2.4.4_1: unbound frequently stops answering domain overrides
-
Unbound was updated to 1.8.1 and has a bug where its single threaded. Enter this in custom options under Services | DNS Resolver
server:
so-reuseport: noSee this thread for the details:
https://forum.netgate.com/topic/138274/unbound-1-8-1-only-single-thread-processing-dns-requests/5 -
@lnguyen
Thanks. Added that and keeping fingers crossed :-) -
@matsan I had to restart the DNS Resolver service again so that workaround may not be related to this bug.
-
@matsan I disabled DNSSEC and that seems to be a workaround but compromises DNS security.
-
@lnguyen said in 2.4.4_1: unbound frequently stops answering domain overrides:
@matsan I disabled DNSSEC and that seems to be a workaround but compromises DNS security.
Will try that as well. Restarted once this morning already...
-
@matsan Did disabling DNSSEC work for you?
-
@lnguyen
So far so good. -
@lnguyen I am not the original person that started this thread but I had a problem that seems the same. I always had the problem where my Domain Override in DNS Resolver would stop working. With 2.4.3 and older it would happen not very often. With 2.4.4-RELEASE-p2 it happens relatively often. If I simply save/apply settings on the DNS Resolver page (may work for other pages...not sure) it then works for a while. I don't need to change anything. There is nothing in the logs that I can see.
I disabled DNSSEC and that seems to have kept things working. I will also try the method referenced where unbound threading config is changed.
-
-
I did notice that only forward zone domain overrides failed with DNSSEC enabled. Reverse zone donain overrides work perfectly fine whether DNSSEC is disabled or enabled.