AdGuard Home (or other DSN-based ADBlocker)

kavejo · 17. März 2020

Hi all!

Just a quick question - I am looking to deploy a DNS AdBlocker like AdGuard Home or PiHole but I'm having some struggles as port 53 TCP and UDP are in use.

As such the container fails to deploy and, I don't want to map 53 to another port, as otherwise the clients would not be able to connect.

From netstat I can see that the port for both UDP and TCP is allocated to systemd-resolved.

Code

user@server:~# netstat -tulpn | grep ":53 "
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      794/systemd-resolve
udp        0      0 127.0.0.53:53           0.0.0.0:*                           794/systemd-resolve

I'm not hosting any other DNS-serving container on Docker and, on OMV itself, I only have enabled SMB/CIFS, SSH and RSync Server.

Could anyone help me in understanding why that port is in use and how I could free it so to map it to the container?

Thank you!

gderf · 17. März 2020

Highly unlikely you really need to free that port. It is being listened to only on the loopback address, an address that other PCs on your LAN can never reach or need to reach.

When you deploy any docker, just be sure it isn't configured to listen on that port and address combination on the host side.

kavejo · 17. März 2020

Thank you gderf ,

In Portainer I had mapped 0.0.0.0:53 to port 53 in the container.

I guess that takes any address, including 127.0.0.1.

Would you suggest me to just bind that one of the IPs of the server instead?

gderf · 17. März 2020

Don't map to 0.0.0.0 unless there is some very specific reason that you must do that. Use the private LAN ip address.

kavejo · 17. März 2020

Makes sense - thanks!

AdGuard Home (or other DSN-based ADBlocker)

kavejo 17. März 2020

Jetzt mitmachen!

Tags