Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [solved] unbound: SSL errors in the log file

    DHCP and DNS
    2
    5
    1928
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pdwalker
      last edited by

      I've started getting errors like this in the unbound log file every 5 seconds.

      Jul 5 17:19:39	unbound	7095:0	error: remote control failed ssl crypto error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Jul 5 17:19:39	unbound	7095:0	notice: failed connection from 127.0.0.1 port 55918

      Does anyone have a clue as to why this may be happening, or how to debug it?  So far, I've not been able to find anything useful via google, nor anything obvious in the unbound configuration settings.

      Any advice would be greatly appreciated.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • P
        pdwalker
        last edited by

        Further investigation seems to show a problem with the unbound-control setup.

        I ran unbound-control-setup and reboot the box and the errors have gone away.

        I'm not sure if this actually solves the problem correctly, but it'll do for now.

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan
          last edited by

          @pdwalker:

          Jul 5 17:19:39	unbound	7095:0	notice: failed connection from 127.0.0.1 port 55918

          127.0.0.1, thus unbound running on pfSense is connecting to itself on 127.0.0.1
          It should be unbound …..

          I checked mine :

          [2.3.4-RELEASE][admin@pfsense.brit-hotel-fumel.net]/root: sockstat -4l | grep '53'
root     nginx      2534  6  tcp4   *:8002                *:*
avahi    avahi-daem 39464 14 udp4   *:5353                *:*
unbound  unbound    50878 6  udp4   *:53                  *:*
unbound  unbound    50878 7  tcp4   *:53                  *:*
unbound  unbound    50878 8  tcp4   127.0.0.1:953         *:*

          You saw the '953' port ? I bet that is the "SSL channel" where unbound is listing on.
          Something is wrong, so :
          @pdwalker:

          Jul 5 17:19:39	unbound	7095:0	error: remote control failed ssl crypto error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

          I advice you to restart unbound and do what you always should do when something doesn't work : check the logs …
          Most probably another instance is already running (not normal) or some other service.

          No "help me" PM's please. Use the forum, thanks.

          1 Reply Last reply Reply Quote 0
          • P
            pdwalker
            last edited by

            Thanks,

            That seems to be what the problem was.

            1 Reply Last reply Reply Quote 0
            • P
              pdwalker
              last edited by

              Update: bind was causing the problem.  I had installed the bind package, and somehow bind was running even though I didn't turn on the service,.

              Solution: uninstall bind.

              Not sure why bind was running.  I didn't have the time to debug that problem, so the uninstallation worked and everything is fine now.

              Thanks for the pointers.

              1 Reply Last reply Reply Quote 1
              • First post
                Last post