Friday, December 13, 2024
Latest:
DNS Server linuxLinux serverNETWORK ADMINISTRATIONS

Best DNS Server for Home lab – Pihole Unbound configuration!

If you want to have the ulimate control over name resolution in your home lab environment and home network in general and , I want to show you guys an awesome DNS solution called Unbound you can use along with Pi-hole in your environment. With these you can to block ads, malicious traffic, and control DNS lookups. Let’s look at Pi-hole unbound blackhole DNS configuration and see how you can easily configure unbound along with Pihole.

Subscribe to the channel: https://www.youtube.com/channel/UCrxcWtpd1IGHG9RbD_9380A?sub_confirmation=1

My blog:
https://www.virtualizationhowto.com
_____________________________________________________

Social Media:

LinkedIn:
https://www.linkedin.com/in/brandon-lee-vht/

Github:
https://github.com/brandonleegit

Introduction to DNS and Unbound DNS – 0:00
Overview of Unbound DNS and why you want to use it – 1:00
New security features with DNS resolution – 1:29
You no longer need to forward your DNS to a middle tier DNS layer – 1:50
With Unbound, you can speak directly to Internet root DNS servers – 2:30
Beginning the installatio of Unbound DNS – 3:15
Pulling down the list of root DNS servers – 3:43
Creating the configuration file for Unbound – 4:12
Looking through the Unbound configuration file – 4:57
Changing the interface where Unbound is running – 5:40
Creating the clients.conf file for access control to Unbound – 6:00
Restarting the Unbound DNS service – 7:05
Using Dig to test the Unbound DNS server – 7:20
Looking at the cache functionality of Unbound DNS – 7:33
Making use of Unbound DNS with Pihole – 7:55
Looking at the Docker Compose file to spin up Traefik and Pi-hole – 8:17
Overview of the DNS communication flow between Pi-hole and Unbound – 9:08
Overview of testing – 9:30
Using a Windows 11 test machine and the DNS properties – 9:43
Running recursive DNS lookups with Unbound DNS – 10:15
Describing the cach building on Unbound DNS – 10:45
Looking at the unbound-control command line commands – 11:05
Running unbound-control status – 11:50
Running unbound-control stats_noreset – 11:57
Wrapping up thoughts on Unbound DNS and taking control over DNS queries – 12:25

About Unbound DNS server:
https://nlnetlabs.nl/projects/unbound/about/

Pi-hole DNS Network-wide Ad Blocking:
https://pi-hole.net/

source

by VirtualizationHowto

linux dns server

You May Also Like

CentOS 7 Default Route for Static IP on Two Interface (3 Solutions!!)

LabMinutes# SEC0086 – Cisco ACS 5.4 TACACS Device Admin on Switch and ASA (Part 1)

Windows Active Directory Configuration Step by Step on Server 2019

20 thoughts on “Best DNS Server for Home lab – Pihole Unbound configuration!

  • I'm watching this again after half year and I wonder if it's possible to completely migrate Unbound (config+caches) to new/different host/VM/CT?
    I'm getting about 11 000 cache hits, so it's working pretty well 😀

  • Hello there
    Would you consider to make a tutorial for a newbies on rpi – docker pihole + unbound?
    Have a nice day

  • Why don't you run a DNS proxy on your Palo Alto?

  • I have found Technitium is much more robust and has DOH and AD blocking and custom blocking built in. The entire thing is administrated in a web page an runs on raspberry pi too.

  • Why are you using docker containers for everything? It's an extra point of failure, it's less secure, it's out of your control, it's a huge inefficient resources hog compared to just plain Debian minimal server use. All this even on VM, wow, your electricity bill or energy footprint seem to not matter to you do they?

  • great video!
    for some reason when i check unbound as Upstream DNS Servers it cant no longer resolve local network DNS with SSL certificate (Nginx Proxy Manager/Let's Encrypt).
    any ideas on why?

  • 10:24 I hate to be that guy, but the quick response there is because the DNS lookup is first hitting the local DNS client cache on Windows 11.

  • I am totally going to give this a try. I am currently using Adguard Home and have a second instance running on a backup server as setup by mostlychris https://www.youtube.com/watch?v=KABWpAfyqss&t=408s
    I was wondering if you could do a video on how to make unbound highly available (if possible)? Assuming I can get this working with Adguard, this would create a single point of failure for my DNS. I'd like to have a backup instance of unbound running on the backup server with automatic failover in the event the primary goes down.

  • I have been trying to run pihole and unbound as docker containers with traefik. So far I was not successful. Could you show how to integrate unbound as a docker container in your setup of traefik and pihole?

  • Excellent video on unbound. Could you do the same video for Adguard Home. That would be a great addition I think.

  • Nice video Brandon, can you share you docker-compose file?!

  • hi sir tell me how i can enable safesearch through unbound and please share ith us the configuration

  • Seems to be working, but if I type "unbound-control status" I get "Error setting up SSL_CTX client cert". How do I fix that? Thanks for the great video.

  • Now do it using containers ! Please

  • Will this work for my local and lab name resolution also or will I have to run this and point my windows DNS server to this and itself to resolve both internal and external device?

  • Great !. The only thing missing for everyone to get into it is the cron suggested for the reload of the root servers. Thanks

Comments are closed.