2.4.5_1 problem



  • After I updated to 2.4.5_1 from 2.4.5. dns resolver is not longer working and I can't even start it. what gives?



  • @jefftse said in 2.4.5_1 problem:

    what gives?

    It's two clicks away : The resolver log, from unbound itself, already told you.
    Status > System Logs > System > DNS Resolver



  • couldn't have anything form DNS Resolver log but I did find this from General log. I don't use port 953.

    /status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1593532954] unbound[13009:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1593532954] unbound[13009:0] error: cannot open control interface 127.0.0.1 953 [1593532954] unbound[13009:0] fatal error: could not open ports'



  • You'll be needing the Diagnostics > Command Prompt at least.
    I strongly advise you to use the console (even better : SSH) access - option 8.
    ( the Diagnostics > Command Prompt is a real shoot-in-the-foot thing)

    First command :

    ps ax | grep 'unbound'
    

    You'll be looking for line that list :

    ... /usr/local/sbin/unbound  ...
    

    Just before that, you have the process number, like :

    69867  -  Ss      16:43.96 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
    

    In my case, it's 69867.

    You have to kill that process.
    Like this

    kill 69867
    

    Repeat the

    ps ax | grep 'unbound'
    

    step until there are no more "/usr/local/sbin/unbound -c /var/unbound/unbound.conf" lines.

    When one, you can launch the Resolver in the GUI.

    ( and test it's running with the "ps ax | grep 'unbound'" command )



  • ok,

    I will have to do it later since I'm not there physically.

    i did run ps ax | grep 'unbound' undess disgnostics/command prompt

    I got the followings:

    58878 - S 0:00.00 sh -c ps ax | grep 'unbound' 2>&1
    59383 - S 0:00.00 grep unbound

    then I ran it again. the numbers kept changing.



  • Then some other process is using your port 953.

    Run this one :

    sockstat -4 -l
    

    to see who it is.



  • bind named 36049 38 tcp4 127.0.0.1:953 :



  • @Gertjan

    bind named 36049 38 tcp4 127.0.0.1:953 :



  • Ok.

    Your nearly there.
    Contact the admin of your pfSense. Ask him why he installed bind - and why he didn't terminate the setup.
    Explain him it's impossible to have tow web servers on the same server or two mail servers or two DNS caches/resolvers/forwarders that listen to the same ports : 953 in this case.
    Let him make up his choice, an relocate port 953 of the two process : unbound or bind.
    Port 953 is the 'control' port. Fr bind, it's the rndc program that use this port to control the bind while it's running.


Log in to reply