2.4.5_1 problem

jefftse

After I updated to 2.4.5_1 from 2.4.5. dns resolver is not longer working and I can't even start it. what gives?

Gertjan

@jefftse said in 2.4.5_1 problem:

what gives?

It's two clicks away : The resolver log, from unbound itself, already told you.
Status > System Logs > System > DNS Resolver

jefftse

couldn't have anything form DNS Resolver log but I did find this from General log. I don't use port 953.

/status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1593532954] unbound[13009:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1593532954] unbound[13009:0] error: cannot open control interface 127.0.0.1 953 [1593532954] unbound[13009:0] fatal error: could not open ports'

Gertjan

You'll be needing the Diagnostics > Command Prompt at least.
I strongly advise you to use the console (even better : SSH) access - option 8.
( the Diagnostics > Command Prompt is a real shoot-in-the-foot thing)

First command :

ps ax | grep 'unbound'

You'll be looking for line that list :

... /usr/local/sbin/unbound  ...

Just before that, you have the process number, like :

69867  -  Ss      16:43.96 /usr/local/sbin/unbound -c /var/unbound/unbound.conf

In my case, it's 69867.

You have to kill that process.
Like this

kill 69867

Repeat the

ps ax | grep 'unbound'

step until there are no more "/usr/local/sbin/unbound -c /var/unbound/unbound.conf" lines.

When one, you can launch the Resolver in the GUI.

( and test it's running with the "ps ax | grep 'unbound'" command )

jefftse

ok,

I will have to do it later since I'm not there physically.

i did run ps ax | grep 'unbound' undess disgnostics/command prompt

I got the followings:

58878 - S 0:00.00 sh -c ps ax | grep 'unbound' 2>&1
59383 - S 0:00.00 grep unbound

then I ran it again. the numbers kept changing.

Gertjan

Then some other process is using your port 953.

Run this one :

sockstat -4 -l

to see who it is.

jefftse

bind named 36049 38 tcp4 127.0.0.1:953 :

jefftse

@Gertjan

bind named 36049 38 tcp4 127.0.0.1:953 :

Gertjan

Ok.

Your nearly there.
Contact the admin of your pfSense. Ask him why he installed bind - and why he didn't terminate the setup.
Explain him it's impossible to have tow web servers on the same server or two mail servers or two DNS caches/resolvers/forwarders that listen to the same ports : 953 in this case.
Let him make up his choice, an relocate port 953 of the two process : unbound or bind.
Port 953 is the 'control' port. Fr bind, it's the rndc program that use this port to control the bind while it's running.