Mastodon

DNS Options for Your LAN

Pi-Hole with Unbound

Pi-Hole with Unbound

Install Pi-hole and Unbound DNS

Pi-hole is an amazing tool with tons of functionality beyond it's main purpose of filtering out ads from your devices.  Now, imagine you went to all that trouble to get rid of those ads and tracking, but you still send all your requests right through your ISPs DNS servers, or Google's DNS servers, or anyone else's DNS servers.

Instead, how about setup your own DNS server, and then tell Pi-hole to use that?  It's really not difficult, so you should definitely get it setup.

This isn't about installing or setting up Pi-hole, but here's a video that will tell you exactly how to do that.

This is about installing Unbound, and getting your Pi-hole to ask it for sites instead of asking your ISP or some other 3rd party for your site addresses.

Install Unbound DNS

We will be using Docker-CE to run Unbound, and we'll be using the mvance/unbound image as well.

Make a directory to store our docker run command.  That way we have it in the future as well.

mkdir unbound-dns

Next, create a file inside that folder called "docker-run.txt".  It's just a text file where we'll hold our docker run command.

cd unbound-dns

nano docker-run.txt

The command is very straightforward compared to a lot of docker commands we run.

docker run -d --name my-unbound -p 5335:53/udp -p 5335:53/tcp --restart=always mvance/unbound:latest

Simply copy that command, and paste it into the terminal file you just created above, with CTRL+Shift+V or using right-click and paste.

Save the file with CTRL+O, then Enter, and exit using CTRL+X.

Now, you can cat out the command with cat docker-run.txt

Copy the command by highlighting it, then right-click and copy, or use CTRL+Shift+C.  

Now paste it back into the terminal at the prompt with CTRL+Shift+V, or right-click and paste.

Press Enter to run it and get unbound pulled down and started.

You can verify that unbound is running without errors when the command completes by checking that it's in docker with

docker ps

or you can check the logs with

docker logs my-unbound

If you changed the name of the container before running the command, then change it for any commands that reference the name as well.

Make Pi-hole point to Unbound

Now log into your Pi-hole by going to the IP address of your Pi-hole, and adding /admin to the end of the address.  For instance I use

http://192.168.7.242/admin

Click the Login button and enter your Pi-hole password.

Once you're logged in, you can go to Settings in the left menu, then select the DNS tab at the top of the window.

You'll want to uncheck your currently selected upstream DNS settings on the left.  On the right, under Upstream DNS Servers, click in the text field below "Custom 1 (IPv4)" and enter the IP address of the host machine your new Unbound DNS server is running on followed by "#5335".  For mine it was:

192.168.7.51#5335

If you changed the port mapping on the docker run command, then make sure to use the port number you set after # sign instead.

Scroll to the bottom and click 'Save'.  

Now your Pi-hole will ask your Unbound DNS server for addresses instead of the mainstream, upstream DNS providers, or your ISP.

Sweet!

Note that initially, requests may take a second longer as Unbound starts building its cache of data, but as you use it, it will get faster and faster.

There you have it.  Pi-hole using Unbound for DNS.  Enjoy!