Comments (20)
hat3ph
commented on May 28, 2024
Are you using unbound dns with local port 5053?
Run command "sudo lsof -P -i -n" in terminal and provide the output. You may need to install lsof package if not installed.
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
sudo lsof -P -i -n
Yes I believe so as I am using your files from the repo. unbound.conf has port set to 5053.
sudo lsof -P -i -n
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 702 root 3u IPv4 20371 0t0 TCP *:22 (LISTEN)
sshd 702 root 4u IPv6 20373 0t0 TCP *:22 (LISTEN)
sshd 967 root 4u IPv4 21030 0t0 TCP 192.168.1.36:22->192.168.1.6:5626 (ESTABLISHED)
sshd 1072 lakhan 4u IPv4 21030 0t0 TCP 192.168.1.36:22->192.168.1.6:5626 (ESTABLISHED)
docker-pr 1167 root 4u IPv4 22631 0t0 TCP *:9443 (LISTEN)
docker-pr 1173 root 4u IPv6 21254 0t0 TCP *:9443 (LISTEN)
docker-pr 1185 root 4u IPv4 22656 0t0 TCP *:8000 (LISTEN)
docker-pr 1192 root 4u IPv6 22661 0t0 TCP *:8000 (LISTEN)
docker-pr 2956 root 4u IPv4 29985 0t0 TCP *:3000 (LISTEN)
docker-pr 2962 root 4u IPv6 29165 0t0 TCP *:3000 (LISTEN)
docker-pr 2975 root 4u IPv4 29178 0t0 TCP *:80 (LISTEN)
docker-pr 2982 root 4u IPv6 29181 0t0 TCP *:80 (LISTEN)
docker-pr 2996 root 4u IPv4 30023 0t0 TCP *:53 (LISTEN)
docker-pr 3002 root 4u IPv6 29207 0t0 TCP *:53 (LISTEN)
docker-pr 3015 root 3u IPv4 33884 0t0 UDP 172.18.0.1:52528->172.18.0.2:53
docker-pr 3015 root 4u IPv4 29249 0t0 UDP *:53
docker-pr 3015 root 8u IPv4 34098 0t0 UDP 172.18.0.1:34996->172.18.0.2:53
docker-pr 3021 root 4u IPv6 29251 0t0 UDP *:53
systemd-n 4406 systemd-network 18u IPv4 35118 0t0 UDP 192.168.1.36:68
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , I don't see TCP/UDP 5053 port running. Did you enable the unbound port in the docker-compose.yml? By default the 5053 port is disabled in the YAML file, you need to enable it to use unbound. I have also update the README file regarding this too just in case.
Pls share your docker-compose.yml.
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph That was the confusing part for me as your github docker-compose has 5035 disabled not 5053. Also in the video you did not enable but still for you 127.0.0.1:5053 worked. Is it supposed to be 5053 or 5035? I have just now enabled 5053 in docker-compose & can see TCP/UDP 5053 port running but still same issue. docker-compose & lsof output below.
2023/02/08 00:40:36.693916 [info] upstream "127.0.0.1:5053" fails to exchange: couldn't communicate with upstream: read udp 127.0.0.1:39508->127.0.0.1:5053: read: connection refused
`version: "3"
services:
adguard-unbound:
container_name: adguard-unbound
image: lolgast/adguard-unbound
restart: unless-stopped
hostname: adguard-unbound
# Volumes store your data between container upgrades
volumes:
- "./adguard/opt-adguard-work:/opt/adguardhome/work" # adguard container work directory
- "./adguard/opt-adguard-conf:/opt/adguardhome/conf" # adguard container conf directory
- "./unbound:/opt/unbound" # map custom unbound config
- "/usr/share/dns:/usr/share/dns" # map DNSSEC key and root hints from dns-root-data package
ports:
- 53:53/tcp # AdGuard Home DNS connection
- 53:53/udp # AdGuard Home DNS connection
- 3000:3000/tcp # AdGuard Home install web panel. Can disable after installation is completed.
- 80:80/tcp # AdGuard Home web panel HTTP
#- 443:443/tcp # AdGuard Home web panel HTTPS
#- 784:784/udp # AdGuard Home DNS-over-QUIC service
#- 853:853/tcp # AdGuard Home DNS-over-TLS/QUIC service
#- 67:67/udp # DHCP server
#- 68:68/udp # DHCP server
- 5053:5053/tcp # Uncomment to enable unbound access on local server
- 5053:5053/udp # Uncomment to enable unbound access on local server`
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-n 627 systemd-network 18u IPv4 19280 0t0 UDP 192.168.1.36:68
sshd 702 root 3u IPv4 20371 0t0 TCP *:22 (LISTEN)
sshd 702 root 4u IPv6 20373 0t0 TCP *:22 (LISTEN)
sshd 967 root 4u IPv4 21030 0t0 TCP 192.168.1.36:22->192.168.1.6:5626 (ESTABLISHED)
sshd 1072 lakhan 4u IPv4 21030 0t0 TCP 192.168.1.36:22->192.168.1.6:5626 (ESTABLISHED)
docker-pr 1167 root 4u IPv4 22631 0t0 TCP *:9443 (LISTEN)
docker-pr 1173 root 4u IPv6 21254 0t0 TCP *:9443 (LISTEN)
docker-pr 1185 root 4u IPv4 22656 0t0 TCP *:8000 (LISTEN)
docker-pr 1192 root 4u IPv6 22661 0t0 TCP *:8000 (LISTEN)
sshd 1279 root 4u IPv4 21400 0t0 TCP 192.168.1.36:22->192.168.1.6:2542 (ESTABLISHED)
sshd 1335 lakhan 4u IPv4 21400 0t0 TCP 192.168.1.36:22->192.168.1.6:2542 (ESTABLISHED)
docker-pr 3368 root 4u IPv4 40630 0t0 TCP *:5053 (LISTEN)
docker-pr 3374 root 4u IPv6 40635 0t0 TCP *:5053 (LISTEN)
docker-pr 3391 root 4u IPv4 40691 0t0 UDP *:5053
docker-pr 3398 root 4u IPv6 40695 0t0 UDP *:5053
docker-pr 3413 root 4u IPv4 40732 0t0 TCP *:3000 (LISTEN)
docker-pr 3420 root 4u IPv6 40737 0t0 TCP *:3000 (LISTEN)
docker-pr 3438 root 4u IPv4 41396 0t0 TCP *:80 (LISTEN)
docker-pr 3444 root 4u IPv6 41401 0t0 TCP *:80 (LISTEN)
docker-pr 3459 root 4u IPv4 40797 0t0 TCP *:53 (LISTEN)
docker-pr 3465 root 4u IPv6 40802 0t0 TCP *:53 (LISTEN)
docker-pr 3481 root 4u IPv4 40858 0t0 UDP *:53
docker-pr 3487 root 4u IPv6 40862 0t0 UDP *:53
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
hi @khadanja , sorry for the confusion. I have update the YAML file to include the correct unbound port and enable it by default. Pls try again and make sure to install the dns-root-data package for unbound too.
https://github.com/hat3ph/docker-adguard-unbound/blob/main/docker-compose.yml
You can run a dig cmd to check your unbound is working on 127.0.0.1:5053. You might need to install dnsutils package to use the dig cmd.
administrator@ubuntu-svr:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7efbbccc7915 lolgast/adguard-unbound "/opt/entrypoint.sh" 6 minutes ago Up 34 seconds (healthy) 0.0.0.0:53->53/tcp, :::53->53/tcp, 443/tcp, 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:3000->3000/tcp, 0.0.0.0:53->53/udp, :::3000->3000/tcp, :::53->53/udp, 0.0.0.0:5053->5053/tcp, 0.0.0.0:5053->5053/udp, :::5053->5053/tcp, :::5053->5053/udp, 67-68/udp, 853/tcp adguard-unbound
administrator@ubuntu-svr:~$ dig @127.0.0.1 -p 5053 google.com
; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> @127.0.0.1 -p 5053 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65446
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 293 IN A 172.217.25.206
;; Query time: 0 msec
;; SERVER: 127.0.0.1#5053(127.0.0.1) (UDP)
;; WHEN: Thu Feb 09 10:37:06 +08 2023
;; MSG SIZE rcvd: 55
administrator@ubuntu-svr:~$
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph Have you seen the output of my lsof? I have already tried again with correct port enabled. You can see in my lsof output port 5053. I have also installed dns root data package too. Is it something to do with networking in docker or some setting in virtualbox? Dig command just times out. Can you replicate my set up? Ubuntu on virtual box then installed docker, docker compose etc. followed your video & instruction in GitHub step by step.
dig @127.0.0.1 -p 5053 google.com
; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> @127.0.0.1 -p 5053 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , i am running an ubuntu 22.04 server in KVM with the docker setup. Able to work.
Can check the docker container running service? Is unbound running?
Run "docker logs 7efbbccc7915" and check is there any error logs for the container.
administrator@ubuntu-svr:~/docker-adguard-unbound$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7efbbccc7915 lolgast/adguard-unbound "/opt/entrypoint.sh" 6 hours ago Up 7 minutes (healthy) 0.0.0.0:53->53/tcp, :::53->53/tcp, 443/tcp, 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:3000->3000/tcp, 0.0.0.0:53->53/udp, :::3000->3000/tcp, :::53->53/udp, 0.0.0.0:5053->5053/tcp, 0.0.0.0:5053->5053/udp, :::5053->5053/tcp, :::5053->5053/udp, 67-68/udp, 853/tcp adguard-unbound
administrator@ubuntu-svr:~/docker-adguard-unbound$ docker top 7efbbccc7915
UID PID PPID C STIME TTY TIME CMD
root 989 969 0 16:06 ? 00:00:00 /bin/ash /opt/entrypoint.sh
root 1044 989 0 16:06 ? 00:00:00 unbound -c /opt/unbound/unbound.conf
root 1045 989 0 16:06 ? 00:00:00 /opt/adguardhome/AdGuardHome -c /opt/adguardhome/conf/AdGuardHome.yaml -w /opt/adguardhome/work --no-check-update
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph no errors :( It could be something simple on my side maybe as I just tried to set it up on my laptop locally in Docker Desktop, WSL2, ubuntu, worked first then same issue started when I played around with Upstream DNS servers in AdGuard as having only 127.0.0.1:5053, browsing was very very slow.
`docker top 31ac
UID PID PPID C STIME TTY TIME CMD
root 62257 62237 0 06:26 ? 00:00:00 /bin/ash /opt/entrypoint.sh
root 62305 62257 0 06:26 ? 00:00:29 /opt/adguardhome/AdGuardHome -c /opt/adguardhome/conf/AdGuardHome.yaml -w /opt/adguardhome/work --no-check-update
root 62306 62257 0 06:26 ? 00:00:00 unbound -c /opt/unbound/unbound.conf
`
2023/02/09 06:30:26.416893 [info] Start reconfiguring the server
2023/02/09 06:30:26.416906 [info] Stopping the DNS proxy server
2023/02/09 06:30:26.416976 [info] Stopped the DNS proxy server
2023/02/09 06:30:26.518372 [info] Starting the DNS proxy server
2023/02/09 06:30:26.518464 [info] Ratelimit is enabled and set to 20 rps
2023/02/09 06:30:26.518469 [info] The server is configured to refuse ANY requests
2023/02/09 06:30:26.518472 [info] DNS cache is enabled
2023/02/09 06:30:26.518476 [info] MaxGoroutines is set to 300
2023/02/09 06:30:26.518486 [info] Creating the UDP server socket
2023/02/09 06:30:26.518531 [info] Listening to udp://[::]:53
2023/02/09 06:30:26.518534 [info] Creating a TCP server socket
2023/02/09 06:30:26.518554 [info] Listening to tcp://[::]:53
2023/02/09 06:30:26.519265 [info] Entering the UDP listener loop on [::]:53
2023/02/09 06:30:26.519581 [info] Entering the tcp listener loop on [::]:53
2023/02/09 09:05:16.788562 [info] upstream "127.0.0.1:5053" fails to exchange: couldn't communicate with upstream: read udp 127.0.0.1:50997->127.0.0.1:5053: i/o timeout
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , have you try start from fresh with my latest docker-adguard-unbound git?
Or maybe have a remote session to check your setup? If you don't mind.
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph Just tried again on a different laptop with Ubuntu Server 22.04 on virtualbox, same issue. Maybe it's virtualbox on Windows, will try on a ubuntu machine with kvm like you. Still doesn't make sense though why it won't communicate with unbound!!
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph ok this time, brand new installation of ubuntu 22.04 LTS on a separate laptop, installed kvm & then installed ubuntu 22.04 in it, same issue. Something is really wrong here. I don't want to give up as it will keep bothering me.
same timeout error when running dig, unbound is running as per docker tops. Are there any unbound logs that can be checked?
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph Connected to the container & ran command unbound, is this supposed to happen? Does this help?
kan@kanx2:~/docker-adguard-unbound$ docker exec -it ba /bin/ash
/opt/adguardhome/work # unbound
[1675993744] unbound[45:0] error: can't bind socket: Address not available for ::1 port 53
[1675993744] unbound[45:0] fatal error: could not open ports
Looks like unbound is looking at the wrong directory for config file, isn't it? Shouldn't it be looking at opt/unbound/unbound.config?
/opt/adguardhome/work # unbound-checkconf
unbound-checkconf: no errors in /etc/unbound/unbound.conf
/opt/adguardhome/work #
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph remote session would be great. I will revert to my virtualbox setup on Win 11. Which time zone are you in?
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@hat3ph remote session would be great. I will revert to my virtualbox setup on Win 11. Which time zone are you in?
I am from Malaysia, +8 time zone.
Did you modify the default unbound.conf?
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph remote session would be great. I will revert to my virtualbox setup on Win 11. Which time zone are you in?
I am from Malaysia, +8 time zone. Did you modify the default unbound.conf?
@hat3ph I have tried so many things that can't keep track, no I did not modify default unbound.conf. How about we do a remote session now?
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , how u want to remote? anydesk? rustdesk?
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph anydesk is fine, just doing a fresh install of ubuntu for you. 471373990 is my anydesk address
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , as tested, the setup is working just some external issue like your router network setup or ISP is causing unbound not able to connect to internet.
from docker-adguard-unbound.
khadanja
commented on May 28, 2024
@hat3ph after stopping unbound on router, dig behaves differently, still fails though, any idea?
dig @127.0.0.1 -p 5053 herald.co.nz
; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> @127.0.0.1 -p 5053 herald.co.nz
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12368
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;herald.co.nz. IN A
;1; Query time: 0 msec
;; SERVER: 127.0.0.1#5053(127.0.0.1) (UDP)
;; WHEN: Fri Feb 10 21:04:51 NZDT 2023
;; MSG SIZE rcvd: 41
from docker-adguard-unbound.
hat3ph
commented on May 28, 2024
@khadanja , sorry no idea. But if you want a simple ad-blocker service, try freshtomato firmware on your Asus router.
I am using it on my Huawei WS880 for home network and work good.
Check out their page (https://freshtomato.org/) and hardware compatibility list.
from docker-adguard-unbound.
Related Issues (4)
- arm64 support? HOT 11
- Public server HOT 1
- Add docker Dockerfile HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-adguard-unbound.