• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Unbound notice: sendto failed: Permission denied

Scheduled Pinned Locked Moved DHCP and DNS
7 Posts 5 Posters 8.2k Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R Offline
    Raffi_
    last edited by Jan 12, 2018, 4:09 PM Jan 12, 2018, 3:38 PM

    I'm running 2.4.2-RELEASE-p1 (amd64)
    I get ton of messages below in my resolver log if I enable Register DHCP leases in the DNS Resolver and Register DHCP static mappings in the DNS Resolver.

    Jan 12 10:22:34 unbound 63108:3 notice: remote address is xxx.xx.xx.xx port 53
    Jan 12 10:22:52 unbound 63108:3 notice: sendto failed: Permission denied

    Name resolution seems to be working fine, although I could swear it's a bit slower now. I'm sure this is nothing to worry about, but I would like to understand what it's about. Also, having these constantly in the log hide actual events I would like to see. Should I just lower the verbosity? Would that make any difference?

    EDIT: I cleared my proxy cache because I was getting a cache related error from squid for a specific site. After that, name resolution completely failed. I unchecked both Register DHCP and static options until that proves to be stable. I had to reboot pfsense because resolver didn't seem to even respond to an attempt at stopping the service, so restarting resolver alone was not an option.

    Thanks,
    Raffi

    1 Reply Last reply Reply Quote 0
    • D Offline
      dragoangel
      last edited by Jan 18, 2018, 11:25 AM

      I have same log entries in logs, but all seems works fine, I can't say clearly about performance because I have Windows DNS that actually give DNS to client and take it from pfSense and have many cache entries.

      Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
      Unifi AP-AC-LR with EAP RADIUS, US-24

      1 Reply Last reply Reply Quote 0
      • A Offline
        albertop
        last edited by Aug 4, 2018, 4:18 PM

        I have the same issue running 2.4.3-RELEASE-p1

        Aug 3 09:17:39 unbound 31135:3 notice: remote address is XXX.XXX.XXX.XXX port 53
        Aug 3 09:17:39 unbound 31135:3 notice: sendto failed: Permission denied

        The IPs in the errors are 216.239.32.10, 216.239.34.10, 216.239.36.10 and 216.239.38.10

        When these errors are shown in the unbound log, my network (which is only pointing to pfsense's IP as DNS) cannot longer resolve google.com (although it can resolve other domain names).

        Only a reboot fixes the issue so far.

        1 Reply Last reply Reply Quote 0
        • D Offline
          Derelict LAYER 8 Netgate
          last edited by Aug 4, 2018, 6:06 PM

          Running snort or suricata? Is it blocking those addresses for some reason?

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          A 1 Reply Last reply Aug 5, 2018, 4:11 AM Reply Quote 0
          • A Offline
            albertop @Derelict
            last edited by Aug 5, 2018, 4:11 AM

            @derelict good point, will check logs next time this happens. I am running Snort.

            1 Reply Last reply Reply Quote 0
            • M Offline
              mrsunfire
              last edited by May 5, 2019, 4:43 PM

              I have that same problem today.

              "notice: sendto failed: Permission denied". Suricata is blocking these adresses because of "ET DNS Query to a *.pw domain - Likely Hostile". But why? What happened?

              Netgate 6100 MAX

              1 Reply Last reply Reply Quote 0
              • D Offline
                Derelict LAYER 8 Netgate
                last edited by May 5, 2019, 5:35 PM

                You'll have to see what suricata complained about and make it not do that. It's likely only doing what it was told to do.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  [[user:consent.lead]]
                  [[user:consent.not_received]]