0

I set up unbound as described in this instruction:

https://docs.pi-hole.net/guides/dns/unbound/

To test unbound, I should use

dig pi-hole.net @127.0.0.1 -p 5335 (gives ok as result)
dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 (gives correctly a fail as result)
dig sigok.verteiltesysteme.net @127.0.0.1 -p 5335 (gives ok as result)

which all workes.

But it doesn't work, if I use something like

dig example.org @127.0.0.1 -p 5335
dig my-own-domain.tld @127.0.0.1 -p 5335

both gives an error:

;; connection timed out; no servers could be reached

Is something wrongly configured (i used exactly the same configuration as in the documentation above)?

I use Ubuntu 20.04.2 server.

Improve this question

1 Answer 1

Reset to default
0

I found the solution myself:

Of course I need to open the firewall for ports 5353:

sudo ufw allow 5353/tcp
sudo ufw allow 5353/udp

and then

sudo ufw enable
sudo ufw reload

https://www.cyberciti.biz/faq/howto-open-dns-port-53-using-ufw-ubuntu-debian/

P.S.:

I totally overlooked that the port in the documentation and related blog articles is sometimes 5353 and sometimes 5335. It seems that it was 5353 and they changed it to 5335.

Therefore, I messed the numbers up and opened wrong ports and so on.

Seems that 5335 should be the "right" port but at the end, it just has to be consistent.

https://www.reddit.com/r/pihole/comments/gq7jwp/ubound_port_changed_from_5353_to_5335_in_docs/

Improve this answer
1
  • It would still be wise to specifically avoid 5353 because that's usually in use by mDNS (Avahi/Bonjour) local multicast services.
    – grawity_u1686
    Commented Jun 23, 2021 at 15:46

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .