Unbound /resolver broke



  • 2.2-BETA (amd64)
    built on Fri Nov 14 07:17:32 CST 2014
    FreeBSD 10.1-RELEASE
    was using it now get this since last couple of days

    Nov 14 14:53:30 php-fpm[24580]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:91: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1415994810] unbound[40993:0] fatal error: Could not read config file: /var/unbound/unbound.conf'



  • it's being worked on today.



  • Nov 14 22:39:07 php-fpm[7768]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:93: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1416022747] unbound[10518:0] fatal error: Could not read config file: /var/unbound/unbound.conf'

    lastest snapshot
    2.2-BETA (amd64)
    built on Fri Nov 14 16:22:56 CST 2014
    FreeBSD 10.1-RELEASE



  • not seeing any issues like that. What is line 93 in your /var/unbound/unbound.conf file?



  • When doing the recent change to actually implement the unbound advanced options, I noticed that the text that a user puts in the Advanced box (which becomes the custom-options section) is implemented by the underlying code putting each white-space-separated bit (each word) onto a separate line in the unbound config. That seemed a bit of an odd thing to do, but I did not like to change that code!
    Prior to my "fixes" the text in the Advanced box was stored in the pfSense config, but never actually made it into unbound.conf
    Now that it gets into unbound.conf people will see errors if it is wrong.
    Perhaps first remove anything in the Advanced box and see if that helps.
    Then someone can fix up/sort out in what form the Advanced box text should be written to unbound.conf



  • this auto populates advanced box

    statistics-interval: 300;statistics-cumulative: no;extended-statistics: yes

    Nov 15 13:56:25 php-fpm[25032]: /services_unbound.php: The command '/usr/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '/var/unbound/unbound.conf:93: error: syntax error read /var/unbound/unbound.conf failed: 1 errors in configuration file [1416077785] unbound[27189:0] fatal error: Could not read config file: /var/unbound/unbound.conf'

    ##########################

    Unbound Configuration

    ##########################

    Server configuration

    server:
    chroot: /var/unbound
    username: "unbound"
    directory: "/var/unbound"
    pidfile: "/var/run/unbound.pid"
    use-syslog: yes
    port: 53
    verbosity: 3
    hide-identity: no
    hide-version: no
    harden-referral-path: no
    harden-glue: yes
    do-ip4: yes
    do-ip6: yes
    do-udp: yes
    do-tcp: yes
    do-daemonize: yes
    module-config: "validator iterator"
    unwanted-reply-threshold: 0
    num-queries-per-thread: 1024
    jostle-timeout: 200
    infra-host-ttl: 900
    infra-lame-ttl: 900
    infra-cache-numhosts: 10000
    outgoing-num-tcp: 10
    incoming-num-tcp: 10
    edns-buffer-size: 4096
    cache-max-ttl: 86400
    cache-min-ttl: 0
    harden-dnssec-stripped: no
    msg-cache-size: 4m
    num-threads: 2
    msg-cache-slabs: 4
    rrset-cache-slabs: 4
    infra-cache-slabs: 4
    key-cache-slabs: 4
    rrset-cache-size: 8m
    outgoing-range: 462
    #so-rcvbuf: 4m
    auto-trust-anchor-file: /var/unbound/root.key
    prefetch: yes
    prefetch-key: yes

    Statistics

    Unbound Statistics

    statistics-interval: 0
    extended-statistics: yes
    statistics-cumulative: yes

    Interface IP(s) to bind to

    interface: 192.168.35.1
    interface: 127.0.0.1
    interface: ::1

    Outgoing interfaces to be used

    outgoing-interface: 174.130.18.151
    outgoing-interface: 209.105.185.108

    DNS Rebinding

    For DNS Rebinding prevention

    private-address: 10.0.0.0/8
    private-address: 172.16.0.0/12
    private-address: 192.168.0.0/16
    private-address: 192.254.0.0/16
    private-address: fd00::/8
    private-address: fe80::/10

    Set private domains in case authoritative name server returns a Private IP address

    Access lists

    include: /var/unbound/access_lists.conf

    Static host entries

    include: /var/unbound/host_entries.conf

    Domain overrides

    include: /var/unbound/domainoverrides.conf

    Forwarding

    forward-zone:
    name: "."
    forward-addr: 8.8.8.8
    forward-addr: 8.8.4.4

    Unbound custom options

    statistics-interval:
    300;statistics-cumulative:
    no;extended-statistics:
    yes

    Remote Control Config

    include: /var/unbound/remotecontrol.conf



  • all i know was my config was working just fine on weds 11/5 snapshot upgraded to fri and had to enable forwarder for dns



  • The code Phil referenced was a copy/paste from dnsmasq, which uses its advanced field differently since it needs those as command line arguments, not in a conf file. The problem was your advanced options were never used prior to a few days ago, and once that was fixed, they were put in wrong. That did need to be output differently.

    I just pushed a fix for that. gitsync or upgrade to a snapshot on the 16th or newer and you should be in good shape.