I recently switched to the dev branch and tried Unbound, but if I install it, I get an error while it tries to restart the service
[ OK ] DietPi-Software | Setting in /etc/pihole/setupVars.conf adjusted: PIHOLE_DNS_1=127.0.0.1#5353
[ OK ] DietPi-Software | Setting in /etc/pihole/setupVars.conf adjusted: PIHOLE_DNS_2=
[FAILED] DietPi-Software | systemctl restart unbound
[ OK ] DietPi-Software | systemctl restart unbound
Retrying the command installs it just fine.
After installation, Unbound doesn’t work. I’m running Pi-Hole, and while my local IP and port is written under custom DNS servers, if I disable all other DNS servers, nothing resolves. Unbound is running, the log has no errors, and Unbound is running in htop.
-- Logs begin at Thu 2019-02-14 10:11:58 GMT, end at Fri 2020-12-04 23:58:55 GMT. --
Dec 04 23:56:45 DietPi systemd[1]: Starting Unbound DNS server...
Dec 04 23:56:51 DietPi package-helper[431]: /var/lib/unbound/root.key has content
Dec 04 23:56:51 DietPi package-helper[431]: fail: the anchor is NOT ok and could not be fixed
Dec 04 23:57:06 DietPi unbound[470]: [1607126226] unbound[470:0] info: start of service (unbound 1.9.0).
Dec 04 23:57:06 DietPi systemd[1]: Started Unbound DNS server.
If I keep the IPv6-DNS active (as it is default after installing Unbound), I’ll get the following result (taken from here, I just changed the port to 5353)
root@DietPi:~# dig pi-hole.net @127.0.0.1 -p 5353
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> pi-hole.net @127.0.0.1 -p 5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35995
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;pi-hole.net. IN A
;; Query time: 30 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Sat Dec 05 01:10:39 CET 2020
;; MSG SIZE rcvd: 40
root@DietPi:~# dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5353
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 7850
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;sigfail.verteiltesysteme.net. IN A
;; Query time: 36 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Sat Dec 05 01:11:50 CET 2020
;; MSG SIZE rcvd: 57
root@DietPi:~# dig sigok.verteiltesysteme.net @127.0.0.1 -p 5353
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> sigok.verteiltesysteme.net @127.0.0.1 -p 5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;sigok.verteiltesysteme.net. IN A
;; Query time: 29 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Sat Dec 05 01:11:56 CET 2020
;; MSG SIZE rcvd: 55
Minor nitpick here: the custom DNS is not removed from Pi-Hole if Unbound is uninstalled.
Edit:
Added to the issue