Ubuntu 24.04 unbound install problems -- resolv.conf

Jared Norris jrnorris at gmail.com
Thu Jun 12 03:48:13 UTC 2025 

Hi Robert,

I use Unbound at home and might have a slightly different take. I point my
local router at an Unbound instance (running on a Raspberry Pi) as the DNS
service then set up Unbound using unbound.conf

That way the whole network is using Unbound, not just my local PC. That
also means there is no config on any computer, just set it up once on the
router.

I use it alongside Pihole and find it works well, they have documentation
to help with the set up and they mention a resolve.conf issue with a
workaround that may also help even if you want to still run it locally -
https://docs.pi-hole.net/guides/dns/unbound/

Regards,

Jared Norris

On Thu, 12 Jun 2025 at 08:29, Robert Moskowitz via ubuntu-users <
ubuntu-users at lists.ubuntu.com> wrote:

> I have been following the cookbook at:
>
>
> https://www.linuxbabe.com/ubuntu/set-up-unbound-dns-resolver-on-ubuntu-20-04-server
>
> which is really for Ubuntu 22.
>
> I got through his getting unbounded running.
>
> systemctl status unbound
> ● unbound.service - Unbound DNS server
>       Loaded: loaded (/usr/lib/systemd/system/unbound.service; enabled;
> preset: >
>       Active: active (running) since Wed 2025-06-11 18:02:18 EDT; 26s ago
>         Docs: man:unbound(8)
>      Process: 5494 ExecStartPre=/usr/libexec/unbound-helper chroot_setup
> (code=e>
>      Process: 5496 ExecStartPre=/usr/libexec/unbound-helper
> root_trust_anchor_up>
>     Main PID: 5499 (unbound)
>        Tasks: 1 (limit: 928)
>       Memory: 8.2M (peak: 8.6M)
>          CPU: 89ms
>       CGroup: /system.slice/unbound.service
>               └─5499 /usr/sbin/unbound -d -p
>
> netstat -tulpn
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address State
> PID/Program name
> tcp        0      0 0.0.0.0:53              0.0.0.0:* LISTEN
> 5499/unbound
> tcp6       0      0 :::7456                  :::* LISTEN      1/init
> udp        0      0 0.0.0.0:53 0.0.0.0:*
> 5499/unbound
>
>
> And setting firewall rules:
>
> Status: active
>
> To                         Action      From
> --                         ------      ----
> 7456                        ALLOW       Anywhere
> 53                         ALLOW       23.123.122.144/28
> 53                         ALLOW       192.168.0.0/24
> 7456 (v6)                   ALLOW       Anywhere (v6)
>
> Now I am up to resolv.conf.
>
> I thought to be smart and set nameserver 127.0.0.1in my netplan. Easy,
> as I am on a fixed plan
>
> But
>
> cat /etc/resolv.conf
> # This is /run/systemd/resolve/stub-resolv.conf managed by
> man:systemd-resolved(8).
> # Do not edit.
> #
> # This file might be symlinked as /etc/resolv.conf. If you're looking at
> # /etc/resolv.conf and seeing this text, you have followed the symlink.
> #
> # This is a dynamic resolv.conf file for connecting local clients to the
> # internal DNS stub resolver of systemd-resolved. This file lists all
> # configured search domains.
> #
> # Run "resolvectl status" to see details about the uplink DNS servers
> # currently in use.
> #
> # Third party programs should typically not access this file directly,
> but only
> # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in
> a
> # different way, replace this symlink by a static file or a different
> symlink.
> #
> # See man:systemd-resolved.service(8) for details about the supported
> modes of
> # operation for /etc/resolv.conf.
>
> nameserver 127.0.0.53
> options edns0 trust-ad
> search htt-consult.com
>
> not 127.0.0.1
>
> So then I set my netplan back to the regular nameservers and tried to
> follow his instructions to
>
> systemctl restart unbound-resolvconf.service
>
> But this fails  I am suppose to
>
> apt install openresolv
>
> But this has been pulled as of Ubuntu 23.
>
> So how do I finish up this unbound setup?
>
> I tried nslookup on my server.  It times out.  From my "allowed" local
> addresses I tried:
>
> dig @onlo.htt-consult.com A medon.htt-consult.com
> ;; communications error to 23.123.122.146#53: timed out
> ;; communications error to 23.123.122.146#53: timed out
> ;; communications error to 23.123.122.146#53: timed out
>
> ; <<>> DiG 9.18.33 <<>> @onlo.htt-consult.com A medon.htt-consult.com
> ; (1 server found)
> ;; global options: +cmd
> ;; no servers could be reached
>
> thank you for your help.
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20250612/65174598/attachment.html>

More information about the ubuntu-users mailing list