You're running Pi-Hole wrong! Setting up your own Recursive DNS Server!
Vložit
- čas přidán 27. 01. 2021
- Huge thanks to Linode for bringing you this video. Wanting your own personal cloud services, but don't have the time, money, or space to set up your own server rack? Let Linode host them for you! Visit linode.com/CraftComputing and get a $100 60-Day credit just for signing up.
Pi-Hole is an awesome service to run in your house. It keeps ads from loading on every device, and will run on any Raspberry Pi, Docker container or virtual machine you'd like. But did you know it can do SO much more than just block ads? You can also completely bypass 3rd party DNS servers like 8.8.8.8, 1.1.1.1, 208.67. 222.222, or the ones ran by your ISP.
But first... What am I drinking???
Freigeist Bierkultur's Aufschneider, a 'Hoppy German-style Hefeweizen Ale'. This reminded me a lot of a Radler... you know, a lager mixed with grapefruit soda? But think of a Hefe mixed with a Pale Ale. It's better than it sounds, but it's also neither a Pale Ale, nor a Hefe. Not bad, but not for me.
Installation Steps
Install Ubuntu Server 20.04 (ubuntu.com/download/server)
Install Pi-Hole - sudo curl -sSL install.pi-hole.net | bash
Set the Web Admin Password - pihole -a -p [password]
Install Unbound DNS - sudo apt install unbound
Create Unbound Configuration File - sudo nano /etc/unbound/unbound.conf.d/pi-hole.conf
Copy example config - docs.pi-hole.net/guides/dns/u...
Restart Unbound to apply Configuration - sudo service unbound restart
Disable Forwarding DNS in PiHole
Set Custom DNS in PiHole - 127.0.0.1#5335
And you're done! Bonus points for sending all DNS traffic through a VPN Gateway to encrypt all outbound requests - • VPN Everything! OpenVP...
Links to items below may be affiliate links for which I may be compensated
Find the parts I recommend on my Amazon store: www.amazon.com/shop/craftcomp...
Follow me on Twitter @CraftComputing
Support me on Patreon or Floatplane and get access to my exclusive Discord server. Chat with myself and the other hosts on Talking Heads all week long.
/ craftcomputing
www.floatplane.com/channel/Cr...
Music:
George Street Shuffle by Kevin MacLeod
Link: filmmusic.io/song/3800-george...
License: filmmusic.io/standard-license - Věda a technologie
I should start making all of my tutorial passwords "solarwinds123".
Yes
@@frizzletits8511 love the vid. Just some little fact, Ubuntu is pronounced Ooh-Boon-tu but pronounced fast.
@@TundraMantis Really? I've always pronounced it like Ubuntu, but maybe I'll start pronouncing it as Ubuntu instead ;D
@@WaffleClap Lol. A lot of Americans, like in the video pronounce it Ooh Bun to. Like a bread roll slipped in the middle there ;) The boon is like a fast boen. Just sounds better ;)
Can’t wait to see how bad the SolarWinds hack actually is. It will slowly trickle out over the next few years. It’s a lot worse then they’re letting on.
People hating on Ubuntu Server for being boring have never worked in IT. You don't want interesting infrastructure.
I'm even more boring. My servers are all Debian.
@@tin2001 Yup. I always run Debian for my servers
@@tin2001 Debian for the server and Manjaro on the Desktop/Laptop.
Ubuntu isn't boring. It's irritating, Debian is less irritating.
FreeBSD anyone ?
"Use whatever you like, this isn’t the place for that argument." Great saying, I’m using that!
Use whatever you like, this isn’t the place for that argument.
😂
I appreciate how you actually say what keys you are pressing. A lot of videos and online tutorials just say "enter this" "type this there" without actually detailing the smaller steps. To someone just starting with all this stuff, it is very helpful. Thanks!
You're welcome!
@@spawnterror r/notopbutok
@@jordanallen8115 r/notreddit
@@jordanallen8115 r/gobacktoreddit
@@Pteromandias my b this is r/notreddit , wrong app.
Packed content, accepting as many defaults as poss, concise explanations as you go - just perfect. Now pihole is setup for my domain controllers to forward dns queries too
It is 1am and you literally made me get out of bed to setup Pi Hole as a recursive DNS server never thought I needed such thing in my life.
me_irl
Sleep is a requirement not mandatory just ask any corporate HR
What are the benefits of this again?
you need it
@@duotronic6451 no
Thanks CZcams for suggesting this video. I literally fell in love with the chancel.
I came here because of the Pi-Hole + Unbound setup without knowing you're doing a beer review at the end. You got me with that. As a German usually not drinking industry-pilsener but always trying to get craftbeer from local breweries the last part made the tutorial perfect. I was able to smell the hops just by listening. Thanks!
I keep coming back to this every time I change/upgrade things... cheers!
This man has saved my life so much times. Im the only IT person at my job and his tutorials help me alot.
And what exactly for do you need pihole at a your job?
Jeff slowly creeping his way to #1 on my list of favorite techtubers, well done sir
Thanks Jeff!
I’ve been using pi-hole All Wrong for over a year! Thanks for the very detailed "how-to" video. It was very easy to follow and I had my extra rpi3 up and running with a fresh install of the os, pi-hole and unbound in less than 30 minutes!
Great job... Thanks again.
Do you have a link to a Video of how to do that please.
Works great on the recent releases of Mint (20.1), just enter the "skip OS check" command Pi-Hole gives you after the first time you run it and it fails. After that, no problems at all. Thanks for the clear tutorial and also linking everything in the description. Well done.
I just got my PiHole up and running and this is a great second step making it recursive. Thank you!
I echo that. I have mine running for two days on a refurbished HP Thin Client and I am pleased with it
Will definitely be setting recursive up. Great video, straight to the point!
Just wanted to drop a thanks!
I got a RasPi 0W for free a few days before you posted this, so it was perfect timing. My Pi-Hole w/ DNS has been working fantastically ever since.
This was a great video, perfect execution and easy to follow. Videos like these will make those starting out in the tech world enjoy what it has to offer... And make the experienced ones smile in agreement. ;)
Great video. I know this was Pi-Hole specific but 2 notes for others that are interested. You need to serve your Pi-Hole DNS IP to your network clients via your DHCP server otherwise its a manual setup on every single device and easy to bypass (as in change your DNS to something else) and the second related to the first is, on your firewall you should capture all DNS requests not going to / coming from Pi-Hole and then forward them back to Pi-Hole therefore making your Pi-Hole your exclusive internal DNS server and non by-passable. Some devices actually try use a hardcoded DNS ignoring your network DNS settings.
the first thing seems to be pretty easy to do. What about the second step? How can i capture all dns requests not going to and coming from pihole and forward it back to it?
@@asuravojl the directing DNS internally is really dependent on your firewall. For example on a Mikrotik you would create a NAT. In English that would be, if source address = your lan subnet and destination not PIhole IP, UDP port 53 action dst nat to pi hole ip. If this can’t be done at least having your dhcp server hand out the dns ip is still decent.
@@asuravojl Not all firewalls support redirecting. The easy solution is to block DNS port to all devices except for the Pihole. Then if they try to bypass the PiHole DNS it gets blocked.
Right on time! I’ve been having some issue just this week setting up Pi-hole! Bro u always come in clutch!!
JEFF GEERLING
How do I make a whitelist for the internet and block everything else not in my whitelist?
Good one, never thought of that! Got this running on a Pi Zero now and it works great so far!
This is hands down one of the best tutorials I've come across.
I absolutely love your channel!
awesome job with the video and great job on the linode placement!! flowed right in. hahah!!
Nothing like a "while we're waiting on this, let me tell you about" transition. Eat your heart out, Linus!
I have 13 hdd i want to hook up in my server but I'm limited on x8 slots. What would you recommend that i get? I also have a lsi megaraid 9260 IT mode but that only gives me 8 outs.
Checkout novas video on the raspberry pi imager
@@CraftComputing yeah, that's cool while we're waiting.
@@PolntBlank whatever that is, OOk?
Been running PiHole for a few years, and never knew about the Unbound. Thank you. Keeping my network and ads more secure.
Two years after watching this video for the first time, my comment is the same. You have to watch more than once but absolutely worth the effort. I rate this one of my top most useful videos. As I was a home brewer for years, back when Olympia and Coors was it, I enjoyed the hop talk.
Had your video saved for a good long while till i finally got round to setting up unbound. Great tutorial. In 2023 worked perfeclty on my pre-existing PiHole setup. I made a balls up by not restarting the DNS service before pointing PiHole to Unbound. But after that everything is working. Thanks good sir!
Thank you! I set up unbound after watching this and it was super easy.
That was super easy, thank you! Finally made use of an old B+ sitting around doing nothing.
Good job. Appreciate your miticulous and yet rapid progression. This style is well suited for recorded presentations where repeate is just a click away.
meticulous, not miticulous, seeing as you appreciate meticulousness, lol
Excellent man, just excellent. I ran Pi-hole as a recursive DNS server for a while and then started to have problems. I can now see where I made my mistake. Thanks so much.
Great video! I never really looked at Pi-Hole before (I thought it was specific to Pis). I've been doing adblocking using custom scripts to update lists and rebuild my BIND configs. I just tossed up a VM, followed your instructions mostly (changed the forwarder to my existing server with my BIND install), and gave it a quick test. I think I'll be setting up both networks to use this for blocking instead of the custom lists now (much easier to whitelist in as well). The stats are a nice bonus.
How do I make a whitelist for the internet and block everything else not in my whitelist?
Yea that is the one thing pi-Hole might have goofed on in their branding, the name is far to connected with the Raspberry pi. but hey it runns on the pi so the devs might just have wanted to cash in on all the pi hype
Thanks, this motivated me to finally put my dusty RPi 3 to good use.
Love this! Already had a Pi 4 running Pi-Hole and your video just made that experience much better. Thanks, man.
I tried getting Pi-hole running on a lubuntu install and had some trouble, found your video and immediately subbed, I look forward to learning a lot from you.
Nice tutorial, I am glad to see someone else appreciates the recursive properties and actually made a high quality video on it! To anyone reading, DO NOT RUN THIS ON A VPS UNLESS YOU KNOW WHAT YOU ARE DOING.
Why not?
@@Roko131 misconfiguration, via failure to secure your resolver, could result in your resolver being used in DDoS attacks.
@@lctsii was under the immpression installing unbound as he does should take care of that.
Is that not correct ?
This video made me a patreon/Merch buyer. Keep bringing us tools of the open web! Down with the Tech Oligarchy!
If u are serious about this then checkout scanlime-in-progress . It's a YT channel where these dev's are working towards this. Maybe catch em when their live and help throw some idea's around. Last time I was there the topic was >> What software should we write so we can be less dependent on big tech
Dude, you solved two problems instead of one, I needed to create my own email server for my company and I was facing problems with local DNS, in addition to too many ads and dubious advertising! Thank you very much!
I have came back to this tutorial loads of times for refreshers :) Cheers!
Great tutorial! I'll need to try out the recursive DNS setup. One thing I've done too is go into my router and setup DNS masquerading. That way any devices that have hard-coded DNS servers will automatically be forwarded to the PiHole. It's easy-ish to do on an Edgerouter X. However, I had to do something a little different when I upgraded to my UDM Pro. On the UDM Pro I basically allowed DNS requests from PiHole and dropped all other DNS requests from RFC1918 to WAN.
How was this done?
Does this work for iPones?
This was a great tutorial and as one of the old linux types who always stands ready to debate distribution types, much respect to how you disarmed us. Nothing left for us to do except...
Nano? Seriously?
Real typers type on vi ;)
Kidding. I set this up on an R-Pi 4 and the setup could not have gone better. Will subscribe.
You could yell at him for his pronunciation of Ubuntu lol
yeah but no one can get out of VIM! LOL
Nice, I've just started the Virtualising journey and now have this running in a container looking up via oVPN in another container thanks to another of your videos. Cheers!
Oh man the unbound makes my pi-hole way faster than before. I've seen this video couple times before but never got to installing the unbound until now. Well worth it. Thank you
Love these videos, Jeff, and I will consider installing unbound on my Rpi as well.
The only point I think you could have mentioned but didn't is setting your router DHCP server to direct your clients to the pihole server as default for DNS requests, so you don't have to do it manually, but I also get why you didn't :)
I also thought this was a lapse... should have pointed that out to make it complete.
Wroth mentioning that while it's useful to configuring your router to point at Pi-hole (you should), it's not all devices that will honor that. An example would be iPhones where the device would automatically point to iCloud's relay unless you, for each network, manually specify that DNS server to use.
If nothing else, this video made me finally update the password for my pihole admin page. Now I don't have to go digging it out of my password manager every time I want to login. So thanks for that.
i didn't have a password because no one goes around messing with my pi hole in my network
Is password manager worth it
@@mannb1023 Yes. Always. A little annoying having to open it all the time, but ultimately more secure (as long as your master password is secure and it's hosted in a way that's secure).
@@MrNaesme or just use a password manager that has a browser addon like Bitwarden and then you also don't need to think about it being open.
Good job Craft Computing! Clear and straightforward. Thank you.
Both of my pi-holes tweaked and making a big difference, thank you!
Awesome tutorial. Thanks for this. Could you consider doing a HA setup with 2 pi-hole servers? Both syncing all changes such as whitelists, blacklists and recursive DNS records etc.
I believe CZcamsr TechnoTim did this. Check him/his vids out
Thank for the very clearly explained video. Could you also create a guide to add Unbound as a docker container, to run alongside an existing Pi-hole container please? Preferably using Portainer. I'm still a little new to all this.
I think im trying your docker container setup - did or were you able to find a solution? TY
Received my Raspberry pi zero 2 W in the mail yesterday. Just gave it the recursive DNS server treatment. Working great! Thanks for the help.
Amazing tutorial, mate! Just got my RP Zero WH as an active recursive DNS server... great job!
Great video! My 12 old son managed to do this by himself following your tutorial first time! You should also consider making a part two of this guide to block CZcams ads too! I know it's quite tricky but managing a "moving target" like CZcams would be great practice!
@@wojtek-33 I mean if you ever tried blocking youtube ads with pi-hole, it is difficult and far from permanent. In other words - not very effective. However, trying to do that teaches a lot, that's why I suggested to do it.
@@wojtek-33 read the message again and think what is wrong with your statement
@@wojtek-33 alright dude
Use browser extensions like CZcams adblocker etc...DON'T use apps
@@mrmotofy you missed my point completely :)
Oh, nice. Also very easy to setup when you already have a running pihole.
Also, yes. that DNS Records section is so useful. .local domains are so much easier to remember than IP addresses.
The value of this video was exceptional! Thank you! liked and subscribed as a result!
The major downside to making your pihole setup a full recursive resolver, is that you lose the ability to do DNS over https which obfuscates your DNS lookups from your last mile provider (i.e. Comcast, Charter, Cox, etc). Additionally, if not properly secured, open recursive DNS resolvers can be and frequently are used as amplifiers in distributed denial of service (DDoS) attacks.
Normally you firewall should be configured in a way, that ongoing dns requests are blocked.
DoH is not as secure as you might think it is and it is significantly slower than regular lookups. I gave up on it in the interest of speed and because the more I read about it the more I realized it might not be doing much hiding at all. DNS needs a full re-engineer from the ground up as it has always had problems and I don't like any of the current solutions to try and fix them.
An open resolver is only a problem if the internet can reach it. Nothing in this video does that.
I just had to rebuild my pi-hole server. This guide is still valid. Only subtle changes since this came out.
Thank you very much!
My 12 year old fanless INTEL board was the recursive DNS here, running FreeBSD.
Electrolytic cap failure on the old INTEL motivated me to find a new HW platform for the DNS,
and thus my first Pi.
Working w/ FreeBSD makes me dizzy, not going back there again.
(And I started w/ UNIX system-3 on a PDP-11/70)….
Raspberry Pi OS looks very familiar to me, and I now, thanks to your fine tutorial, I have a new DNS!
Thanks for the great video. I liked the idea so i gave it a try.
I tried to install pi-hole exactly as you showed in this video, but with no success. There are some differences however. I made a virtual machine on my Windows10 desktop with hyper-V and installed Ubuntu, same version and same tools like SSH-server, and Unbound, same versions, same configuration. During testing I found no differences with the number of adds on MSN and other sites. I noticed that the configuration of pi-hole was only on IP-4 level and not on IP-6. That might be the reason, because my provider and my router all support IP-6. Another thing was that after rebooting my machine, nothing was working anymore because my ubunto server virtual machine got a different ip address (IP-4). I am not a linux guru but had a linix server about 15 years ago. So i know a little bit but not enough to solve this. I tried to give a fixed IP address, but on IP4 only, and that was not working, so I removed the whole setup. When someone has some ideas to solve this problem I will start from scratch again.
Fantastic end to end tutorial! Nice work!
Two of my favorite channels are talking to each other! OMG :-)
@@giovannibajetto same!
How do I make a whitelist for the internet and block everything else not in my whitelist?
This video is lit. No bs, straight to the point and everything explained.
Nice and simple explanations, Would love to hear you explain the benifits/concerns between using a recursive dns server (unbound) as opposed to DoH options
@@JivanPal Would I have to pay for a cert? If so what are the costs? Maybe a video can be done about this.
@@Alexcide007 No, you can get SSL/TLS certs for free these days using Let's Encrypt. Plenty of tutorials available. Personally, I like to use the DNS (DNS-01) challenge mechanism, which also allows you to create wildcard certs.
@@JivanPal Thanks for the advice, I am going to add this to my list!
Cool, video. You can enhance the Experience by logging in to your router and add pihole as the dns adres. This way all traffic wil be routed to pihole
This is what i did... now everything on the lan gets ads blocked...except youtube on the roku... theys tricksy
Only problem is most (home) routers don't actually broadcast the new DNS via DHCP, they do their own recursive lookup. Not a huge deal for performance, just adding yet another hop, but it sucks that PiHole only logs 100% of queries as coming from the router.
Ive been trying to setup unbound and finally found this tutorial which explain it very well. Good job.
Ah...a video I have to see more than once to understand...but I think worth it. Thanks! Update: I did as you say and it works...noticeably well on my Raspberry Pi4. I tested it using my PC before reassigning my router local network DNS to Pihole.
great tutorial, now I need the last thing - how to make pihole as backup dns with possibility to synchronize DNS records and pihole settings from primary pihole based recursive dns server.
there is a project called pihole-cloudsync, this uses a git repo to sync your blocklists, local dns doodads and settings from a master pihole
@@henryasbridge5161 found Gravity Sync, should be working without the need for git. look for Techno Tim channel, he has a guide.
Just out of interest, as I'm running Mint, I thought this could be an an ideal use of a local lxc container. Tried it, all worked, no additional hardware or hypervisor required.
This is the solution I've been looking for. The webmin BIND interface took me a while to get the hang of. This is simple. Thank you!
You inspired me to spin up my first Ubuntu Server VM on my TrueNAS and then follow the rest of your guide. Thank you!
When you clicked the video thinking the title said “you’re SAYING pi-hole wrong” and wondered what on earth was in an 18 minute video about semantics 😂
You forgot to cover another important area. There are people already running AD and dns service (I believe you too) and they want to use pihole without loosing functionality of theirs current dns setup. Would be great to see how you handle pihole running as forwarder or behind your current dns server. Also changing dns entry is much effective on dhcp server than single client so I believe this was done just for presentation purpose. Cheers.
I had just recently set up a workstation running Ubuntu 20.04 Server and pi-hole. I was using pi-hole as ad-blocker and home dns. Added unbound and got the recursive function working! I did have to manually start the service though, I also set it to auto-start on boot with:
sudo systemctl start unbound
sudo systemctl enable unbound
I also changed the port from 5335 to something a little more custom. If you edit the config file after starting the server as I did to change the port, restart the services with
sudo systemctl restart unbound
Thanks for making this video! Helpful!
I forgot how much I love Pi-Hole! Now with unbound it's super nice. Great tutorial!
now to figure out how to block google/youtube ads(cant on a smart tv).... GGGRRRR
I think you should do a video on the docker container. It's a lot less overhead than a full virtual machine.
You still need a machine to run the docker container on... hence why he went with his vps provider. To go with the added headaches of docker within the VPS would be silly and outside the scope of the demonstration. Docker does have more overhead then 0 after all.
Another option you may not have considered for running pi-hole is running it in a Docker container. More efficient than a full Ubuntu VM for sure, but I'll have to look into getting an Unbound docker image after seeing this video. Thanks!
I run it as a docker container, but that container runs on a dedicated "server" in a closet that I can SSH into. In my case, I'm using an old Mac mini.
@@daevski Yeah all of my containers run on a dedicated small server. I even have a separate unRAID box I could run containers on if I run out of capacity on the main server.
Absolutely fantastic - thanks for the easy to follow instructions - my pihole is now running super well and operating much more effectively. Also, who cant love a man who love his beer!
Thank you for this video, I didn't even know I was running Pi-Hole wrong!
Only one thing you maybe missed: you have to restart unbound service after adding the pihole configuration file.
You should also stop the DHCP service on your router and enable the one within PiHole. That way you won't have to configure DNS on everything on your network. Some routers will allow you to set the IP of a DNS server as well, but sometimes they still act as DNS and forwards the request to the server you specify, instead of just giving the client the IP address when it requests a DHCP lease.
But lots of routers let you setup the default DNS for any client that connects to it. This way you keep all the current IPs/hostnames you already have. Am I missing something? Thanks!
@@meyerbro Exactly. I'm using a FritzBox and can define the DNS server to use for DHCP clients.
@@meyerbro Indeed the router can do that itself. The real benefit from using pihole as the DHCP server is that it then knows the hostnames of all your devices, which is useful for the logs as with useful for internal in network DNS. In the house I can remote into myhostname.lan as oppose to 192.168.0.X
Please consider a follow up to this about pi-vpn, that would be a good topic to cover
Ooh yeah I'd definitely like that. For some reason I can never get pivpn to work proberly over time. It will work for a few hours or days and then just stop working for whatever reason.
@@aurelia8028 WireGuard works great.
@@aurelia8028 I've been running pivpn for a few years now, I can help you debug it if you'd like.
I followed your guide with one exception I used a container with debian template instead of a VM. Works sweet thanks brother
Great video! One thing I was unclear on was how unbound adds any real value. Your DNS chain is: pihole > unbound > DNS root servers. Why not just point the pihole directly to the root servers so that it looks like: pihole > DNS root servers ? This allows for you to run pihole on platforms and services, (such as docker) that may not have unbound bundled or available.
Why not use Bind instead? Wait, bind? What's that :D ;)
This is because pihole can't run a recursive DNS server on it's own - It needs a 3rd party implementation.
Thanks for the excellent tutorial! Can we configure Unbound to listen on a Unix socket rather than listening on port 5335, and then configure Pi-Hole to talk to Unbound on that Unix socket rather than on localhost:5335?
Since PiHole is using a DNS resolver, which as a standard uses TCP or UDP, typically on port 53, I'd say no to the unix socket. Why would you want to use a unix socket instead of a network port?
Great job. I appreciate that you keep your videos succinct and short.
Thank you! Followed your video and set up my own cloud based pihole / recursive DNS server with my wireguard tunnel :)
I'm pretty sure this is essentially a alcohol review channel with a computer related pre-show
Not that that's a bad thing
😆😆😆 I love the spin 😂😂😂😂 at end 😅
I hope to get myself a pi so I can do this! Love your vids!!!!!
I'm a teacher and a self-proclaimed Linux-geek. You are a skilled communicator.
Your pihole tutorial was the only one that worked for me. Thank you!
I love the local DNS settings, i've it set up for all of my local services, jellyfin.lan etc its great no need to remember IPs
Glad he mentioned this. In the past I modified the config file. But it was really out of date. Two minutes in the web interface and everything was updated.
I just enable "Conditional forwarding" and let my router do that.
Shouldn't you also add the ipv6 loopback ( [::1]:5335 ) to the upstream dns servers for ipv6 queries? Keep it up with the awesome videos! Love the channel.
From what I read, it's not needed because it points to the same place in the kernel.
Hmmm don’t think that’s right
I already had Pihole installed and runninng. This video made my network even better!
Followed the video and instructions and now my pi-hole is working great. Thank you.
just tested using hyper-v, didnt know it could make such a diference, buying a pi 3 now.
If you don't plan on doing anything else with the pi3 save yourself a few bucks and get a pi zero. It's more than enough for this application and its small form-factor gives you more options to tuck it away.
@@c187rocks it’s important to note that a Pi Zero doesn’t have an Ethernet port.
@@wrenskimpy9175 Good point. Although a basic USB dongle for a buck takes care of that which still brings the total cost lower than a pi 3.
@@c187rocks I've been running like this for years. Purposely got a pi0 without wifi with micro USB to ethernet adapter for the lowest possible power usage.
Could you please consider making a tutorial combining:
- PiHole
+ Unbound
+ LanCache
That would be kinda nice.
The script that rebuild the Lancache lists must run on RaspberryPi hardware (if you're using this tutorial)
Perfect tutorial! Thank you very much. Didn't know about "unbound" but now I'm using it and it's still very fast. Now my 8GB RPI 4 gets something to do other than being my NAS. :)
Great tutorial and explanations, managed to set up everything working nicely.
Thank you!
What about disabling the DNS cache of Pi-Hole? So Unbound handle all the caching
Also disabling DNSSEC since Unbound can handle that as well and Pi-Hole and Unbound would be doing the same job twice.
I have the same setup just with these two additions.
Great video btw
You 100% need to disable dnssec on pihole otherwise there will be issues with dnssec data not being passed through. The cache is less important but it can further decrease latency. I encourage you also to hit up the unbound conf manual and see if there are any additional options that would benefit you. Using a modified config i have managed to get my average queries down to 7ms.
@@angrynerd2103 Yeah, that as well. But maybe that's more "advance" and not as straight forward as, I believe, this tutorial was meant to be.
How dare you tell me I'm using my holes wrong
Well that's kinda concerning if you use your Pi-Hole the way you say you do
I really appreciate a simple tutorial like this, it gave me an idea for next proyects, thx!
I wish i knew about unbound and making pi-hole recursive when i set this up last year. thanks you for posting this, and making it very straight-forward
could you do a more in depth video on unbound?
thanks!
How do I make a whitelist for the internet and block everything else not in my whitelist?
WAT. In 5:30 you started curl with sudo, but then piped output of curl to bash without sudo :D
There's even information about from in red color "Script called with non-root privileges"
that sodo applies to curl not bash.
@@ericoutofthegfw yeah, that's what I'm talking about. It should be applied to bash, not to curl to make it working ;)
Went down in the comment for that :)
No need for sudo rights to download a file in your home folder :p
Sodo ?
Thanks for the video. Been using pi hole for years and never thought about doing it this way. Ive now made the changes thanks again :)