Unbound Service Hanging After Upgrade to pfSense 2.7.2 (CE)
-
Hi
We were previously running pfSense 2.7.0 (CE) and had configured Service Watchdog to monitor Unbound. Whenever Unbound stopped, it would automatically restart, and we would receive an alert email:"Service Watchdog detected service unbound stopped. Restarting unbound (DNS Resolver)."
However, after upgrading to pfSense 2.7.2 (CE), we are facing issues where Unbound frequently hangs, causing local DNS resolution failures. The Watchdog service does not seem to detect or restart Unbound as expected.
Is this a known bug in 2.7.2, or is there a recommended fix/workaround?
Has anyone else experienced similar issues with Unbound on pfSense 2.7.2?
Any help or suggestions would be greatly appreciated!Thanks,
JP -
@JP-IIIT Anyone can help/make suggestions regarding this?
-
Go one level up in the forum and check how many are posting about 'unbound hangs' or 'fails' or needs to be 'restarted' ?
Give this a thought : how many 2.7.2 are there out there ? Hundreds of thousands. Does unbound 'fail' for them ? Noop. Why would it for you ?
True, unbound does restart a couple of times per week (?) see these (my) graphs, it shows she memory used. Every time it drops to zero : it was restarted.
It wasn't crashing, it was ordered to restart by 'pfBlockerng', as I use pfBlockerng. Totally normal, as pfBlockerng can reload / update DNSBL, and if the news ones contain new host names, then unbound has to restart so they will be taken i account.
Most of my unbound restarts are actually not pfBlockerng, it's because I change the settings, also know as : messing around with pfSense, trying out new thinks.About "Service Watchdog" : don't use it. You don't need it. Its a developer package, and can do more harm as help.
Example : Your unbound gets restarted. That's ok, it takes a couple of seconds, no one will notice it ^^
But what happens a fraction of a second later : "Service Watchdog" detects that unbound isn't running.... so it does what it was told to do : it starts unbound .... which was already in the start phase ... now you have two instances running .... and you've just managed to make things 'in-stable' with race conditions, and only lighting up candlers and other scarifies wills ave you know.
( and you'll know now it's the admin creating the issues .... (as always) ^^ )unbound dying on you 'without notice' niether reason ? Noop. People didn't look, for the reason, that's all.
So, tell us how you use unbound, you you've set it up, and we'll help you locating the issue.
Btw : default 'Netgate' pfSense DNS settings are perfect, you should try it