• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Trying to disable DNS Resolver, getting an error

Scheduled Pinned Locked Moved DHCP and DNS
3 Posts 3 Posters 1.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Y
    yi2020
    last edited by Mar 29, 2017, 8:17 AM

    The following input errors were detected:
    The generated config file cannot be parsed by unbound. Please correct the following errors:
    [1490775268] unbound-checkconf[6096:0] error: Could not open /var/unbound/test/unbound.conf: No such file or directory

    The test folder doesn't exist there. I tried to create it and save again, then got this error:
    The following input errors were detected:
    The generated config file cannot be parsed by unbound. Please correct the following errors:
    /var/unbound/test/root.key: No such file or directory
    [1490775417] unbound-checkconf[90759:0] fatal error: auto-trust-anchor-file: "/var/unbound/test/root.key" does not exist in chrootdir /var/unbound

    1 Reply Last reply Reply Quote 0
    • S
      sporkme
      last edited by Aug 16, 2017, 3:21 PM

      I know this is old, but it's the most recent topic on this I'm finding.

      I have the exact same error, and I'm not finding any obvious fixes.  I'm on 2.3.4.

      I run the resolver instead of the forwarder so I can have DNSSEC (very nice if you use ssh's sshfp record stuff).

      I also find that when DNS is screwed, the web UI is basically not usable.  How does one work around that?

      1 Reply Last reply Reply Quote 0
      • G
        Gertjan
        last edited by Aug 17, 2017, 5:52 AM

        @sporkme:

        I know this is old, but it's the most recent topic on this I'm finding.
        I have the exact same error, and I'm not finding any obvious fixes.  I'm on 2.3.4.

        Strange.
        What hardware ?
        pfSense will not create a sub directory called /test in /var/unbound.
        I'm using the resolver also on a classic PC configuration, using a normal hard disk, and the config files are present in /var/unbound :
        There is one sub directory called, called /conf.d :

        [2.3.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/var/unbound: ls -al
        total 64
        drwxr-xr-x   3 unbound  unbound   512 Aug 14 07:20 .
        drwxr-xr-x  32 root     wheel     512 Jul 14 21:58 ..
        -rw-r--r--   1 root     unbound   302 Aug 14 07:20 access_lists.conf
        drwxr-xr-x   2 unbound  unbound   512 Jul 14 21:58 conf.d
        -rw-r--r--   1 root     unbound  1676 Aug 14 07:20 dhcpleases_entries.conf
        -rw-r--r--   1 root     unbound  3578 Nov 25  2015 dnsbl_cert.pem
        -rw-r--r--   1 root     unbound     0 Aug 14 07:20 domainoverrides.conf
        -rw-r--r--   1 root     unbound  5590 Aug 14 07:20 host_entries.conf
        -rw-r--r--   1 root     unbound     0 Jun  7  2016 pfb_dnsbl.conf
        -rw-r--r--   1 root     unbound  1216 May 30  2016 pfb_dnsbl_lighty.conf
        -rw-r--r--   1 root     unbound   300 Jan 29  2015 remotecontrol.conf
        -rw-r--r--   1 unbound  unbound  1252 Aug 14 07:20 root.key
        -rw-r--r--   1 root     unbound  1660 Aug 14 07:20 unbound.conf
        -rw-r-----   1 unbound  unbound  1277 Jan 29  2015 unbound_control.key
        -rw-r-----   1 unbound  unbound   802 Jan 29  2015 unbound_control.pem
        -rw-r-----   1 unbound  unbound  1277 Jan 29  2015 unbound_server.key
        -rw-r-----   1 unbound  unbound   790 Jan 29  2015 unbound_server.pem
        
        

        If the file system is not writable, start checking for disk error (full, damaged, etc).

        I run the resolver instead of the forwarder so I can have DNSSEC (very nice if you use ssh's sshfp record stuff).

        @sporkme:

        I also find that when DNS is screwed, the web UI is basically not usable.  How does one work around that?

        If unbound can't write to disk, well, the GUI will complain or worse, die. Your entire pfSense will be crippled at best, blow up at worst.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          [[user:consent.lead]]
          [[user:consent.not_received]]