DNS Resolver crashing after recent update[solved]
-
It seems after the most recent upgrade I have to reboot my pfsense box every week or two in order to correct DNS from failing. This is a physical box (no VM):
Intel(R) Xeon(R) CPU D-1518 @ 2.20GHz
8 CPUs: 1 package(s) x 4 core(s) x 2 hardware threads
8GB DDR4 RAMThe Unbound DNS logs when things are in a bad state look like the following:
Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:12 unbound 59065:5 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:12 unbound 59065:5 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.8.8 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:7 notice: remote address is 8.8.4.4 port 53 Jun 12 16:02:11 unbound 59065:7 notice: sendto failed: No buffer space available Jun 12 16:02:11 unbound 59065:2 notice: remote address is 8.8.8.8 port 53
Attempting to restart the service itself does nothing. Memory usage is minimal, ~5% currently. At one point I did have suricata installed but removed a few months ago.
Anything anyone can think of that would cause this issue? I am all ears!
Installed Packages:
frr net 0.2_1 LADVD net 1.2.2 openvpn-client-export security 1.4.14 Telegraf net-mgmt 0.4
Unbound Configuration File:
########################## # Unbound Configuration ########################## ## # Server configuration ## server: chroot: /var/unbound username: "unbound" directory: "/var/unbound" pidfile: "/var/run/unbound.pid" use-syslog: yes port: 53 verbosity: 1 hide-identity: yes hide-version: yes harden-glue: yes do-ip4: yes do-ip6: yes do-udp: yes do-tcp: yes do-daemonize: yes module-config: "validator iterator" unwanted-reply-threshold: 0 num-queries-per-thread: 4096 jostle-timeout: 200 infra-host-ttl: 900 infra-cache-numhosts: 10000 outgoing-num-tcp: 10 incoming-num-tcp: 10 edns-buffer-size: 4096 cache-max-ttl: 86400 cache-min-ttl: 0 harden-dnssec-stripped: yes msg-cache-size: 4m rrset-cache-size: 8m num-threads: 8 msg-cache-slabs: 8 rrset-cache-slabs: 8 infra-cache-slabs: 8 key-cache-slabs: 8 outgoing-range: 4096 #so-rcvbuf: 4m auto-trust-anchor-file: /var/unbound/root.key prefetch: no prefetch-key: no use-caps-for-id: no serve-expired: no # Statistics # Unbound Statistics statistics-interval: 0 extended-statistics: yes statistics-cumulative: yes # Interface IP(s) to bind to interface: 0.0.0.0 interface: ::0 interface-automatic: yes # Outgoing interfaces to be used # DNS Rebinding # For DNS Rebinding prevention private-address: 10.0.0.0/8 private-address: 172.16.0.0/12 private-address: 169.254.0.0/16 private-address: 192.168.0.0/16 private-address: fd00::/8 private-address: fe80::/10 # Access lists include: /var/unbound/access_lists.conf # Static host entries include: /var/unbound/host_entries.conf # dhcp lease entries include: /var/unbound/dhcpleases_entries.conf # Domain overrides include: /var/unbound/domainoverrides.conf # Forwarding forward-zone: name: "." forward-addr: 8.8.8.8 forward-addr: 8.8.4.4 ### # Remote Control Config ### include: /var/unbound/remotecontrol.conf
-
So this occurred again this morning, looks like after some further troubleshooting this is related to my OpenVPN setup. I have one vlan funneling all traffic out PIA VPN (Guest network) while the rest is processed normally. I don't know why yet, but it appears when this tunnel bounces DNS traffic from PFSense is gobbled up. Local DNS works fine so just external revolvers are broken.