You are not logged in.

Pages: 1

#1 2018-02-21 19:16:13

dr3amyxen0
Member
Registered: 2018-02-21
Posts: 19

[SOLVED] DNScrypt+unbound troubleshooting

Struggling to setup dnscrypt+unbound on my work laptop. Have been messing with it for a few days tweaking the settings from the wiki pages to no particular result. Here are the configs.

/etc/unbound/unbound.conf

server:
  use-systemd: yes
  do-daemonize: no
  username: "unbound"
  directory: "/etc/unbound"
  trust-anchor-file: trusted-key.key
  root-hints: "/etc/unbound/root.hints"
  include: "/etc/unbound/adservers"
  do-not-query-localhost: no
  forward-zone:
    name: "."
    forward-addr: 127.0.0.1@5353

/usr/lib/systemd/system/dnscrypt-proxy.socket

[Unit]

Description=dnscrypt-proxy listening socket
Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki
Before=nss-lookup.target
Wants=nss-lookup.target

[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.0.1:5353
ListenDatagram=127.0.0.1:5353
NoDelay=true
DeferAcceptSec=1

[Install]
WantedBy=sockets.target

/etc/dnscrypt-proxy/dnscrypt-proxy.toml is here https://bpaste.net/raw/fbe4de520646. Related settings:

server_names = ['d0wn-lv-ns2', 'd0wn-lv-ns1', 'd0wn-se-ns2', 'd0wn-se-ns1', 'dnscrypt.eu-dk']
require_dnssec = true

/etc/resolv.conf

 
nameserver 127.0.0.1

What am I missing here? On paper unbound seems to listen on 127.0.0.1 for DNS requests and forward them to DNScrypt, which in turn forwards them to selected resolvers.

Last edited by dr3amyxen0 (2018-04-13 22:09:21)

Offline

#2 2018-03-03 16:51:58

deafeningsylence
Member
Registered: 2016-09-23
Posts: 52

Re: [SOLVED] DNScrypt+unbound troubleshooting

What is the specific error you get, you cannot resolve any address? Be more specific please. Also what does your DNSCrypt.conf like.

A few suggestions:
Are the necessary services active? (obvious but you never know)
Did you disable NetworkManager overriding the resolv.conf?
Could you make it work with only unbound or only DNSCrypt? (this way you could narrow down the problem to one of the two)
Does the resolver you chose support DNSCrypt & DNSSEC?

That is all I can think of for now, maybe it helps.

Offline

#3 2018-04-13 22:09:06

dr3amyxen0
Member
Registered: 2018-02-21
Posts: 19

Re: [SOLVED] DNScrypt+unbound troubleshooting

Tried installing dnscrypt and unbound a few days ago, and everything seems to work now. At least, no errors in sight and DNSSEC is active. Will mark it as solved, though I can't think of any particular solution.

Offline

Pages: 1

Board footer

Powered by FluxBB