2.2.1 #4332 Added a check to test if Unbound is enabled and using the same port
This broke my config.
I was happily running Unbound on some interfaces and dnsmasq on a non-conflicting subset of other interfaces (Like a VLAN/SSID for a 15-yo who has forced me to use OpenDNS.) I can no longer do that.
I'll see if there's a way to force a set of source IP addresses into forwarding mode for Unbound but I thought I'd mention the reduction in flexibility.
ETA: Doesn't look like unbound supports any split-horizon/views.
EATA: I worked around this by binding dnsmasq to localhost:8053 and using a port forward on the specific network.
Kinda unsure how this could have broken your config, because before this, it was not possible to run both at the same time at all… ??? :o
They ran just fine together as long as the listening interfaces did not conflict and I used strict interface binding on dnsmasq.
That may be well possible but that configuration was NOT possible at all without hacking the pfSense code.
Looks like the last change I made was to enable the forwarder after switching to unbound. There was no check at all for unbound being enabled when enabling the forwarder.
That makes sense since the requirement to force this network to OpenDNS was the more recent change. I remember being pleased it actually worked.
It looks like I probably would have hit the same problem (with the old test/error message) when saving any unbound changes, regardless of 2.2.1.