qname-minimisation: yes
minimal-responses: yes
prefetch: yes
prefetch-key: yes
num-threads: 1
msg-cache-size: 50m
rrset-cache-size: 100m
so-reuseport: yes
so-rcvbuf: 4m
so-sndbuf: 4m
unwanted-reply-threshold: 10000
ratelimit: 1000
log-queries: no
log-replies: no
logfile: ''
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.1 allow
access-control: 192.168.2.0/24 allow
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10
root@DietPi:~#
root@DietPi:~# cat /etc/unbound/unbound.conf.d/dietpi-pihole.conf
port: 5353
interface: 127.0.0.1
root@DietPi:~#
ok pls do following
dietpi-software install 182
once you hit by the error, you have the possibility to Open subshell from the error handle. On the subshell do following
rm -vf /etc/unbound/unbound.conf.d/{dietpi-pihole,pi-hole}.conf
G_CONFIG_INJECT 'port:[[:blank:]]' ' port: 5353' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'interface:[[:blank:]]' ' interface: 127.0.0.1' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'verbosity:[[:blank:]]' ' verbosity: 3' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'log-queries:[[:blank:]]' ' log-queries: yes' /etc/unbound/unbound.conf.d/dietpi.conf
exit the subshell and hit Retry on the error handle
no error shown. should I continue with the pihole unbound guide now?
usually there is no need to follow any guide. dietpi-software should have set everything correctly. Probably the only thing needed to simply save DNS settings again inside PiHole.
Still i recommend following if not done already
rm -vf /etc/unbound/unbound.conf.d/{dietpi-pihole,pi-hole}.conf
G_CONFIG_INJECT 'port:[[:blank:]]' ' port: 5353' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'interface:[[:blank:]]' ' interface: 127.0.0.1' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'verbosity:[[:blank:]]' ' verbosity: 3' /etc/unbound/unbound.conf.d/dietpi.conf
G_CONFIG_INJECT 'log-queries:[[:blank:]]' ' log-queries: yes' /etc/unbound/unbound.conf.d/dietpi.conf
BTW: on upcoming release DietPi 6.35, we will adjust unbound configuration to use port 5335 instead 5353. The new config file will be this once released. https://github.com/MichaIng/DietPi/blob/dev/.conf/dps_182/unbound.conf