Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [2.0.1] unbound problems

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gridrun
      last edited by

      Hi all,

      I tried to run unbound as the primary DNS resolver for our networks for the past 3 months. However, two particular mission-critical issues made me revert to DNS forwarder for now:

      Issue 1: Unbound silently "dies" after WAN connectivity drops. Service page still shows unbound running, but it does not answer DNS queries anymore - even after WAN connectivity is restored. This happens everytime the WAN goes down for more than a minute or so. Restarting unbound from the service page corrects the problem.

      Issue 2: Unbound sometimes fails to start up after a reboot. Service page shows unbound as not running. Manually starting the service corrects the problem.

      I cant be ***** to play unbound-nanny all day.
      So bye-bye unbound for now. Too bad, it looked very promising!

      Tech stuff on my blog: http://niston.wordpress.com

      1 Reply Last reply Reply Quote 0
      • W Offline
        wagonza
        last edited by

        Unbound backs off for certain period between 1 and 15minutes when it detects that servers are down. After 900s it should re-enable itself again. You can lower this timeout by adjusting the value for 'TTL for Host cache entries' in the advanced section. Otherwise you can also issue, from the command line, unbound-control flush_infra and service should resume.

        Follow me on twitter http://twitter.com/wagonza
        http://www.thepackethub.co.za

        1 Reply Last reply Reply Quote 0
        • G Offline
          gridrun
          last edited by

          @wagonza:

          Unbound backs off for certain period between 1 and 15minutes when it detects that servers are down. After 900s it should re-enable itself again. You can lower this timeout by adjusting the value for 'TTL for Host cache entries' in the advanced section. Otherwise you can also issue, from the command line, unbound-control flush_infra and service should resume.

          You're kidding me! Let's entertain your idea for a moment:

          T=00: WAN goes down
          T=01: Client wants to resolve a DNS.
          T=02: Ubound "detects that servers are down" and "backs off"
          T=03: Resolution fails cause WAN is down.
          T=22: WAN comes up
          T=34: Client A does ICMP echo_request to 195.186.1.110
          T=35: Client A receives ICMP echo_reply from 195.186.1.110
          T=50: Client B wants to resolve a DNS.
          T=53: Resolution fails due to ubound "taking a break"
          T=55: Client C wants to resolve a DNS
          T=57: Resolution fails due to ubound "taking a break"
          ….
          T=900: Ubound decides the nap is over and comes back into operation  ???  ???

          Uh yeah. Right. You're not going to need any high availability features with services built like that, hahaha...  ;D

          Anyway. It doesn't seem to apply to what happened here, because one little difference: ubound didn't "re-enable" itself no more. Not after 900 secs. Not after 4 hours. Only after I manually restarted it, did it process DNS requests again.

          If this is a "feature" then ubound must be a M$ product!

          Tech stuff on my blog: http://niston.wordpress.com

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.