Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Unbound stops after pfblocker cron job or other cause?

    pfBlockerNG
    1
    1
    129
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      armstrtb last edited by

      I think this may be the wrong location to post it, may be better for unbound and happy to move it if that's the case but I've been troubleshooting my recent pfBlockerNG install and it felt like it fit.

      Looks like Unbound stops running after a restart, and I think it's related to the DNSBL list being so large and the restart function not waiting long enough.

      Similar to this:
      It looks reminiscent of this: [Solved] Unbound fails on restart after pfBlockerNG updates
      But it was fixed: redmine, so I didn't think I needed to repeat these steps as it was from 2017.

      Version:
      pfSense 2.4.5_1
      pfBlockerNG-devel 3.0.0_7

      I've parsed through my logs and summarised what looked like the main points across System, dhcp, and resolver logs. I think the issue occurs at 6:24:11 and I think it's related to the size of the DNSBL list.

      Jan  6 06:00:01 pfSense php: [pfBlockerNG] Starting cron process.
      Jan  6 06:22:26 pfSense rc.gateway_alarm[7737]: >>> Gateway alarm: WAN_DHCP (Addr:198.48.177.1 Alarm:0 RTT:17.144ms RTTsd:12.109ms Loss:5%)
      Jan  6 06:22:26 pfSense check_reload_status: Restarting ipsec tunnels
      Jan  6 06:22:26 pfSense check_reload_status: Restarting OpenVPN tunnels/interfaces
      Jan  6 06:22:26 pfSense check_reload_status: Reloading filter
      Jan  6 06:22:27 pfSense php-fpm[350]: /rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. ''
      Jan  6 06:22:27 pfSense php-fpm[350]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_DHCP.
      Jan  6 06:22:28 pfSense php-fpm[62801]: /rc.dyndns.update: phpDynDNS (XXXXXX.XXX.XXX): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
      Jan  6 06:23:21 pfSense check_reload_status: Starting packages
      Jan  6 06:23:22 pfSense php-fpm[62801]: /rc.start_packages: Restarting/Starting all packages.
      Jan  6 06:23:27 pfSense lighttpd_pfb: [pfBlockerNG] DNSBL Webserver started
      Jan  6 06:23:28 pfSense php_pfb: [pfBlockerNG] filterlog daemon started
      Jan  6 06:23:28 pfSense php: [pfBlockerNG] DNSBL parser daemon started
      Jan  6 06:23:56 pfSense php-fpm[350]: /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1609932236] unbound[94839:0] error: bind: address already in use [1609932236] unbound[94839:0] fatal error: could not open ports' 
      Jan  6 06:23:58 pfSense dhcpd: Server starting service.
      Jan  6 06:23:59 pfSense php-fpm[350]: /rc.newwanip: Creating rrd update script
      Jan  6 06:24:01 pfSense php-fpm[350]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 10.7.3.2 ->  10.7.0.3 - Restarting packages.
      Jan  6 06:24:01 pfSense check_reload_status: Starting packages
      Jan  6 06:24:10 pfSense unbound: [76661:0] notice: init module 0: iterator
      Jan  6 06:24:11 pfSense unbound: [76661:0] info: start of service (unbound 1.10.1).
      Jan  6 06:24:11 pfSense unbound: [76661:0] info: service stopped (unbound 1.10.1).
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense Plus
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy