Unbound DNS is currently using this port

[dimovstanimir85]

Hi Guys,
I would really appreciate your help and assistance in regard to my issue.
Pretty much I am using this article https://pi-hole.net/blog/2021/09/30/pi-hole-and-opnsense/#page-content in order to use my pi-hole instance as DNS server but when I try to do, in the very first step I get "Unbound DNS is currently using this port"(check attached screenshot).
I've also checked the ports used on the opnsense via ssh and there is no port 53 being used at the moment.

[lilsense]

please post the picture of the unbound > General. It looks like you have unbound enabled.

[dimovstanimir85]

please post the picture of the unbound > General. It looks like you have unbound enabled.

Thanks for your reply lilsense and yes, you were totally right. In the end it turned out that indeed the unbound option was enabled(check attached screen).
By the way what is the idea behind this "unbound" option in general?

[Patrick M. Hausen]

Unbound is the standard recursive DNS server in OPNsense and many other systems.

[dimovstanimir85]

Unbound is the standard recursive DNS server in OPNsense and many other systems.

I see. So in the end I suppose it is normal for it to be disabled like in this scenario where an external DNS service like Pi-Hole is about to be used.

[franco]

The guide talks about configuring Dnsmasq to do the forwarding. If you want to use Dnsmasq on port 53 you need to disable Unbound or move it to another port. This was always the case.

FWIW, the guide probably uses Dnsmasq because it's a smaller setup than running a full Unbound resolver. Nothing wrong with that.


Cheers,
Franco

[dimovstanimir85]

The guide talks about configuring Dnsmasq to do the forwarding. If you want to use Dnsmasq on port 53 you need to disable Unbound or move it to another port. This was always the case.

FWIW, the guide probably uses Dnsmasq because it's a smaller setup than running a full Unbound resolver. Nothing wrong with that.


Cheers,
Franco

To be honest Franco I am not sure if I need the whole setup from the article, I just need to see the requests coming from the different hostnames so I could determine what traffic is generated from each host as in my current scenario I only see all of the requests coming only from one host which is the OPNSense one(check attached screenshot).

[franco]

Yes, you can do this with either Dnsmasq or Unbound. Both feature overrides and forward support.

The easiest way to pull this off is to add PiHole server to System: Settings: General and disable override for WAN DNS servers. If you use Unbound enable forwarding mode and done... If you use Dnsmasq nothing else needs to be configured.


Cheers,
Franco

[dimovstanimir85]

Yes, you can do this with either Dnsmasq or Unbound. Both feature overrides and forward support.

The easiest way to pull this off is to add PiHole server to System: Settings: General and disable override for WAN DNS servers. If you use Unbound enable forwarding mode and done... If you use Dnsmasq nothing else needs to be configured.


Cheers,
Franco

Franco, could you please take a look at my screenshots and confirm if this is what I am supposed to do if I want to stick with the Unbound.

Thanks in advance!

[lilsense]

so why not just put the pihole IP address on your DHCPv4 for DNS and you are done. Whenever a device gets an IP the DNS will be the pihole and you are done. no need for dnsmasq or unbound.

[dimovstanimir85]

so why not just put the pihole IP address on your DHCPv4 for DNS and you are done. Whenever a device gets an IP the DNS will be the pihole and you are done. no need for dnsmasq or unbound.

This is how I've been doing it for the past year but as I said I was looking for a way how to make my pi-hole see all of my hostnames(both LAN & DMZ) as currently it only sees my opnsense device making all of the requests. That is why I think I need to use Unbound or Dnsmasq DNS with DNS forwarding enabled so the DNS requests will be forwarded but also holding information for the specific host for which it is sending the request. @Franco correct me if I am wrong.

[franco]

Yes, replace google servers, leave allow override unchecked. You only need DHCP options in Unbound when you want these to be available as host names from the firewall for all other clients. And yes set use name server setting in query forwarding.


Cheers,
Franco

[dimovstanimir85]

Yes, replace google servers, leave allow override unchecked. You only need DHCP options in Unbound when you want these to be available as host names from the firewall for all other clients. And yes set use name server setting in query forwarding.


Cheers,
Franco

As always thank you for your assistance and rapid response and while trying to follow up on your directions I got into a small bump.
Could you kindly look at both screenshots and advise further?  :)

[franco]

Use gateway: none


Cheers,
Franco

[dimovstanimir85]

Use gateway: none


Cheers,
Franco

Thanks Franco, selecting "none" worked and I continued configuring everything else that you described.
I also removed the Pi-hole's IP Address from the LAN's DHCP configuration and now the LAN network Interface IP is being assigned as gateway and dns on my laptop which of course is expected and normal. I also tested opening a couple of websites for which I know are full of Ads and when I checked my Pi-hole logs I saw those ads being blocked which is also great. So far so good BUT there are two issues left - one old and one new.
1. The Pi-hole still doesn't display hostnames(it still sees only my OPNsense's instance as client)
2. Now I lost the resolving of the Pi-Hole "Local DNS Records"

Do you have any idea why and how I could debug or fix that?

PS: If needed I can upload screenshots for every configuration and step described above