2.1-BETA0 -> 2.1-BETA1 unbound won't install
-
I upgraded to the lastest NanoBSD snapshot (Thu Feb 14 16:27:42 EST 2013) to install Unbound. The Unbound package installs fine, but it does not seem to be installing any binaries, so unbound cannot work.
[2.1-BETA1][root@pfsense-alix.local-lan]/root(4): find / | grep unbound_control [2.1-BETA1][root@pfsense-alix.local-lan]/root(5):
Edit: If I get this right, it looks at http://files.pfsense.org/packages/8/All/ for unbound-1.4.19.tbz which is not there. But I don't get any error saying that it can't be found…
-
2.1 doesn't use .tbz packages, it uses .pbi packages.
Either way, the new version is uploaded now (tbz's for 2.0.x and pbi for 2.1)
-
Thanks, now the binaries are there. It still won't work, though. It runs with
unbound -c /usr/pbi/unbound-i386/etc/unbound/unbound.conf
but the actual config seems to reside here
/usr/local/etc/unbound/unbound.conf
That config would not work either, I guess:
# unbound-checkconf /usr/local/etc/unbound/unbound.conf /usr/local/etc/unbound/unbound_server.key: No such file or directory [1360946053] unbound-checkconf[26439:0] fatal error: server-key-file: "/usr/local/etc/unbound/unbound_server.key" does not exist
which is here:
/usr/pbi/unbound-i386/etc/unbound/unbound_server.key
-
Added a note to http://redmine.pfsense.org/issues/2817 for that. Will need fixes/changes to account for that by the maintainer.
-
Is the Unbound package fixed now so we can go in and try and install on 2.1 PfSense 64?
-
I haven't seen any commits to it, and the ticket hasn't been updated, so I'd say probably not.
-
It says 100% done.
Does this mean Unbound on 2.1 is fixed?
-
That was referring to moving it to a package (out of the GUI)
The package part still needs fixed. The maintainer knows, he'll get to it when he has time.
-
We have been using unbound for Quite some time. (pretty much the day
unbound support started to appear on pfsense)all of our production pfsense boxes with Beta1 (and beta0) on them work fine PROVIDED
your willing to use google and unbounds website to figure out the errors and
how to fix them UNTIL the maintainer can fix it.been doing it for quite some time now and know my way around unbound and pfsense.
(FreeBSD runs all of our Production Servers)i do the mods in the lab first and do my testing before rolling out changes to ALL of our
pfsense boxes and thats after 30 days of testing hard in the lab. -
Do you actually fix the unbound source code, or do you just move files around so that unbound can actually find them?
-
SunCatalyst
Can you share the instructions on how to fix Unbound to work on pfSense 2.1 Beta 64?
Is there a patched package you can upload somewhere?
-
i dont have any packages to share to fix things NOR would i want to step on the maintainers Toes. (wagonza)
im sure he will get to it Soon.things like the key missing or a file missing , you have to be able to poke around to see what the
fix is. sometimes its as simple as symbolic linking a file thats in the wrong place to the correct place
or grabbing unbound from FreeBSD's server itself and pull it apart to find the files you need.ive spent Numerous hours reading and figuring out unbound.
Good Luck.
-
On a i386 system the following seems to get unbound working after the package install:
At the console:
ln -s /usr/pbi/unbound-i386/etc/unbound/unbound.conf /usr/local/etc/unbound/unbound.conf
ln -s /usr/pbi/unbound-i386/etc/unbound/unbound_server.key /usr/local/etc/unbound/unbound_server.key
ln -s /usr/pbi/unbound-i386/etc/unbound/unbound_server.pem /usr/local/etc/unbound/unbound_server.pem
ln -s /usr/pbi/unbound-i386/etc/unbound/unbound_control.key /usr/local/etc/unbound/unbound_control.key
ln -s /usr/pbi/unbound-i386/etc/unbound/unbound_control.pem /usr/local/etc/unbound/unbound_control.pem
Something similar should do for the x64 version. -
Hi guys,
I got unbound installed and it works great…...for about an hour.
This is the same thing it was doing the last time I tried it about a year ago.
-Will
-
Hi guys,
I got unbound installed and it works great…...for about an hour.
This is the same thing it was doing the last time I tried it about a year ago.
-Will
Could you be anymore vague about so that we couldn't help you at all?
But anyways, I'm running Unbound just fine on the 18.3 snapshot, x64 etc. Of course had to do the links by hand but otherwise works as it should.
-
Hi n1ko,
I'd be less vague if I could. About all I can tell you is that unbound seems to work just great for about an hour and then all my DNS resolution stops working. Disable unbound, re-enable the dns forwarder & I'm back in business.
I would expect that it's related to this:
http://forum.pfsense.org/index.php/topic,43044.msg234009.html#msg234009
as this is the exact same behavior I saw in January 2012.
-Will
-
Unbound package seems to be broken for the past couple months.
Is it abandoned by the developer?
Should it be deleted from the 2.1 pfSense Packages?
-
It's not abandoned, he's just been very busy lately.
-
Is there any real expectation that the unbound package will ever work in 2.1? This has been an open concern for about two months now.
-
In last week i installed unbound here and to work i copy the certs to /usr/local/etc folder (like jcyr posted) and installed the .tbz package (make package-recursive in freebsd 8.3). First installed by package manager in pfsense, secound install the .tbz. This is wrong way to do, but, it's working by 5 days now until the final solution (the pbi corrected with the new binaries).
Best Regards.
-
It will be fixed properly eventually. Either when the package maintainer gets time (he's really busy with work), or when someone else that's capable of fixing it steps up and submits some fixes for it.
-
Does unbound install and work correctly in 2.0.1? I'll gladly forgo IPV6 functionality for a working secure DNS.
-
jimp, have some howto to use the pbi build system just for pfsense ?.
I can update the package always.Best Regards.
-
The PBIs are fine, it's the package code that needs updated. Several other packages needed similar modifications (e.g. squid, snort, zabbix, nut, nrpe, avahi, bandwidthd, etc) it shouldn't be too hard to follow their lead in how things are fixed.
-
I did some adjustments on the package to have it working fine on 2.1. Please test and let me know if you find issues on it.
-
Sure… where is it?
-
-
System->Packages->Available Packages->Unbound says 1.4.20
but install script and unbound logs say 1.4.19!!!
Here's the uninstall output:
Backing up libraries…
Removing package...
Starting package deletion for unbound-1.4.19-i386...done.
Removing Unbound components...
Tabs items... done.
Menu items... done.
Services... done.
Loading package instructions...
Deinstall commands... done.
Removing package instructions...done.
Auxiliary files... done.
Package XML... done.
Configuration... done.
Cleaning up... done.Package deleted.
-
On my NanoBSD test system (ALIX), the configuration in /usr/pbi/unbound-i386/etc/unbound/unbound.conf only gets updated when I reinstall the package. Changing the interfaces to listen on and pressing "Save" has no effect on my system, the config does not change. I have updated the ticket.
-
System->Packages->Available Packages->Unbound says 1.4.20
but install script and unbound logs say 1.4.19!!!
pfSense package version is 1.4.20, PBI version is 1.4.19. You have the latest version, you can go ahead with tests.
-
On my NanoBSD test system (ALIX), the configuration in /usr/pbi/unbound-i386/etc/unbound/unbound.conf only gets updated when I reinstall the package. Changing the interfaces to listen on and pressing "Save" has no effect on my system, the config does not change. I have updated the ticket.
Please update to 1.4.20_1 and try again
-
Binaries are 1.4.20 now also. I bumped it to 1.4.20_2
-
Hangs during install since the 1.4.20_2 update:
Beginning package installation for Unbound…
Downloading package configuration file... done.
Saving updated package information... done.
Downloading Unbound and its dependencies...
Checking for package installation... Loading package configuration... done.
Configuring package components...
Additional files... done.
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...Installs the service but not the GUI components
-
Hi guys,
Is there any indication that the problems in this post:
http://forum.pfsense.org/index.php/topic,43044.msg234009.html#msg234009
have been corrected?
I've been dying to use unbound with pfsense for going on a year but each time I've given it a shot it runs great for about an hour then all my dhcp leases drop & everything that uses dhcp goes off-line. I can quickly recover by disabling unbound and turning the dns forwarder back on.
-Will
-
Installs the service but not the GUI components
Same here, the GUI components won't show up anymore, reinstalling XML does not help.
-
Installs the service but not the GUI components
Same here, the GUI components won't show up anymore, reinstalling XML does not help.
I'll third it.
I did a ground up install of 2.0.3 x86 yesterday and unbound is working.
I did an upgrade from 2.0.2 x86 to 2.0.3 x86 today and am having the same issue mentioned just above.Poking around to see if I can come across a solution.
-
It was caused by a typo, 1.4.20_3 fixes the issue.
-
Thank you Renato and jimp, that looks really good now!
Edit: there still seems to be a problem writing this (on NanoBSD) at some point:
unbound: [78569:0] error: could not open autotrust file for writing, /usr/pbi/unbound-i386/etc/unbound/root-trust-anchor.78569-0: Read-only file system
But the file /usr/pbi/unbound-i386/etc/unbound/root-trust-anchor is there, seems valid and unbound runs anyway. I'll keep an eye on this. I have put it "in production" on my home gateway now.
-
2.1-Beta1(amd64).
Standard Package Install installed Unbound 1.4.20_3, both service and UI, fine. Functioning without issues for a couple of hours.
Thanks Renato and all others involved. Brilliant package - worth waiting for.
-
Something is not quite right yet. It restarts every hour on my system (NanoBSD), at exactly the same time.
Apr 28 14:16:50 unbound: [61715:0] notice: Restart of unbound 1.4.20. Apr 28 14:16:50 unbound: [61715:0] notice: init module 0: validator Apr 28 14:16:50 unbound: [61715:0] notice: init module 1: iterator Apr 28 14:16:50 unbound: [61715:0] info: start of service (unbound 1.4.20). Apr 28 15:16:50 unbound: [61715:0] info: service stopped (unbound 1.4.20). Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 0: 1096 queries, 874 answers from cache, 222 recursions, 23 prefetch Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 0: requestlist max 13 avg 1.2898 exceeded 0 jostled 0 Apr 28 15:16:50 unbound: [61715:0] info: average recursion processing time 0.159908 sec Apr 28 15:16:50 unbound: [61715:0] info: histogram of recursion processing times Apr 28 15:16:50 unbound: [61715:0] info: [25%]=0.0201766 median[50%]=0.0504123 [75%]=0.237086 Apr 28 15:16:50 unbound: [61715:0] info: lower(secs) upper(secs) recursions Apr 28 15:16:50 unbound: [61715:0] info: 0.000000 0.000001 25 Apr 28 15:16:50 unbound: [61715:0] info: 0.002048 0.004096 1 Apr 28 15:16:50 unbound: [61715:0] info: 0.008192 0.016384 17 Apr 28 15:16:50 unbound: [61715:0] info: 0.016384 0.032768 54 Apr 28 15:16:50 unbound: [61715:0] info: 0.032768 0.065536 26 Apr 28 15:16:50 unbound: [61715:0] info: 0.065536 0.131072 16 Apr 28 15:16:50 unbound: [61715:0] info: 0.131072 0.262144 34 Apr 28 15:16:50 unbound: [61715:0] info: 0.262144 0.524288 34 Apr 28 15:16:50 unbound: [61715:0] info: 0.524288 1.000000 13 Apr 28 15:16:50 unbound: [61715:0] info: 1.000000 2.000000 2 Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 1: 599 queries, 465 answers from cache, 134 recursions, 20 prefetch Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 1: requestlist max 19 avg 1.32468 exceeded 0 jostled 0 Apr 28 15:16:50 unbound: [61715:0] info: average recursion processing time 0.113623 sec Apr 28 15:16:50 unbound: [61715:0] info: histogram of recursion processing times Apr 28 15:16:50 unbound: [61715:0] info: [25%]=0.0207076 median[50%]=0.0431942 [75%]=0.199339 Apr 28 15:16:50 unbound: [61715:0] info: lower(secs) upper(secs) recursions Apr 28 15:16:50 unbound: [61715:0] info: 0.000000 0.000001 15 Apr 28 15:16:50 unbound: [61715:0] info: 0.001024 0.002048 1 Apr 28 15:16:50 unbound: [61715:0] info: 0.008192 0.016384 8 Apr 28 15:16:50 unbound: [61715:0] info: 0.016384 0.032768 36 Apr 28 15:16:50 unbound: [61715:0] info: 0.032768 0.065536 22 Apr 28 15:16:50 unbound: [61715:0] info: 0.065536 0.131072 6 Apr 28 15:16:50 unbound: [61715:0] info: 0.131072 0.262144 24 Apr 28 15:16:50 unbound: [61715:0] info: 0.262144 0.524288 21 Apr 28 15:16:50 unbound: [61715:0] info: 1.000000 2.000000 1 Apr 28 15:16:50 unbound: [61715:0] notice: Restart of unbound 1.4.20. Apr 28 15:16:50 unbound: [61715:0] notice: init module 0: validator Apr 28 15:16:50 unbound: [61715:0] notice: init module 1: iterator Apr 28 15:16:50 unbound: [61715:0] info: start of service (unbound 1.4.20). Apr 28 15:16:50 unbound: [61715:0] info: service stopped (unbound 1.4.20). Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 0: 1 queries, 1 answers from cache, 0 recursions, 0 prefetch Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0 Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 1: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch Apr 28 15:16:50 unbound: [61715:0] info: server stats for thread 1: requestlist max 0 avg 0 exceeded 0 jostled 0 Apr 28 15:16:50 unbound: [61715:0] notice: Restart of unbound 1.4.20. Apr 28 15:16:50 unbound: [61715:0] notice: init module 0: validator Apr 28 15:16:50 unbound: [61715:0] notice: init module 1: iterator Apr 28 15:16:50 unbound: [61715:0] info: start of service (unbound 1.4.20).
Maybe this is linked to DHCP somehow?
Apr 28 15:16:50 dhcpd: Wrote 0 deleted host decls to leases file. Apr 28 15:16:50 dhcpd: Wrote 0 new dynamic host decls to leases file. Apr 28 15:16:50 dhcpd: Wrote 14 leases to leases file.
I don't know why dhcpd does this, it's not configured to backup it's leases and I don't see any cronjob that maybe related.
There are quite a few monitor instances running, too:
ps auxwww | grep unb root 5605 0.0 0.1 3644 1520 ?? SN 10:47AM 0:08.85 /bin/sh /usr/local/etc/rc.d/unbound_monitor.sh start root 59518 0.0 0.1 3644 1348 ?? SN 10:32AM 0:09.01 /bin/sh /usr/local/etc/rc.d/unbound_monitor.sh start unbound 61715 0.0 1.0 31352 19644 ?? Is 11:10AM 0:10.83 unbound -c /usr/pbi/unbound-i386/etc/unbound/unbound.conf root 70174 0.0 0.1 3644 1520 ?? SN 10:45AM 0:09.04 /bin/sh /usr/local/etc/rc.d/unbound_monitor.sh start root 72082 0.0 0.1 3644 1364 ?? SN 10:33AM 0:09.75 /bin/sh /usr/local/etc/rc.d/unbound_monitor.sh start root 59935 0.0 0.1 3644 1364 u0- S 10:33AM 0:09.09 /bin/sh /usr/local/etc/rc.d/unbound_monitor.sh start
Also odd, that the running unbound process has a start time of 11:10AM, shouldn't that be 3:16PM if it really restarted?
Any hints for me?