search

MatthewVance / unbound-docker-rpi

Run Unbound with latest version of OpenSSL on Raspberry Pi with Docker.
MIT License
142 stars 22 forks source link

Constant DNS Query from Unbound to cloudflare.com #1

Closed gist901 closed 4 years ago

gist901 commented 4 years ago

Hi there,

First off thanks so much for compiling unbound into docker for the raspberry pi. I have just recently learned about unbound and I have been experimenting with it and PiHole running together in a docker container. I have everything working and I can definitely tell a difference in speed with my DNS queries. But when I look at the logs for unbound, I am seeing a large amount of DNS queries going to cloudflare.com. These queries are occuring once every second which seems high:

[1577925483] unbound[1:1] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925488] unbound[1:1] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925494] unbound[1:2] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925499] unbound[1:1] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925504] unbound[1:0] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925510] unbound[1:2] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925515] unbound[1:1] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925521] unbound[1:0] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925526] unbound[1:2] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925531] unbound[1:1] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925537] unbound[1:0] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64
[1577925542] unbound[1:2] info: 127.0.0.1 cloudflare.com. A IN NOERROR 0.000000 1 64

I do not know if this is supposed to be normal behavior, such as a keep-alive. I checked PiHole DNS query log and didn't see anything that was similiar. For the Unbound Config file, I am just using the standard config file with no alterations. I am using encrypted DNS settings ( port 853 ) out to cloudflare:

Cloudflare
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com

Can you kindly verify if this action is typical and supposed to be occurring.

Please see below for an example of my docker-compose file:

  unbound:
    container_name: unbound
    image: mvance/unbound-rpi:latest
    hostname: unbound
    volumes:
      - /mnt/torrents/dockerConfig/unbound:/opt/unbound/etc/unbound/
    ports:
      - 53:53/tcp
      - 53:53/udp
    restart: unless-stopped
MatthewVance commented 4 years ago

Hi, it's normal and expected behavior. It's from the health check (line 105 of Dockerfile). Here's the why: MatthewVance/stubby-docker#3

Thanks,