Unbound can't start after snapshot update (new thread!)
-
Unfortunately, not everything is working as I imagine it should.
I've been getting errors about ssl handshakes and was only able to get unbound up and running after enabling forwarding mode and removing the testing v6 dns overrides.php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control load_cache < /var/tmp/unbound_cache' returned exit code '1', the output was '[1313843955] unbound-control[44879:0] debug: address 127.0.0.1 port 953 [1313843955] unbound-control[44879:0] error: connect: Operation timed out' php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control forward ' returned exit code '1', the output was 'error: SSL handshake failed' php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1313843873] unbound[44392:0] debug: creating udp4 socket xxx.xxx.xxx.xxx 53 [1313843873] unbound[44392:0] error: bind: address already in use [1313843873] unbound[44392:0] fatal error: could not open ports'
I am not entirely sure what is happening here.
-
Unfortunately, not everything is working as I imagine it should.
I've been getting errors about ssl handshakes and was only able to get unbound up and running after enabling forwarding mode and removing the testing v6 dns overrides.php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control load_cache < /var/tmp/unbound_cache' returned exit code '1', the output was '[1313843955] unbound-control[44879:0] debug: address 127.0.0.1 port 953 [1313843955] unbound-control[44879:0] error: connect: Operation timed out' php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control forward ' returned exit code '1', the output was 'error: SSL handshake failed' php: /pkg_edit.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1313843873] unbound[44392:0] debug: creating udp4 socket xxx.xxx.xxx.xxx 53 [1313843873] unbound[44392:0] error: bind: address already in use [1313843873] unbound[44392:0] fatal error: could not open ports'
I am not entirely sure what is happening here.
The ssl handshake problem is related to the first error where Unbound could not connect to the local remote control.
Im investigating… -
ok all fixed - reinstall. Also fixed some other startup errors.
-
Sorry wagonza, but unbound still doesn't fully work for me.
Unbound is reporting the following error over and over again:```
php[2147483647] : The command '/usr/local/sbin/unbound-control forward ' returned exit code '1', the output was '[1314033304] unbound-control[45855:0] debug: address 127.0.0.1 port 953 [1314033304] unbound-control[45855:0] error: connect: Operation timed out'Also, when clicking save in the webconfigurator, everything php-related seems to lock up for a while. Ssh still works. After a while, the webconfigurator starts working again and I see the following line in the syslog:``` kernel: pid 62904 (php), uid 0: exited on signal 11 (core dumped)
Removing the testing v6 redirects helps unbound start again.
-
You did reinstall the package right?
-
To be certain I just reinstalled Unbound again, although I think I did.
When I have v6 overrides in dns forwarder, unbound fails to start without error messages.
It's not a big deal, as the v6 overrides are merely out of curiosity and to drive global v6 traffic a bit higher. -
Hrmm odd if i add a v6 override, for example:
v6 google.com 2800:3f0:XXX:XXX::1014
And restart unbound it is fine.
Do me a favour please, log in via ssh and execute a unbound-checkconf - it should return "unbound-checkconf: no errors in /usr/local/etc/unbound/unbound.conf" -
Unbound gives me a no errors reply, just as you said it should. I'll try and enable my testing v6 forwards one by one to see if there is a specific scenario which causes unbound to stop working. Thanks for your help so far!
-
Unbound gives me a no errors reply, just as you said it should. I'll try and enable my testing v6 forwards one by one to see if there is a specific scenario which causes unbound to stop working. Thanks for your help so far!
Have you managed to test the v6 forwards?
-
Hello Wagonza,
Unbound still gives me errors in the log but works with the forwards.
Adding the forwards one by one and reloading unbound in the ssh-console has helped unbound start properly.Thanks for all your help!
-
Hello Wagonza,
Unbound still gives me errors in the log but works with the forwards.
Adding the forwards one by one and reloading unbound in the ssh-console has helped unbound start properly.Thanks for all your help!
What error did you see in the logs, the same timeout one? Can you do me a favour please and pm me the xml of the unbound section of your config.xml?
Thanks
-
The very same. I will send you the unbound section(s) of my config.xml.
Edit: Sent.
-
Thanks, got it - will go through it a little later and let you know.
-
Problem sorted with host over rides that have empty host values. So just reinstall the package. Otherwise any other problems, please open up a new thread.
-
Having set some v6 forwards yesterday, I can confirm that the new fixes work as expected.
Thanks a lot wagonza! -
wicked! Only v6 ACLs now left…
-
Sweet!! ipv6 ACLs are NEXT ;)
-
Finally committed support for IPv6 acls :P I have also updated the package to latest Unbound version 1.4.13. So give it a couple of hours while the package builder is building the new port.
-
Sweet! Can remove them from my custom options section, which is how I have been adding them now.
See it listed already, installing now
Looks like you forgot a _ in the allow_snoop
php: /unbound_acls.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '/usr/local/etc/unbound/unbound.conf:67: error: unknown keyword 'snoop' /usr/local/etc/unbound/unbound.conf:68: error: unknown keyword 'snoop' /usr/local/etc/unbound/unbound.conf:69: error: unknown keyword 'snoop' /usr/local/etc/unbound/unbound.conf:70: error: unknown keyword 'snoop' read /usr/local/etc/unbound/unbound.conf failed: 4 errors in configuration file [1317328224] unbound[30144:0] fatal error: Could not read config file: /usr/local/etc/unbound/unbound.conf'
So I have an ACL that allows snoop, but in the .conf file its put in as "allow snoop" which killed my unbound now it can not start. Trying to manually edit the ubound.conf now so I can get unbound to start.
-
Cool let me know if you get any problems.