2.4.5_1 problem
-
After I updated to 2.4.5_1 from 2.4.5. dns resolver is not longer working and I can't even start it. what gives?
-
@jefftse said in 2.4.5_1 problem:
what gives?
It's two clicks away : The resolver log, from unbound itself, already told you.
Status > System Logs > System > DNS Resolver -
couldn't have anything form DNS Resolver log but I did find this from General log. I don't use port 953.
/status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1593532954] unbound[13009:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1593532954] unbound[13009:0] error: cannot open control interface 127.0.0.1 953 [1593532954] unbound[13009:0] fatal error: could not open ports'
-
You'll be needing the Diagnostics > Command Prompt at least.
I strongly advise you to use the console (even better : SSH) access - option 8.
( the Diagnostics > Command Prompt is a real shoot-in-the-foot thing)First command :
ps ax | grep 'unbound'
You'll be looking for line that list :
... /usr/local/sbin/unbound ...
Just before that, you have the process number, like :
69867 - Ss 16:43.96 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
In my case, it's 69867.
You have to kill that process.
Like thiskill 69867
Repeat the
ps ax | grep 'unbound'
step until there are no more "/usr/local/sbin/unbound -c /var/unbound/unbound.conf" lines.
When one, you can launch the Resolver in the GUI.
( and test it's running with the "ps ax | grep 'unbound'" command )
-
ok,
I will have to do it later since I'm not there physically.
i did run ps ax | grep 'unbound' undess disgnostics/command prompt
I got the followings:
58878 - S 0:00.00 sh -c ps ax | grep 'unbound' 2>&1
59383 - S 0:00.00 grep unboundthen I ran it again. the numbers kept changing.
-
Then some other process is using your port 953.
Run this one :
sockstat -4 -l
to see who it is.
-
bind named 36049 38 tcp4 127.0.0.1:953 :
-
bind named 36049 38 tcp4 127.0.0.1:953 :
-
Ok.
Your nearly there.
Contact the admin of your pfSense. Ask him why he installed bind - and why he didn't terminate the setup.
Explain him it's impossible to have tow web servers on the same server or two mail servers or two DNS caches/resolvers/forwarders that listen to the same ports : 953 in this case.
Let him make up his choice, an relocate port 953 of the two process : unbound or bind.
Port 953 is the 'control' port. Fr bind, it's the rndc program that use this port to control the bind while it's running.