4. DNS Resolver (Unbound) Host Overrides Stopped Working

DNS Resolver (Unbound) Host Overrides Stopped Working


  • My host overrides stopped working last night.  Wife complained Internet was not working.  We had a storm.  My gear is hooked up to UPS. I heard them beep two times during the lightning.  But power to the house never went down.

    Upon my investigation, I saw the WAN iface was down. I rebooted pfSense and it came back up. But Unbound had not started.  I was not able to restart it successfully.  I looked at the log and saw the message:

    May 22 09:11:49 	unbound 	8784:0 	error: local-data in redirect zone must reside at top of zone, not at b.scorecardresearch.com. A 0.0.0.0
May 22 09:11:49 	unbound 	8784:0 	fatal error: Could not set up local zones

    Settings:

    
DNS Resolver is ENABLED
Listen Port: 53
Network Interfaces: LAN
Outgoing Network Interfaces:  My three OpenVPN Clients
System Domain Level Zone Type: Transparent
DNSSEC: checked
DNS Query Forwarding: Unchecked
DHCP Registration: Unchecked
Static DHCP: Unchecked
OpenVPN Clients: Unchecked

    I use pfBlockerNG and have these entries in Custom Configuration

    log-queries: yes
server:include: /var/unbound/pfb_dnsbl.*conf

    I have done some searching on the forum and see this error has come up in recent history.  Not sure if a bug was introduced in the 2.4.3-RELEASE-p1.  I updated to 2.4.3-RELEASE-p1 last week. That is the only change I made recently.

    https://forum.pfsense.org/index.php?topic=111197.0
    https://forum.pfsense.org/index.php?topic=134675.msg738333#msg738333

    I tried changing the

    server:include: /var/unbound/pfb_dnsbl.*conf
```to

    server:include: /var/unbound/pfb_dnsbl.conf

    to see if that helps. But it causes pfSense to hang and I have to power cycle the appliance to restore access.

Changing the line above to omit the **server:** per post https://forum.pfsense.org/index.php?topic=134675.msg738333#msg738333 also causes the web gui to hang and I need to power cycle the appliance to restore access.

I will keep investigating and report back if I find any information. 

I removed the Host Overrides so I can use the Internet again. 
![host overrides.JPG](/public/_imported_attachments_/1/host overrides.JPG)
![host overrides.JPG_thumb](/public/_imported_attachments_/1/host overrides.JPG_thumb)
    0

  • I tried to reenter the Host Overrides every morning after first experiencing the issue. I experienced the error message each time. On day four, I did not experience the error message. It has been five days now and the problem has not returned.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy