welcome[bot]
commented
2 weeks ago Thanks for opening your first issue here 🙋🕵️
Open bigverm23 opened 2 weeks ago
welcome[bot]
commented
2 weeks ago Thanks for opening your first issue here 🙋🕵️
trinib
commented
2 weeks ago Operating System
Ubuntu
Architecture
64-bit
Platform
Linux
Project
Aduard Home
Browser
Firefox
Issue
Other (explain in description)
Issue Description
I have Unbound installed and listening on localhost:53, and DNSCrypt (anonymized) installed and listening on localhost:5353.
I can install AdGuardHome just fine on the host machine, 10.0.0.11, and it works for all networked devices EXCEPT the host. No logs are being shown in the query log either. How do I resolve this?
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME AdGuardHo 512522 root 11u IPv4 1902545 0t0 UDP 10.0.0.11:domain AdGuardHo 512522 root 12u IPv4 1902546 0t0 TCP 10.0.0.11:domain (LISTEN) unbound 512909 unbound 3u IPv4 1906257 0t0 UDP localhost:domain unbound 512909 unbound 4u IPv4 1906258 0t0 TCP localhost:domain (LISTEN)
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dnscrypt- 1554 root 6u IPv4 25824 0t0 UDP localhost:mdns dnscrypt- 1554 root 7u IPv4 25825 0t0 TCP localhost:5353 (LISTEN) dnscrypt- 1554 root 8u IPv6 25826 0t0 UDP ip6-localhost:mdns dnscrypt- 1554 root 9u IPv6 25827 0t0 TCP ip6-localhost:5353 (LISTEN)
I have dnsstublistener disabled according to #27
It sounds like the setup you have for DNS resolution on your host machine could be running into a conflict with AdGuard Home, Unbound, and DNSCrypt operating on overlapping ports and potentially not forwarding requests properly. Here’s a breakdown of the configuration you need and adjustments you can make to resolve this:
10.0.0.11 is listening for networked devices, it should ideally forward DNS queries to Unbound on localhost:53, which in turn forwards to DNSCrypt on localhost:5353.127.0.0.1:53. This ensures that AdGuard forwards queries to Unbound, which will handle DNS resolution using DNSCrypt as its backend.Ensure Unbound is configured to forward its queries to DNSCrypt, which is listening on localhost:5353. Here’s a snippet for the Unbound configuration file (usually located at /etc/unbound/unbound.conf):
forward-zone:
name: "."
forward-addr: 127.0.0.1@5353This setup tells Unbound to use DNSCrypt for all outbound DNS requests.
localhost:53127.0.0.1 and 10.0.0.11, respectively), which is correct. To ensure there’s no confusion, explicitly configure AdGuard Home to avoid localhost:53 entirely.10.0.0.11)On the host, set the DNS resolver to use AdGuard Home at 10.0.0.11. You can do this by editing the /etc/resolv.conf file or using systemd-resolved if available:
sudo nano /etc/resolv.confAdd the following line:
nameserver 10.0.0.11Alternatively, if systemd-resolved is managing DNS, you can set it via:
sudo systemd-resolve --set-dns=10.0.0.11 --interface=<interface-name>Restart AdGuard Home, Unbound, and DNSCrypt services in sequence to ensure they pick up the new configurations.
sudo systemctl restart adguardhome
sudo systemctl restart unbound
sudo systemctl restart dnscrypt-proxyTry resolving a domain from the host to see if it logs the request in AdGuard Home.
dig @10.0.0.11 example.comCheck AdGuard Home's query logs to confirm if the requests from the host machine are now logged.
This setup should route all DNS queries from the host machine to AdGuard Home, which then routes to Unbound and finally DNSCrypt, with each service handling requests as intended.
bigverm23
commented
2 weeks ago just want to make sure,but Unbound ONLY works if I set a DNS provider in the config as well...does this unbound config portion look right?
server:
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
forward-zone:
name: "."
forward-tls-upstream: yes
#dnscryptproxy
forward-addr: 127.0.0.1@5353
forward-addr: ::1@5353
#AdGuardDNS
forward-addr: 94.140.14.14@853#dns.adguard.com
forward-addr: 94.140.15.15@853#dns.adguard.com
forward-addr: 2a10:50c0::ad1:ff@853#dns.adguard.com
forward-addr: 2a10:50c0::ad2:ff@853#dns.adguard.comIt seems to be working and AdGuard Home is resolving host as it should, but it seems to be very slow
; <<>> DiG 9.20.0-2ubuntu3-Ubuntu <<>> @10.0.0.11 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43107
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 1664 IN A 93.184.215.14
;; Query time: 631 msec
;; SERVER: 10.0.0.11#53(10.0.0.11) (UDP)
;; WHEN: Wed Nov 06 05:28:02 EST 2024
;; MSG SIZE rcvd: 56
Operating System
Ubuntu
Architecture
64-bit
Platform
Linux
Project
Aduard Home
Browser
Firefox
Issue
Other (explain in description)
Issue Description
I have Unbound installed and listening on localhost:53, and DNSCrypt (anonymized) installed and listening on localhost:5353.
I can install AdGuardHome just fine on the host machine, 10.0.0.11, and it works for all networked devices EXCEPT the host. No logs are being shown in the query log either. How do I resolve this?
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME AdGuardHo 512522 root 11u IPv4 1902545 0t0 UDP 10.0.0.11:domain AdGuardHo 512522 root 12u IPv4 1902546 0t0 TCP 10.0.0.11:domain (LISTEN) unbound 512909 unbound 3u IPv4 1906257 0t0 UDP localhost:domain unbound 512909 unbound 4u IPv4 1906258 0t0 TCP localhost:domain (LISTEN)
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dnscrypt- 1554 root 6u IPv4 25824 0t0 UDP localhost:mdns dnscrypt- 1554 root 7u IPv4 25825 0t0 TCP localhost:5353 (LISTEN) dnscrypt- 1554 root 8u IPv6 25826 0t0 UDP ip6-localhost:mdns dnscrypt- 1554 root 9u IPv6 25827 0t0 TCP ip6-localhost:5353 (LISTEN)
I have dnsstublistener disabled according to https://github.com/trinib/AdGuard-WireGuard-Unbound-Cloudflare/issues/27