Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Resolver (Unbound) Host Overrides Stopped Working

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • XentrkX
      Xentrk
      last edited by

      My host overrides stopped working last night.  Wife complained Internet was not working.  We had a storm.  My gear is hooked up to UPS. I heard them beep two times during the lightning.  But power to the house never went down.

      Upon my investigation, I saw the WAN iface was down. I rebooted pfSense and it came back up. But Unbound had not started.  I was not able to restart it successfully.  I looked at the log and saw the message:

      May 22 09:11:49 	unbound 	8784:0 	error: local-data in redirect zone must reside at top of zone, not at b.scorecardresearch.com. A 0.0.0.0
May 22 09:11:49 	unbound 	8784:0 	fatal error: Could not set up local zones

      Settings:

      
DNS Resolver is ENABLED
Listen Port: 53
Network Interfaces: LAN
Outgoing Network Interfaces:  My three OpenVPN Clients
System Domain Level Zone Type: Transparent
DNSSEC: checked
DNS Query Forwarding: Unchecked
DHCP Registration: Unchecked
Static DHCP: Unchecked
OpenVPN Clients: Unchecked

      I use pfBlockerNG and have these entries in Custom Configuration

      log-queries: yes
server:include: /var/unbound/pfb_dnsbl.*conf

      I have done some searching on the forum and see this error has come up in recent history.  Not sure if a bug was introduced in the 2.4.3-RELEASE-p1.  I updated to 2.4.3-RELEASE-p1 last week. That is the only change I made recently.

      https://forum.pfsense.org/index.php?topic=111197.0
      https://forum.pfsense.org/index.php?topic=134675.msg738333#msg738333

      I tried changing the

      server:include: /var/unbound/pfb_dnsbl.*conf
```to

      server:include: /var/unbound/pfb_dnsbl.conf

      to see if that helps. But it causes pfSense to hang and I have to power cycle the appliance to restore access.

Changing the line above to omit the **server:** per post https://forum.pfsense.org/index.php?topic=134675.msg738333#msg738333 also causes the web gui to hang and I need to power cycle the appliance to restore access.

I will keep investigating and report back if I find any information. 

I removed the Host Overrides so I can use the Internet again. 
![host overrides.JPG](/public/_imported_attachments_/1/host overrides.JPG)
![host overrides.JPG_thumb](/public/_imported_attachments_/1/host overrides.JPG_thumb)

      pfSense 2.4.4_2 | Intel i5-3450 @ 3.10GHz  | AES-NI enabled |  pfBlockerNG | Snort
      Blog Site: https://x3mtek.com || GitHub: https://github.com/Xentrk

      1 Reply Last reply Reply Quote 0
      • XentrkX
        Xentrk
        last edited by

        I tried to reenter the Host Overrides every morning after first experiencing the issue. I experienced the error message each time. On day four, I did not experience the error message. It has been five days now and the problem has not returned.

        pfSense 2.4.4_2 | Intel i5-3450 @ 3.10GHz  | AES-NI enabled |  pfBlockerNG | Snort
        Blog Site: https://x3mtek.com || GitHub: https://github.com/Xentrk

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.