2.4.3 upgrade causes unbound to constantly restart

ghulands

Hi,
After upgrading to 2.4.3 over the weekend, unbound would go into an endless loop of restarting itself every 10-15 seconds with no useful debugging info to know what was causing it. I tried mitigating with suggestions in other threads to do with the same topic. I switched to dnsmasq for the moment, but due to having some stub zones configured, I really need to get unbound working again.

Has anyone else seen this behavior with 2.4.3? Anything to look for in the logs to nail down the issue?

Thanks!

xbipin

im having similar issues with unbound, pfsense stops responding the DNS queries in forwarding mode unless i restart the service

Gertjan

Hi,
@ghulands:

After upgrading to 2.4.3 over the weekend, unbound would go into an endless loop of restarting itself every 10-15 seconds with no useful debugging info to know what was causing it. I tried mitigating with suggestions in other threads to do with the same topic. I switched to dnsmasq for the moment, but due to having some stub zones configured, I really need to get unbound working again.

Has anyone else seen this behavior with 2.4.3? Anything to look for in the logs to nail down the issue?

Mine didn't restart since I upgraded yesterday.
I have 35 devices on my LAN, all with static DHCP leases. Env 25 users on my captive portal (interface OPT1).

My Resolver setup is : as default.
Btw : test that way : restet to default, and pretty sure tour Resolver doesn't restart anymore, making your setting the 'issue'.

You could set Services => DNS Resolver => Advanced Settings => Log Level to a higher value.

kpa

Do you have an OpenVPN server with a tun type device? For me the system kept detecting an IP address change on the OpenVPN interface like every 20 seconds and restarting unbound until I deleted all OpenVPN related gateways, disabled/re-enabled the OpenVPN interface and then restarted the OpenVPN service.

Why the system treats the OpenVPN server interface as a WAN type interface with a gateway is a mystery though, it really shouldn't do that.

ghulands

@Gertjan:

Btw : test that way : restet to default, and pretty sure tour Resolver doesn't restart anymore, making your setting the 'issue'.

It was working fine in 2.4.2 and then upgrading to 2.4.3 it started restarting every 10-15 seconds. The issue is actually a lack of test coverage.

ghulands

@kpa:

Do you have an OpenVPN server with a tun type device? For me the system kept detecting an IP address change on the OpenVPN interface like every 20 seconds and restarting unbound until I deleted all OpenVPN related gateways, disabled/re-enabled the OpenVPN interface and then restarted the OpenVPN service.

Why the system treats the OpenVPN server interface as a WAN type interface with a gateway is a mystery though, it really shouldn't do that.

This looks to be the issue. I didn't need to delete any gateways, just had to disable the openvpn server profile, then re-enable it and it seems to be working fine now. Thanks so much for the tip.

How did you recognize the ip was changing?

ghulands

Also on the topic of OpenVPN, have you also seen an issue where if a client goes down, it can't come back up due to it not cleaning up properly?

Time Process PID Message
Apr 10 09:19:04 openvpn 46730 Exiting due to fatal error
Apr 10 09:19:04 openvpn 46730 FreeBSD ifconfig failed: external program exited with error status: 1
Apr 10 09:19:04 openvpn 46730 /sbin/ifconfig ovpnc2 10.8.0.37 10.8.0.1 mtu 1500 netmask 255.255.0.0 up
Apr 10 09:19:04 openvpn 46730 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Apr 10 09:19:04 openvpn 46730 TUN/TAP device /dev/tun2 opened
Apr 10 09:19:04 openvpn 46730 TUN/TAP device ovpnc2 exists previously, keep at program end

If I run the ifconfig command I get

ifconfig: ioctl (SIOCAIFADDR): File exists

The only way I can get my vpn client to reconnect is to reboot the router  :-(

Gertjan

@ghulands:

This looks to be the issue.

Strange.
Your first post doesn't mention any openvpn usage.
More strange : using openvpn myself - and the resolver, I didn't saw any issues.

But : after an update, when all is ok, I always reboot the system my self to see if it comes up fine by itself. So, if there was an issue, I never saw it.