Skip to main content

pihole-unbound

---

sidebar_label: Pi-hole + Unbound DNS

---

# Self-Hosted DNS Stack (Pi-hole + Unbound)

A private DNS resolver using Pi-hole and Unbound for ad-blocking, privacy, and full control over DNS queries.

---

## 🚀 What This Demonstrates

- DNS architecture understanding

- Containerized services (Docker)

- Network configuration and troubleshooting

- Privacy-focused infrastructure design

---

## 🧠 Architecture


Client Devices

      ↓

   Pi-hole (DNS filtering)

      ↓

   Unbound (recursive resolver)

      ↓

   Root DNS Servers

---

## 🎯 Objective

- Block ads and tracking at DNS level

- Remove reliance on external DNS providers

- Resolve queries locally for privacy and control

---

## ⚙️ Technology Stack

| Component | Role |

|----------|------|

| Pi-hole | DNS filtering and ad blocking |

| Unbound | Recursive DNS resolver |

| Docker | Container runtime |

| Ubuntu | Host system |

---

## 🛠 Implementation

### 1. Deploy Pi-hole

Configured Pi-hole as the primary DNS server.

- Upstream DNS → Unbound

- Local network DNS enabled

---

### 2. Deploy Unbound

Configured Unbound to:

- Perform recursive DNS resolution

- Avoid external DNS providers

- Cache responses

---

### 3. Networking

- Both services run in Docker

- Same Docker network

- Pi-hole → Unbound upstream

---

## 🔄 DNS Flow

1. Client sends query

2. Pi-hole filters

3. Forwarded to Unbound

4. Resolved via root servers

5. Response returned

---

## ⚠️ Problems Encountered

### DNS Loop

**Cause:** Incorrect upstream config

**Fix:** Pi-hole only points to Unbound

---

### No Internet Resolution

**Cause:** Unbound misconfig

**Fix:** Verified root hints + interfaces

---

### Docker Networking

**Cause:** Containers isolated

**Fix:** Same Docker network

---

## 🧠 Design Decisions

### Why Pi-hole

- Visibility into DNS

- Easy deployment

- Effective blocking

---

### Why Unbound

- Full recursive resolution

- Privacy

- No third-party DNS

---

### Why Docker

- Isolation

- Easy replication

- Clean management

---

## 📈 Performance Benefits

- DNS caching improves speed

- Reduced external queries

- Lower latency

---

## 🔐 Security Benefits

- Blocks malicious domains

- Prevents ISP tracking

- Full DNS visibility

---

## ✅ Final Outcome

- Local DNS resolver

- Network-wide ad blocking

- Improved privacy

- Scalable setup

---

## 💼 What This Proves

- DNS understanding

- Troubleshooting ability

- Real infrastructure experience

---

## 🔮 Future Improvements

- Add DoH

- Add monitoring

- Add redundancy

- Integrate firewall

---