Skip to main content

Unbound DNS and Network Wide Ad Blocking!

Overview

This article covers the advantages of using OPNsense with Unbound DNS and Blocklists for network-wide ad blocking, offering a faster and more streamlined experience than Pi-Hole.

Benefits

Using Unbound DNS with ad blocking offers several advantages over Cloudflare DNS:

  1. Enhanced privacy: Unbound removes the need for third-party DNS services, preventing data collection and sale by providers like Cloudflare.

  2. Recursive resolution: Unbound performs DNS queries starting from root servers, improving privacy through qname minimisation, revealing less about browsing habits.

  3. Local control: Running Unbound locally gives you full control without reliance on external DNS infrastructure.

  4. Improved caching: Efficient caching and pre-fetching speed up DNS resolution.

  5. Reduced tracking: Eliminates tracking opportunities from third-party DNS providers.

  6. DNSSEC validation: Protects from DNS spoofing and cache poisoning.

  7. Compatibility with ad blocking: Integrates easily with solutions such as Pi-hole.

Check Out Our Video on This Topic

Guide to Setup Unbound DNS + Ad Blocking

  1. Log in to your OPNsense machine, navigate to Services > Unbound DNS > General.
  2. Check Enable Unbound and click Apply.
Enable Unbound DNS
  1. Go to Services > Unbound DNS > Blocklist.
  2. Enable blocklists, choose blocklist type (e.g., Steven Blacklist).
  3. Click Apply.
Blocklist settings
  1. Change DNS settings in two places to assign your OPNsense IP as DNS resolver:
  • Services > ISC DHCPv4 > LAN
  • System > Settings > General
DHCP DNS setting System DNS setting

Getting User Stats for Unbound

  1. Navigate to Reporting > Unbound DNS.
  2. Click Go to the reporting configuration.
Reporting configuration
  1. Enable local gather of Statistics.
Enable statistics

Clearing DNS Records on Windows

Flush and renew your DNS cache:

ipconfig /flushdns
ipconfig /renew
Flush dns command

Ad Blocking Test

Perform an adblocking test at AdminForge.

Example result: 41% block rate with a single blocklist; adding more will increase effectiveness.

Ad block test results
⚠️

Note

Remember, adding many blocklists may interfere with your browsing experience or block access to desired sites.

Verify Blocking in Unbound Reports

Go to Reporting > Unbound DNS > Details tab to confirm blocks are happening, indicating correct setup.

Blocking statistics

Follow Us on Social Media

YouTube
Discord
Patreon
Reddit
Rumble