MatthewVance/unbound-docker-rpi

Pi-hole logs all replies from unbound as "N/A" but dig test works

lokety opened this issue · 2 comments

I have pi-hole 5.11.4 and unbound-docker-rpi latest both running in docker containers on a RPI 4B host.

When I look at the pi-hole query log against the unbound DNS as 127.0.0.1:5335, the replies are all "N/A". If I configure this as my only DNS, all my clients will time out.

When I do a dig from localhost or from another client (another RPI 4B), I get valid responses like:

dig adobe.com @127.0.0.1 -p 5335

; <<>> DiG 9.16.27-Debian <<>> adobe.com @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37295
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;adobe.com.                     IN      A

;; ANSWER SECTION:
adobe.com.              86      IN      A       123.253.148.51
adobe.com.              86      IN      A       123.253.148.59

;; Query time: 3 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Mon Aug 29 01:06:00 NZST 2022
;; MSG SIZE  rcvd: 70

I followed the instructions to set up the unbound container with only this customization for forward-records.conf:

cat forward-records.conf
forward-zone:
    # Forward all queries (except those in cache and local zone) to
    # upstream recursive servers
    name: "."
    # Queries to this forward zone use TLS
    forward-tls-upstream: yes

    # https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers

    ## Cloudflare
    forward-addr: 1.1.1.1@853#cloudflare-dns.com
    forward-addr: 1.0.0.1@853#cloudflare-dns.com
    forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
    forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com

    ## Quad9
    forward-addr: 9.9.9.9@853#dns.quad9.net
    forward-addr: 149.112.112.112@853#dns.quad9.net
    forward-addr: 2620:fe::fe@853#dns.quad9.net
    forward-addr: 2620:fe::9@853#dns.quad9.net

Any help? Thanks.

Closing due to no response. Please re-open if needed.