Unbound dies every few days or couple of weeks



  • I'm having a strange issue where unbound seems to lose it's grip every few days (although this could extend to 2-3 weeks) - I'll get a bunch of these in the logs:

    notice: sendto failed: No buffer space available
    

    All internet traffic grinds to a halt because of the lack of DNS however if I log into pfsense and restart unbound manually, normal service resumes.

    I've looked up the documentation and help on this and it says to check the NIC / cables etc however the NIC is virtio (this is pfsense virtualised in macOS Sierra, the host doesn't deal with anything but pfSense and the unifi control centre). It used to be Intel E1000 compatibility but this made no difference.

    Are there any config switches within pfsense I should be looking into or are there any other ideas?



  • Do you have installed and enabled pfblocker by any chance ?

    I had this problem for the first time today and I tracked few topics with similar problem:
    https://forum.pfsense.org/index.php?topic=118226.15
    https://forum.pfsense.org/index.php?topic=131242

    I suspect lose of wan triggered this problem for me, I will keep a look and save the logs.



  • Yes I do…. The resolver works.. apart from when it just stops suddenly.. I've installed the watchdog and I will see if that helps things (I suspect not though as the resolver is still 'up', it just stops performing its job)



  • I'm still having this issue. For added diagnosis, I'm virtualising in esxi  Vmxnet3 adapter. Also using dual VPNs for outbound traffic…



  • me too, and looks this time not related to wan lose connectivity.

    p.s.
    I added Service Watchdog to restart the services … so it is a "quick fix".

    Jul 6 13:38:01 dhcpleases kqueue error: unkown
    Jul 6 13:38:01 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process.
    Jul 6 13:38:01 dhcpleases /var/etc/hosts changed size from original!
    Jul 6 13:38:00 php-cgi servicewatchdog_cron.php: Service Watchdog detected service unbound stopped. Restarting unbound (DNS Resolver)
    Jul 6 13:37:06 dhcpleases kqueue error: unkown
    Jul 6 13:37:06 php-cgi servicewatchdog_cron.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1499341026] unbound[7958:0] error: bind: address already in use [1499341026] unbound[7958:0] fatal error: could not open ports'
    Jul 6 13:37:06 dhcpleases /var/etc/hosts changed size from original!
    Jul 6 13:37:05 php-cgi servicewatchdog_cron.php: Message sent to yyyyyyyyyy OK
    Jul 6 13:37:00 dhcpleases kqueue error: unkown
    Jul 6 13:37:00 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process.
    Jul 6 13:37:00 dhcpleases /var/etc/hosts changed size from original!
    Jul 6 13:37:00 php-cgi servicewatchdog_cron.php: Service Watchdog detected service unbound stopped. Restarting unbound (DNS Resolver)
    Jul 6 13:36:59 check_reload_status Syncing firewall
    Jul 6 13:34:42 dhcpleases kqueue error: unkown
    Jul 6 13:34:42 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process.
    Jul 6 13:34:42 dhcpleases /var/etc/hosts changed size from original!
    Jul 6 13:34:39 check_reload_status Syncing firewall
    Jul 6 13:34:07 dhcpleases kqueue error: unkown
    Jul 6 13:34:06 dhcpleases Could not deliver signal HUP to process because its pidfile (/var/run/unbound.pid) does not exist, No such process.
    Jul 6 13:34:06 dhcpleases /var/etc/hosts changed size from original!
    Jul 6 13:34:05 check_reload_status Syncing firewall



  • I've got service watchdog installed which doesn't seem to help as unbound isn't recognised as being 'down' despite it not working.. mine isn't related to WAN connectivity but could be related to VPN connectivity…



  • I had a similar problem when I was running 2.3.3, upgraded to 2.3.4, seems to have fixed the issue so far.  There are some entries in the release notes about DNS Resolver, but nothing specific to this.  Also installed service watchdog just in case.