Hi,
I recently wanted to setup unbound in place of dnscrypt to resolve queries with my pi-hole on my rasp.
The version of unbound available on Raspbian is 1.6.0 currently.
When activating the options
ssl-upstream: yes
ssl-service-key: “/etc/ssl/certs/ca-certificates.crt”
unbound stopped working and we have something like this in the logs:
[1556709926] unbound[4394:0] info: server stats for thread 0: 23 queries, 7 answers from cache, 16 recursions, 0 prefetch
[1556709926] unbound[4394:0] info: server stats for thread 0: requestlist max 13 avg 1.875 exceeded 0 jostled 0
[1556709926] unbound[4394:0] info: mesh has 0 recursion states (0 with reply, 0 detached), 0 waiting replies, 16 recursion replies sent, 0 replies dropped, 0 states jostled out
[1556709926] unbound[4394:0] info: average recursion processing time 0.948223 sec
[1556709926] unbound[4394:0] info: histogram of recursion processing times
[1556709926] unbound[4394:0] info: [25%]=0.32768 median[50%]=0.603573 [75%]=0.920715
[1556709926] unbound[4394:0] info: lower(secs) upper(secs) recursions
[1556709926] unbound[4394:0] info: 0.000000 0.000001 1
[1556709926] unbound[4394:0] info: 0.008192 0.016384 1
[1556709926] unbound[4394:0] info: 0.016384 0.032768 1
[1556709926] unbound[4394:0] info: 0.262144 0.524288 4
[1556709926] unbound[4394:0] info: 0.524288 1.000000 6
[1556709926] unbound[4394:0] info: 1.000000 2.000000 1
[1556709926] unbound[4394:0] info: 2.000000 4.000000 2
[1556709926] unbound[4394:0] debug: cache memory msg=33040 rrset=33040 infra=17292 val=40931
[1556709926] unbound[4394:0] debug: switching log to stderr
I did also try to setup unbound to send queries through a vpn connection on the rasp itself
But I can’t resolve apparently through the vpn connection.
I tried set it up by hardcoding the ip address from the vpn connection, same result. I tried to used udp and tcp separately, same result
Am I missing something? I have connectivity through my vpn so that’s not the problem apparently. And the problem disappear as soon as I deactivate the vpn connection.
Or is all that supposed to happen in 1.6?
Does anyone have an idea about this?
Thanks in advance.