Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.4.3 upgrade causes unbound to constantly restart

    Installation and Upgrades
    4
    8
    599
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      ghulands last edited by

      Hi,
      After upgrading to 2.4.3 over the weekend, unbound would go into an endless loop of restarting itself every 10-15 seconds with no useful debugging info to know what was causing it. I tried mitigating with suggestions in other threads to do with the same topic. I switched to dnsmasq for the moment, but due to having some stub zones configured, I really need to get unbound working again.

      Has anyone else seen this behavior with 2.4.3? Anything to look for in the logs to nail down the issue?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • X
        xbipin last edited by

        im having similar issues with unbound, pfsense stops responding the DNS queries in forwarding mode unless i restart the service

        1 Reply Last reply Reply Quote 0
        • Gertjan
          Gertjan last edited by

          Hi,
          @ghulands:

          After upgrading to 2.4.3 over the weekend, unbound would go into an endless loop of restarting itself every 10-15 seconds with no useful debugging info to know what was causing it. I tried mitigating with suggestions in other threads to do with the same topic. I switched to dnsmasq for the moment, but due to having some stub zones configured, I really need to get unbound working again.

          Has anyone else seen this behavior with 2.4.3? Anything to look for in the logs to nail down the issue?

          Mine didn't restart since I upgraded yesterday.
          I have 35 devices on my LAN, all with static DHCP leases. Env 25 users on my captive portal (interface OPT1).

          My Resolver setup is : as default.
          Btw : test that way : restet to default, and pretty sure tour Resolver doesn't restart anymore, making your setting the 'issue'.

          You could set Services => DNS Resolver => Advanced Settings => Log Level to a higher value.

          1 Reply Last reply Reply Quote 0
          • K
            kpa last edited by

            Do you have an OpenVPN server with a tun type device? For me the system kept detecting an IP address change on the OpenVPN interface like every 20 seconds and restarting unbound until I deleted all OpenVPN related gateways, disabled/re-enabled the OpenVPN interface and then restarted the OpenVPN service.

            Why the system treats the OpenVPN server interface as a WAN type interface with a gateway is a mystery though, it really shouldn't do that.

            1 Reply Last reply Reply Quote 0
            • G
              ghulands last edited by

              @Gertjan:

              Btw : test that way : restet to default, and pretty sure tour Resolver doesn't restart anymore, making your setting the 'issue'.

              It was working fine in 2.4.2 and then upgrading to 2.4.3 it started restarting every 10-15 seconds. The issue is actually a lack of test coverage.

              1 Reply Last reply Reply Quote 0
              • G
                ghulands last edited by

                @kpa:

                Do you have an OpenVPN server with a tun type device? For me the system kept detecting an IP address change on the OpenVPN interface like every 20 seconds and restarting unbound until I deleted all OpenVPN related gateways, disabled/re-enabled the OpenVPN interface and then restarted the OpenVPN service.

                Why the system treats the OpenVPN server interface as a WAN type interface with a gateway is a mystery though, it really shouldn't do that.

                This looks to be the issue. I didn't need to delete any gateways, just had to disable the openvpn server profile, then re-enable it and it seems to be working fine now. Thanks so much for the tip.

                How did you recognize the ip was changing?

                1 Reply Last reply Reply Quote 0
                • G
                  ghulands last edited by

                  Also on the topic of OpenVPN, have you also seen an issue where if a client goes down, it can't come back up due to it not cleaning up properly?

                  Time Process PID Message
                  Apr 10 09:19:04 openvpn 46730 Exiting due to fatal error
                  Apr 10 09:19:04 openvpn 46730 FreeBSD ifconfig failed: external program exited with error status: 1
                  Apr 10 09:19:04 openvpn 46730 /sbin/ifconfig ovpnc2 10.8.0.37 10.8.0.1 mtu 1500 netmask 255.255.0.0 up
                  Apr 10 09:19:04 openvpn 46730 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
                  Apr 10 09:19:04 openvpn 46730 TUN/TAP device /dev/tun2 opened
                  Apr 10 09:19:04 openvpn 46730 TUN/TAP device ovpnc2 exists previously, keep at program end

                  If I run the ifconfig command I get

                  ifconfig: ioctl (SIOCAIFADDR): File exists

                  The only way I can get my vpn client to reconnect is to reboot the router  :-(

                  1 Reply Last reply Reply Quote 0
                  • Gertjan
                    Gertjan last edited by

                    @ghulands:

                    This looks to be the issue.

                    Strange.
                    Your first post doesn't mention any openvpn usage.
                    More strange : using openvpn myself - and the resolver, I didn't saw any issues.

                    But : after an update, when all is ok, I always reboot the system my self to see if it comes up fine by itself. So, if there was an issue, I never saw it.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense Plus
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy