Unbound package updated to 1.4.13
-
@GLR:
Hello,
I am afraid but on my side : I have an issue : I am not able to get the ACLs (unbound_acls.php) and status (unbound_status.php) pages.
I am redirected back to the standard settings page (pkg_edit.php?xml=unbound.xml&id=0)
So it seems there is a problem with the xml config (?)That generally means Unbound is not running as it checks to see if the process is running and if not it redirects you to that first setup page.
You might have config errors which I would be interested in seeing. So from a shell you can run unbound-checkconf - it should return no errors. -
Yes, now that Unbound is running, the tab are correctly displayed. So it is not so serious…
But anyway, it is not a normal behaviour : How can we set the ACLs before starting it in that case ? -
@GLR:
Yes, now that Unbound is running, the tab are correctly displayed. So it is not so serious…
But anyway, it is not a normal behaviour : How can we set the ACLs before starting it in that case ?ok good to hear. You raise a good point though i'll remove that check for the ACL's tab.
-
It would be great, thanks !
-
Package updated to 1.4.13_02 and ACLs can now be edited before starting Unbound.
-
Confirmed OK for me. Thanks again for the prompt fix !
Btw, I would have some features requests for Unbound.
I am still doing some tunning by hand in the config file…
Is there such a list available somewhere ? -
Nope, no list, but you can PM them when you have the list.
-
I think there is still something that remains not exact in the settings tab :
Network interface
The network interface(s) the Unbound DNS server will query from.This is wrong, this option defines the Unbound config attribute "interface:", so the interface on which Unbound will bind/listen.
And indeed, it generates this entry in the config file :Interface IP(s) to bind to
interface: <ip>> interface:
This interface is listened to for queries from clients, and answers to clients are given from it.
Whereas Unbound config attribute "outgoing-interface:" is not available in the settings pages.
outgoing-interface:
This interface is used to send queries to authoritative servers and receive their replies.And actually I also need this option to direct some queries to an authoritative NS through an IPSec tunnel. :-</ip>
-
Only just updated to 1.4.13_02 but get get this error:
php: /pkg_mgr_install.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1317586911] unbound[7976:0] error: setsockopt(..., SO_RCVBUF, ...) failed: No buffer space available [1317586911] unbound[7976:0] fatal error: could not open ports'
Was I too quick or is it broken?
-
[code][quote] Yeah they do work together, but the list doesn't get updated in Unbound until you re-save on Unbound. Unlike the current DNS Forwarder which has a background process updating it automatically when leases get updated. Unbound, *currently*, has no way of knowing when that list is updated so it wont auto-update. [/quote] Wagonza, The same issue happen. I can replicate this in two pfsense systems. every time I make a static entry or change the hostname of the static entry unbound crashes. : [code] Oct 2 18:36:32 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Oct 2 18:36:32 dhcpd: All rights reserved. Oct 2 18:36:32 dhcpd: Copyright 2004-2011 Internet Systems Consortium. Oct 2 18:36:32 dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1[/code] unbound.log: [code] Oct 2 18:36:31 craken unbound: [19729:0] info: service stopped (unbound 1.4.13). [/code][/code]
-
Only just updated to 1.4.13_02 but get get this error:
php: /pkg_mgr_install.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1317586911] unbound[7976:0] error: setsockopt(..., SO_RCVBUF, ...) failed: No buffer space available [1317586911] unbound[7976:0] fatal error: could not open ports'
Was I too quick or is it broken?
Nope looks like something else is wrong on your system. Network card ok?
-
[code][quote] Yeah they do work together, but the list doesn't get updated in Unbound until you re-save on Unbound. Unlike the current DNS Forwarder which has a background process updating it automatically when leases get updated. Unbound, *currently*, has no way of knowing when that list is updated so it wont auto-update. [/quote] Wagonza, The same issue happen. I can replicate this in two pfsense systems. every time I make a static entry or change the hostname of the static entry unbound crashes. : [code] Oct 2 18:36:32 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Oct 2 18:36:32 dhcpd: All rights reserved. Oct 2 18:36:32 dhcpd: Copyright 2004-2011 Internet Systems Consortium. Oct 2 18:36:32 dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1[/code] unbound.log: [code] Oct 2 18:36:31 craken unbound: [19729:0] info: service stopped (unbound 1.4.13). [/code] ahh - this is a side affect of having to deal with the DHCP Leases bug problem. I'm about to leave for Washington and then back to SA. So will only be able to get to this towards the end of the week.[/code]
-
@GLR:
I think there is still something that remains not exact in the settings tab :
Network interface
The network interface(s) the Unbound DNS server will query from.This is wrong, this option defines the Unbound config attribute "interface:", so the interface on which Unbound will bind/listen.
And indeed, it generates this entry in the config file :Interface IP(s) to bind to
interface: <ip>> interface:
This interface is listened to for queries from clients, and answers to clients are given from it.
Whereas Unbound config attribute "outgoing-interface:" is not available in the settings pages.
outgoing-interface:
This interface is used to send queries to authoritative servers and receive their replies.And actually I also need this option to direct some queries to an authoritative NS through an IPSec tunnel. :-</ip>
Yeah you are correct - i'll update the wording etc and push out a new update. Most likely only towards the end of the week as Im off back home now.
I got your PM btw so will look into those features. -
Only just updated to 1.4.13_02 but get get this error:
php: /pkg_mgr_install.php: The command '/usr/local/sbin/unbound-control start' returned exit code '1', the output was '[1317586911] unbound[7976:0] error: setsockopt(..., SO_RCVBUF, ...) failed: No buffer space available [1317586911] unbound[7976:0] fatal error: could not open ports'
Was I too quick or is it broken?
Nope looks like something else is wrong on your system. Network card ok?
Thnx I Fixed it!
Changed "kern.ipc.maxsockbuf" back to "default" in system tunables.
Funny, I changed it whilst running the previous unbound 1.4.13_01 update and it was and stayed OK. -
[code][quote] Yeah they do work together, but the list doesn't get updated in Unbound until you re-save on Unbound. Unlike the current DNS Forwarder which has a background process updating it automatically when leases get updated. Unbound, *currently*, has no way of knowing when that list is updated so it wont auto-update. [/quote] Wagonza, The same issue happen. I can replicate this in two pfsense systems. every time I make a static entry or change the hostname of the static entry unbound crashes. : [code] Oct 2 18:36:32 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Oct 2 18:36:32 dhcpd: All rights reserved. Oct 2 18:36:32 dhcpd: Copyright 2004-2011 Internet Systems Consortium. Oct 2 18:36:32 dhcpd: Internet Systems Consortium DHCP Server 4.2.1-P1[/code] unbound.log: [code] Oct 2 18:36:31 craken unbound: [19729:0] info: service stopped (unbound 1.4.13). [/code] ahh - this is a side affect of having to deal with the DHCP Leases bug problem. I'm about to leave for Washington and then back to SA. So will only be able to get to this towards the end of the week.[/code]
Wagonza,
No rush I am just reporting :) I am not in a hurry since I dont change hostnames very often. I do create a lot of static entrys but I work around it by adding a cron job.
Thank you for your fast response. -
wagonza,
I am experiencing some issue with unbound. At some point threw out the day unbound fails to resolve a given domain. for example. Yesterday my voip system was unable to resolve houston.voip.ms and I went to see if all my other system could resolve it and they couldn't…. after about 10min I was able to start resolving the address again. This morning is doing the same thing with the domain dslreports.com and dlsr.net. Now I can log in to pfsense via ssh and in the cli I can nslookup dslreports.com and it would resolve just fine as the router uses the opendns servers...
Any ideas why unbound could be doing this?
Edit:
Here is the log:
Edit #2: Discard. I found the issue. Thanks.
Oct 4 08:13:31 unbound: [63534:1] debug: cache memory msg=109664 rrset=431580 infra=12068 val=47188 Oct 4 08:13:31 unbound: [63534:1] info: validator operate: query www.dslreports.com. A IN Oct 4 08:13:31 unbound: [63534:1] debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone Oct 4 08:13:31 unbound: [63534:1] debug: return error response SERVFAIL Oct 4 08:13:31 unbound: [63534:1] debug: out of query targets -- returning SERVFAIL Oct 4 08:13:31 unbound: [63534:1] info: processQueryTargets: www.dslreports.com. A IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query www.dslreports.com. A IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass Oct 4 08:13:31 unbound: [63534:1] info: validator operate: query i.dslr.net. A IN Oct 4 08:13:31 unbound: [63534:1] debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone Oct 4 08:13:31 unbound: [63534:1] debug: return error response SERVFAIL Oct 4 08:13:31 unbound: [63534:1] debug: out of query targets -- returning SERVFAIL Oct 4 08:13:31 unbound: [63534:1] info: processQueryTargets: i.dslr.net. A IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query i.dslr.net. A IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass Oct 4 08:13:31 unbound: [63534:1] info: validator operate: query remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone Oct 4 08:13:31 unbound: [63534:1] info: finishing processing for remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: query response was nodata ANSWER Oct 4 08:13:31 unbound: [63534:1] info: reply from <easydns.com.> 194.0.2.19#53 Oct 4 08:13:31 unbound: [63534:1] info: response for remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_reply Oct 4 08:13:31 unbound: [63534:1] debug: cache memory msg=109664 rrset=431580 infra=12068 val=47188 Oct 4 08:13:31 unbound: [63534:1] info: processQueryTargets: remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query remote2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_pass Oct 4 08:13:31 unbound: [63534:1] info: validator operate: query dns2.easydns.net. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone Oct 4 08:13:31 unbound: [63534:1] info: finishing processing for dns2.easydns.net. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: query response was nodata ANSWER Oct 4 08:13:31 unbound: [63534:1] info: reply from <easydns.net.> 64.68.193.10#53 Oct 4 08:13:31 unbound: [63534:1] info: response for dns2.easydns.net. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query dns2.easydns.net. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_reply Oct 4 08:13:31 unbound: [63534:1] debug: cache memory msg=109648 rrset=431580 infra=12068 val=47188 Oct 4 08:13:31 unbound: [63534:1] info: processQueryTargets: www.dslreports.com. A IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query www.dslreports.com. A IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass Oct 4 08:13:31 unbound: [63534:1] info: processQueryTargets: i.dslr.net. A IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query i.dslr.net. A IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_subquery event:module_event_pass Oct 4 08:13:31 unbound: [63534:1] info: validator operate: query ns2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: validator[module 0] operate: extstate:module_state_initial event:module_event_moddone Oct 4 08:13:31 unbound: [63534:1] info: finishing processing for ns2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: query response was nodata ANSWER Oct 4 08:13:31 unbound: [63534:1] info: reply from <easydns.com.> 64.68.193.10#53 Oct 4 08:13:31 unbound: [63534:1] info: response for ns2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] info: iterator operate: query ns2.easydns.com. AAAA IN Oct 4 08:13:31 unbound: [63534:1] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_reply</easydns.com.></easydns.net.></easydns.com.>
-
BumP. Keeping the thread alive :)
-
Downloading http://files.pfsense.org/packages/amd64/8/All/unbound-1.4.13-i386.pbi … could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/amd64/packages-8.1-release/All/unbound-1.4.13-i386.pbi.
of unbound-1.4.13-i386 failed!When ll be added ???
-
Downloading http://files.pfsense.org/packages/amd64/8/All/unbound-1.4.13-i386.pbi … could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/amd64/packages-8.1-release/All/unbound-1.4.13-i386.pbi.
of unbound-1.4.13-i386 failed!When ll be added ???
what?
unbound is available to download via package manager in pfsense.
-
What about pbi ??? pfsense 2.1 amd64 Here is screenshot
Beginning package installation for Unbound . Downloading package configuration file... done. Saving updated package information... done. Downloading Unbound and its dependencies... Checking for package installation... Downloading http://files.pfsense.org/packages/amd64/8/All/unbound-1.4.13-i386.pbi ... could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/amd64/packages-8.1-release/All/unbound-1.4.13-i386.pbi. of unbound-1.4.13-i386 failed! Installation aborted.Backing up libraries... Removing package... Starting package deletion for unbound-1.4.13-i386...done. Removing Unbound components... Tabs items... done. Menu items... done. Services... done. Loading package instructions... Include file unbound.inc could not be found for inclusion. Deinstall commands... Not executing custom deinstall hook because an include is missing. Removing package instructions...done. Auxiliary files... done. Package XML... done. Configuration... done. Cleaning up... Failed to install package. Installation halted.