Custom DNS not working
Closed this issue · 4 comments
I tried to add some local DNS entries but they do not work for me.
I used all the commands step by step from the readme.
I created a file named a-records.conf and added content like this:
# A Record
#local-data: "somecomputer.local. A 192.168.1.1"
local-data: “laptop.local. A 192.168.1.2”
# PTR Record
#local-data-ptr: "192.168.1.1 somecomputer.local."
local-data-ptr: "192.168.1.2 laptop.local."
Then I used the command to get the container up and running
docker run \
--name=unbound-rpi \
--volume=$(pwd)/a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro \
--publish=53:53/udp \
--publish=53:53/tcp \
--restart=unless-stopped \
--detach=true \
mvance/unbound-rpi:latest
I removed the dns settings from my device and only added the ip of the raspberry pi.
Upstream DNS worked for me, I was able to visit github and other sites.
But DNS lookup and ping for sites in the a-records.conf did not work.
I tried the laptop.local domain as well as some "real" domain names I own as well as IP addresses inside and outside of my network.
I ran docker exec -it unbound-rpi bash to look into the files inside the container and everything looked as expected.
The unbound.conf hatthe a-records.conf included:
# Include file for local-data and local-data-ptr
include: /opt/unbound/etc/unbound/a-records.conf
include: /opt/unbound/etc/unbound/srv-records.conf
The a-records.conf also had the right values.
But still, DNS lookup for these did not work.
Hi @robinschneider, can you double check the quotes used in your a-records file? It looks like your second line has “ instead of ". It may be hard to see, but I think you have curly double quotes instead of straight double quotes.
I'm unable to recreate the issue.
I ran on my Pi:
sudo docker run \
> --name=unbound-rpi \
--volume=$(pwd)/a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro \
--publish=53:53/udp \
--publish=53:53/tcp \
--restart=unless-stopped \
--detach=true \
mvance/unbound-rpi:latest
and then to confirm health.
sleep 10 && sudo docker ps -a
On a different computer, I ran (inserting Pi's IP address):
dig @X.X.X.X google.com
It returned an a-record response with Google's IP as expected.
I then checked to confirm the custom ones return:
dig @X.X.X.X laptop.local
It returned:
; <<>> DiG 9.10.6 <<>> @X.X.X.X laptop.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55666
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;laptop.local. IN A
;; ANSWER SECTION:
laptop.local. 3600 IN A 192.168.1.2
;; Query time: 4 msec
;; SERVER: X.X.X.X#53(192.168.1.50)
;; WHEN: Wed Jun 09 19:00:55 CDT 2021
;; MSG SIZE rcvd: 57
For good measure on the Pi, I also ran: sudo docker logs unbound-rpi
It did not return any errors (though I expect the UDP connect IPv6 one to eventually pop-up in the logs).
One other thing to check. Are you using a browser which uses its own DNS settings when checking the local resolutions? Many support DoH (DNS over HTTPS) now and may ignore OS level settings. Thus it's good to manually check with a tool like dig, explicitly setting the DNS server to check via @ IP.