unbound with AdGuard Home

Sun, 27 Jul 2025 23:51:36 -0700 

Good morning,
I run a small homelab with AdGuard Home DNS proxies, using Quad9 as upstream. 


I would like to configure unbound as a fallback DNS in case Quad9 is 
down. Running unbound with AGH or Pi-hole seems to be a common 
configuration, but I am not sure how to do it properly, specifically 
with regard to cache management.
In my case, since AGH is properly configured (min ttl, max ttl, blocking 
lists…), I’d like to turn of caching in unbound at this time. My current 
config (on Alpine Linux) is:


root@dns ~ $  cat /etc/unbound/unbound.conf.d/pu.conf
server:
        port: 5335
        do-ip6: no
        verbosity: 0
        edns-buffer-size: 1232

        # recursive resolver
        root-hints: /usr/share/dns-root-hints/named.root

        # disable cache, is redundant with AdGuardHome
        msg-cache-size: 0
        rrset-cache-size: 0

and AGH uses 127.0.0.1:5335 as the fallback upstream.

But I still get the impression that there is caching in unbound:

root@dns ~ $  dig @127.0.0.1 -p 5335 www.thunderbird.net

; <<>> DiG 9.20.11 <<>> @127.0.0.1 -p 5335 www.thunderbird.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31368
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.thunderbird.net.           IN      A

;; ANSWER SECTION:
www.thunderbird.net.    300     IN      A       104.26.2.27
www.thunderbird.net.    300     IN      A       104.26.3.27
www.thunderbird.net.    300     IN      A       172.67.74.82

;; Query time: 189 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP)
;; WHEN: Sun Jul 27 15:38:20 CEST 2025
;; MSG SIZE  rcvd: 96


root@dns ~ $  dig @127.0.0.1 -p 5335 www.thunderbird.net

; <<>> DiG 9.20.11 <<>> @127.0.0.1 -p 5335 www.thunderbird.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18346
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.thunderbird.net.           IN      A

;; ANSWER SECTION:
www.thunderbird.net.    296     IN      A       172.67.74.82
www.thunderbird.net.    296     IN      A       104.26.2.27
www.thunderbird.net.    296     IN      A       104.26.3.27

;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP)
;; WHEN: Sun Jul 27 15:38:24 CEST 2025
;; MSG SIZE  rcvd: 96

What am I missing here?

Regards,
-Patrick















    











					Reply via email to