Hello members.
I also had very big problems installing Unbound.
Error 1: When installing Unbound, the same error as naddel81
There was an error in /etc/unbound/unbound.conf.d/dietpi.conf
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.1 allow
access-control: 192.168.1
192.168.4.0/24 allow
private-address: 192.168.0.0/16
“192.168.4.0/24 allow” wrongly set
Solution: deleted or set # and the install was successful.
The same as from Joulinar
Error 2: I couldn’t resolve dig pi-hole.net @ 127.0.0.1 -p 5335
; << >> DiG 9.11.5-P4-5.1 + deb10u1-Raspbian << >> pi-hole.net @ 127.0.0.1 -p 5335
;; global options: + cmd
;; connection timed out; no servers could be reached
Solution:
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A OUTPUT -o lo -j ACCEPT
reboot
My question:
1: must comment out in /etc/systemd/resolved.conf # DNSSEC = allow-downgrade and replace allow-downgrade with off?
2: does /etc/resolv.conf nameserver have to be changed to 127.0.0.1?
3: systemctl status dhcpcd.service is inactive (dead), is that correct?
4: systemctl status unbound-resolvconf.service is inactive (dead), is that correct?
5: how to update from /var/lib/unbound/root.hints. Once in six months? about cromjob? or is that already automated by dietpi?
6: Which other settings have to be set in order to use Unbound correctly?
I am still skeptical, will watch the function for the next few days, but it seems to work.
Many Thanks!