Ubuntu 24.04 unbound install problems -- resolv.conf
Robert Moskowitz
rgm at htt-consult.com
Wed Jun 11 22:27:46 UTC 2025
I have been following the cookbook at:
https://www.linuxbabe.com/ubuntu/set-up-unbound-dns-resolver-on-ubuntu-20-04-server
which is really for Ubuntu 22.
I got through his getting unbounded running.
systemctl status unbound
● unbound.service - Unbound DNS server
Loaded: loaded (/usr/lib/systemd/system/unbound.service; enabled;
preset: >
Active: active (running) since Wed 2025-06-11 18:02:18 EDT; 26s ago
Docs: man:unbound(8)
Process: 5494 ExecStartPre=/usr/libexec/unbound-helper chroot_setup
(code=e>
Process: 5496 ExecStartPre=/usr/libexec/unbound-helper
root_trust_anchor_up>
Main PID: 5499 (unbound)
Tasks: 1 (limit: 928)
Memory: 8.2M (peak: 8.6M)
CPU: 89ms
CGroup: /system.slice/unbound.service
└─5499 /usr/sbin/unbound -d -p
netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
5499/unbound
tcp6 0 0 :::7456 :::* LISTEN 1/init
udp 0 0 0.0.0.0:53 0.0.0.0:*
5499/unbound
And setting firewall rules:
Status: active
To Action From
-- ------ ----
7456 ALLOW Anywhere
53 ALLOW 23.123.122.144/28
53 ALLOW 192.168.0.0/24
7456 (v6) ALLOW Anywhere (v6)
Now I am up to resolv.conf.
I thought to be smart and set nameserver 127.0.0.1in my netplan. Easy,
as I am on a fixed plan
But
cat /etc/resolv.conf
# This is /run/systemd/resolve/stub-resolv.conf managed by
man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly,
but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different
symlink.
#
# See man:systemd-resolved.service(8) for details about the supported
modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search htt-consult.com
not 127.0.0.1
So then I set my netplan back to the regular nameservers and tried to
follow his instructions to
systemctl restart unbound-resolvconf.service
But this fails I am suppose to
apt install openresolv
But this has been pulled as of Ubuntu 23.
So how do I finish up this unbound setup?
I tried nslookup on my server. It times out. From my "allowed" local
addresses I tried:
dig @onlo.htt-consult.com A medon.htt-consult.com
;; communications error to 23.123.122.146#53: timed out
;; communications error to 23.123.122.146#53: timed out
;; communications error to 23.123.122.146#53: timed out
; <<>> DiG 9.18.33 <<>> @onlo.htt-consult.com A medon.htt-consult.com
; (1 server found)
;; global options: +cmd
;; no servers could be reached
thank you for your help.
More information about the ubuntu-users
mailing list