Unbound DNS is currently using this port

Started by dimovstanimir85, May 15, 2023, 11:06:36 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
May 17, 2023, 01:10:57 PM #15
> 1. The Pi-hole still doesn't display hostnames(it still sees only my OPNsense's instance as client)

Well for this you need to put DHCPv4 DNS server back pointing to Pi-Hole directly. It really really depends on your requirements (and getting these defined first). Your post starts with "to use my pi-hole instance as DNS server" so that's what I suggested before the goal post shifted. And this is regardless of Dnsmasq/Unbound complication. ;)

> 2. Now I lost the resolving of the Pi-Hole "Local DNS Records"

Not sure what that is.


Cheers,
Franco
May 17, 2023, 02:49:52 PM #16 Last Edit: May 17, 2023, 02:51:58 PM by dimovstanimir85
Quote from: franco on May 17, 2023, 01:10:57 PM
> 1. The Pi-hole still doesn't display hostnames(it still sees only my OPNsense's instance as client)

Well for this you need to put DHCPv4 DNS server back pointing to Pi-Hole directly. It really really depends on your requirements (and getting these defined first). Your post starts with "to use my pi-hole instance as DNS server" so that's what I suggested before the goal post shifted. And this is regardless of Dnsmasq/Unbound complication. ;)

> 2. Now I lost the resolving of the Pi-Hole "Local DNS Records"

Not sure what that is.


Cheers,
Franco
As per your advise I've put my Pi-Hole IP Address back as DNS in the LAN's DHCP configuration and now it's all working like before. Pi-Hole still only sees OPNSense as the only source of DNS requests. And yes, you are right from the very begging I wanted to use dnsmasq as quoted in the article to be able to forward the hostname's fqdns and force Pi-Hole to see them as sources(not only OPNSense) and apparently I didn't know about the Unbound DNS that was the reason for dnsmasq not being able to be activated as the Unbound was already enabled and occupying port 53. However I think that in some of the posts above you said that no matter the service - Unbound or Dnsmasq both were capable of achieving what I want i.e to make Pi-hole see the hostnames making the DNS requests even behind the OPNsense. So please excuse me if in some point I've misled you but now it is strange for me that even after I enabled the forwarding in the Unbound section, Pi-Hole still is not able to see the hostname's as sources of origin. Do you happen to know if there is something else that should be done Pi-Hole's end?
May 17, 2023, 05:28:05 PM #17
If you give the Pi-Hole DNS IP to the clients the clients will ask there and you will start seeing the IP addresses of the clients. In order to resolve the client as hostnames Pi-Hole needs to ask OPNsense DNS which could end up in a loop.

You really need to put your requirements down first.


Cheers,
Franco
May 17, 2023, 07:25:22 PM #18 Last Edit: May 17, 2023, 07:37:13 PM by dimovstanimir85
Quote from: franco on May 17, 2023, 05:28:05 PM
If you give the Pi-Hole DNS IP to the clients the clients will ask there and you will start seeing the IP addresses of the clients. In order to resolve the client as hostnames Pi-Hole needs to ask OPNsense DNS which could end up in a loop.

You really need to put your requirements down first.


Cheers,
Franco

Check the attached diagram Franco.
For obvious reasons the subnets are just dummy ones.
However take note that the Pi-Hole server is in the WAN network and has a WAN IP Address. This is because my ISP Router is a Wi-Fi model and I do use this network as Guest Network. So as you can see for the Pi-Hole every request coming from hosts behind the OPNSense are considered as OPNSense's WAN IP. Maybe that is why in the article that I quoted in my first post it was described the usage of dnsmasq(not unbound dns) as maybe dnsmasq does allow forwarding of information for source hostnames to pi-hole. And in the article they did create some file via ssh onto the local filesystem.
May 17, 2023, 08:17:17 PM #19
I would recommend placing the pihole in the LAN network, so that the requests do not exit the OPNsense.
May 18, 2023, 12:03:14 AM #20
Just a quick update guys.

I've decided to try again the article from scratch(the one provided in my very first post) and this time as advised previously in this discussion I disabled the Unbound DNS and then I was able to successfully enable the dnsmasq service as port 53 was now not used anymore. From there on I followed the rest and "voila". I was really happy to see that my pi-hole server started displaying results of dns requests coming from hosts being even behind OPNSense. And good job to OPNSense itself for being able to properly forward the request to pi-hole.

Thank you all for the help and the guidance as you really helped me in understanding the basics of Unbound and Dnsmasq services.
Print
Go Up Pages 1 2
User actions