Pi-Hole/docs
1
0
Fork 0
mirror of https://github.com/pi-hole/docs.git synced 2026-02-15 07:26:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update unbound guide (#1318)

Browse Source 
Signed-off-by: Rob Gill <rrobgill@protonmail.com>
Co-authored-by: yubiuser <github@yubiuser.dev>
This commit is contained in:
Rob Gill
2025-11-26 17:52:13 +10:00
committed by GitHub
parent 3d9bfe9c6d
commit 78b3d4babf
1 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/guides/dns/unbound.md
View File

@@ -76,9 +76,9 @@ Highlights:
- Verify DNSSEC signatures, discarding BOGUS domains
- Apply a few security and privacy tricks
`/etc/unbound/unbound.conf.d/pi-hole.conf`:
(Note that for some Red Hat based distros including CentOS up to v10, the path for the `pi-hole.conf` file may be `/etc/unbound/conf.d/pi-hole.conf`)
```yaml
```yaml title="/etc/unbound/unbound.conf.d/pi-hole.conf"
server:
# If no logfile is specified, syslog is used
# logfile: "/var/log/unbound/unbound.log"
@@ -269,6 +269,27 @@ Lastly, restart unbound:
sudo service unbound restart
```
### Verifying that Pi-hole is querying unbound as its upstream
Query a dns using `dig`:
```bash
dig en.wikipedia.org @127.0.0.1
```
Then view Pi-hole's log file, follow a query seeing it sent to and receiving a reply from 127.0.0.1#5335 such as below:
```bash
sudo tail /var/log/pihole/pihole.log
Nov 24 11:57:47 dnsmasq[973]: query[A] en.wikipedia.org from 127.0.0.1
Nov 24 11:57:47 dnsmasq[973]: forwarded en.wikipedia.org to 127.0.0.1#5335
Nov 24 11:57:47 dnsmasq[973]: reply en.wikipedia.org is <CNAME>
Nov 24 11:57:47 dnsmasq[973]: reply dyna.wikimedia.org is 103.102.166.224
```
If you see the reply to queries from 127.0.0.1#5335, then Pi-hole is using unbound as its upstream.
### Common Issues & Troubleshooting
#### Fix `so-rcvbuf` warning in unbound
@@ -299,7 +320,7 @@ To fix it:
sudo sysctl -w net.core.rmem_max=1048576
```
3. Make it permanent. Edit `/etc/sysctl.conf` and add or edit the line:
3. Make it permanent. Edit `/etc/sysctl.d/99-unbound.conf` (or on old systems eg Debian ≤ 12 edit `/etc/sysctl.conf`) and add or edit the line:
```bash
net.core.rmem_max=1048576
@@ -307,6 +328,14 @@ To fix it:
4. Save and apply:
On up to date systems (eg Debian 13)
```bash
sudo systemctl restart systemd-sysctl
```
Older systems (eg Debian ≤ 12)
```bash
sudo sysctl -p
```