• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[solved] unbound: SSL errors in the log file

Scheduled Pinned Locked Moved DHCP and DNS
5 Posts 2 Posters 2.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pdwalker
    last edited by Jul 6, 2017, 6:20 AM Jul 5, 2017, 9:25 AM

    I've started getting errors like this in the unbound log file every 5 seconds.

    Jul 5 17:19:39	unbound	7095:0	error: remote control failed ssl crypto error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
    Jul 5 17:19:39	unbound	7095:0	notice: failed connection from 127.0.0.1 port 55918
    

    Does anyone have a clue as to why this may be happening, or how to debug it?  So far, I've not been able to find anything useful via google, nor anything obvious in the unbound configuration settings.

    Any advice would be greatly appreciated.

    Thanks.

    1 Reply Last reply Reply Quote 0
    • P
      pdwalker
      last edited by Jul 5, 2017, 10:10 AM

      Further investigation seems to show a problem with the unbound-control setup.

      I ran unbound-control-setup and reboot the box and the errors have gone away.

      I'm not sure if this actually solves the problem correctly, but it'll do for now.

      1 Reply Last reply Reply Quote 0
      • G
        Gertjan
        last edited by Jul 5, 2017, 10:28 AM

        @pdwalker:

        Jul 5 17:19:39	unbound	7095:0	notice: failed connection from 127.0.0.1 port 55918
        

        127.0.0.1, thus unbound running on pfSense is connecting to itself on 127.0.0.1
        It should be unbound …..

        I checked mine :

        [2.3.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: sockstat -4l | grep '53'
        root     nginx      2534  6  tcp4   *:8002                *:*
        avahi    avahi-daem 39464 14 udp4   *:5353                *:*
        unbound  unbound    50878 6  udp4   *:53                  *:*
        unbound  unbound    50878 7  tcp4   *:53                  *:*
        unbound  unbound    50878 8  tcp4   127.0.0.1:953         *:*
        

        You saw the '953' port ? I bet that is the "SSL channel" where unbound is listing on.
        Something is wrong, so :
        @pdwalker:

        Jul 5 17:19:39	unbound	7095:0	error: remote control failed ssl crypto error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
        

        I advice you to restart unbound and do what you always should do when something doesn't work : check the logs …
        Most probably another instance is already running (not normal) or some other service.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • P
          pdwalker
          last edited by Jul 6, 2017, 6:20 AM

          Thanks,

          That seems to be what the problem was.

          1 Reply Last reply Reply Quote 0
          • P
            pdwalker
            last edited by Jul 11, 2017, 6:49 AM

            Update: bind was causing the problem.  I had installed the bind package, and somehow bind was running even though I didn't turn on the service,.

            Solution: uninstall bind.

            Not sure why bind was running.  I didn't have the time to debug that problem, so the uninstallation worked and everything is fine now.

            Thanks for the pointers.

            1 Reply Last reply Reply Quote 1
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received