Unbound not accessible via url, AGH is

Videopac · 1 February 2025 19:26

Creating a bug report/issue

I have searched the existing open and closed issues

Required Information

DietPi version | cat /boot/dietpi/.version
G_DIETPI_VERSION_CORE=9
G_DIETPI_VERSION_SUB=9
G_DIETPI_VERSION_RC=0
G_GITBRANCH=‘master’
G_GITOWNER=‘MichaIng’
G_LIVE_PATCH_STATUS[0]=‘applied’
G_LIVE_PATCH_STATUS[1]=‘applied’
G_LIVE_PATCH_STATUS[2]=‘not applicable’
G_LIVE_PATCH_STATUS[3]=‘not applicable’
Distro version | echo $G_DISTRO_NAME $G_RASPBIAN
bookworm
Kernel version | uname --all
Linux DietPiC2Meterkast 6.6.65-current-meson64 #1 SMP PREEMPT Wed Dec 11 15:13:43 UTC 2024 aarch64 GNU/Linux
Architecture | dpkg --print-architecture
arm64
SBC model | echo $G_HW_MODEL_NAME or (EG: RPi3)
Odroid C2 (aarch64)
Power supply used | (EG: 5V 1A RAVpower)
Standard power supply
SD card used | (EG: SanDisk ultra)
eMMC

Additional Information (if applicable)

Software title | Unbound
Was the software title installed freshly or updated/migrated? Freshly
Can this issue be replicated on a fresh installation of DietPi? ??
← If you sent a “dietpi-bugreport”, please paste the ID here →
Bug report ID | echo $G_HW_UUID

Steps to reproduce

Installed AdGuard Home + ubound, as proposed during AdGuard Home installation. AdGuard home is available via IP:8083, unbound is not available via IP:5335.
However, unbound seems to be running:

journalctl -u unbound
Jan 20 13:36:35 DietPiC2Meterkast systemd[1]: Starting unbound.service - Unbound DNS server...
Jan 20 13:36:36 DietPiC2Meterkast unbound[1274]: [1274:0] warning: subnetcache: serve-expired is set but not working for data originating from the subnet module cache.
Jan 20 13:36:36 DietPiC2Meterkast unbound[1274]: [1274:0] warning: subnetcache: prefetch is set but not working for data originating from the subnet module cache.
Jan 20 13:36:36 DietPiC2Meterkast systemd[1]: Started unbound.service - Unbound DNS server.
Jan 20 13:36:36 DietPiC2Meterkast unbound[1274]: [1274:0] info: start of service (unbound 1.17.1).

Expected behaviour

unbound should be available via IP:5335

Actual behaviour

unbound is not available via IP:5335

Extra details

Jappe · 1 February 2025 19:49

What do you mean, it’s not available? AGH can not resolve the requests, which are forwared to unbound?

Can you check ss -tulpn.

Joulinar · 1 February 2025 20:37

Unbound is LISTEN to localhost only and is not acceptable from your local network directly. As well it did not have a web interface. Port 5335 is the port of the DNS server that is used by AGH.

Maybe there is a misunderstanding and you could explain why you like to access unbound and from where?

Videopac · 2 February 2025 08:56

Netid   State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port   Process                                                                         
udp     UNCONN   0        0                0.0.0.0:68            0.0.0.0:*       users:(("dhclient",pid=1183,fd=7))                                             
udp     UNCONN   0        0              127.0.0.1:5335          0.0.0.0:*       users:(("unbound",pid=1274,fd=3))                                              
udp     UNCONN   0        0                      *:53                  *:*       users:(("AdGuardHome",pid=1261,fd=47))                                         
tcp     LISTEN   0        1000             0.0.0.0:22            0.0.0.0:*       users:(("dropbear",pid=1263,fd=3))                                             
tcp     LISTEN   0        256            127.0.0.1:5335          0.0.0.0:*       users:(("unbound",pid=1274,fd=4))                                              
tcp     LISTEN   0        1000                [::]:22               [::]:*       users:(("dropbear",pid=1263,fd=4))                                             
tcp     LISTEN   0        4096                   *:53                  *:*       users:(("AdGuardHome",pid=1261,fd=48))                                         
tcp     LISTEN   0        4096                   *:8083                *:*       users:(("AdGuardHome",pid=1261,fd=11))

Videopac · 2 February 2025 08:59

My assumption was that the information depicted below should be avaible via IP:5335.
If my assumption is wrong: how can I access this information?

Joulinar · 2 February 2025 09:03

you see Unbound is LISTEN to localhost only. Which is correct because it’s the Unbound DNS server port

wrong assumption

see Unbound docs NLnet Labs Documentation - Unbound - Howto Statistics