What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hi, I have permanent problem that S61unbound does not start unbound after WebUI router reboot - no ps.
When I ssh and do manual unbound_manager start it all goes smoothly.
Must be issue with Starting Script Execution (easy) - no further info than below.
Oh, and I tried with the WebUI setting ON/OFF to use unboud router DNS queries - any ideas?
Code:
Jun  4 09:51:43 asus unbound: [12433:0] info: service stopped (unbound 1.10.0).
Jun  4 09:52:50 asus S61unbound: start Unbound DNS server (bypass dnsmasq) /opt/etc/init.d/S61unbound
Jun  4 09:52:50 asus unbound: created br0:pixelserv-tls for 10.10.10.2
Jun  4 09:55:46 asus (unbound_manager.sh): 19698 Starting Script Execution (easy)
Jun  4 09:55:47 asus (unbound_manager.sh): 19698 Warning unbound not running!! # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Thu Jun 4 09:39:29 IST 2020)
Jun  4 09:55:52 asus (unbound_manager.sh): 19698 Starting Script Execution (easy)
Jun  4 09:55:54 asus (unbound_manager.sh): 19698 Warning unbound not running!! # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Thu Jun 4 09:39:29 IST 2020)
Jun  4 09:56:02 asus S61unbound: restart Unbound DNS server (bypass dnsmasq) /opt/etc/init.d/S61unbound
Jun  4 09:56:04 asus unbound: [21231:0] info: start of service (unbound 1.10.0).
Jun  4 09:56:05 asus (unbound_manager.sh): 19698 unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt' (2020-06-04 05:15:03)
Jun  4 09:57:01 asus (unbound_log.sh): 23799 Processed 0 reply_domains...
Pixel server is started seperately, but overtakes unbound
 
Hi, I have permanent problem that S61unbound does not start unbound after WebUI router reboot - no ps.
When I ssh and do manual unbound_manager start it all goes smoothly.
Must be issue with Starting Script Execution (easy) - no further info than below.
Oh, and I tried with the WebUI setting ON/OFF to use unboud router DNS queries - any ideas?
Code:
Jun  4 09:51:43 asus unbound: [12433:0] info: service stopped (unbound 1.10.0).
Jun  4 09:52:50 asus S61unbound: start Unbound DNS server (bypass dnsmasq) /opt/etc/init.d/S61unbound
Jun  4 09:52:50 asus unbound: created br0:pixelserv-tls for 10.10.10.2
Jun  4 09:55:46 asus (unbound_manager.sh): 19698 Starting Script Execution (easy)
Jun  4 09:55:47 asus (unbound_manager.sh): 19698 Warning unbound not running!! # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Thu Jun 4 09:39:29 IST 2020)
Jun  4 09:55:52 asus (unbound_manager.sh): 19698 Starting Script Execution (easy)
Jun  4 09:55:54 asus (unbound_manager.sh): 19698 Warning unbound not running!! # rgnldo Github Version=v1.10 Martineau update (Date Loaded by unbound_manager Thu Jun 4 09:39:29 IST 2020)
Jun  4 09:56:02 asus S61unbound: restart Unbound DNS server (bypass dnsmasq) /opt/etc/init.d/S61unbound
Jun  4 09:56:04 asus unbound: [21231:0] info: start of service (unbound 1.10.0).
Jun  4 09:56:05 asus (unbound_manager.sh): 19698 unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt' (2020-06-04 05:15:03)
Jun  4 09:57:01 asus (unbound_log.sh): 23799 Processed 0 reply_domains...
Pixel server is started seperately, but overtakes unbound
As unbound can be started manually some time after the boot process has seemingly quiesced, I suspect you may have multiple interfaces defined in 'unbound.conf' that cannot initially be resolved?
 
Three weeks ago, I had 96% cache hits. (during one week)
Then I rebooted my router.
Since one week, I only get 40%. Why?
I always surf the same pages.

Edit:
I have the feeling something is wrong with unbound.
I restartet my PC and reopend my browser with 42 tabs. I reloaded all tabs.
Cache hits is down to 39%
 
Last edited:
Three weeks ago, I had 96% cache hits. (during one week)
Then I rebooted my router.
Since one week, I only get 40%. Why?
I always surf the same pages.

Edit:
I have the feeling something is wrong with unbound.
I restartet my PC and reopend my browser with 42 tabs. I reloaded all tabs.
Cache hits is down to 39%
Agreed, I used to see it easily climb into the 80%+ range (several weeks ago), but now it always hovers in the 60-63% range, regardless of how long it runs before a reboot (1 to 10 days).
I know there was some discussion of this a few weeks back, but it didn't seem to come to any conclusions as to why.
 
Hey recently tried to install Unbound and all was good until I tried to access my externally exposed sites using my DDNS. When I turn on unbound i can not reach any of my externally exposed sites and I can not resolve the DDNS name locally. It is probable a configuration issue but I am novice at this utility. Any help appreciated.
 
As unbound can be started manually some time after the boot process has seemingly quiesced, I suspect you may have multiple interfaces defined in 'unbound.conf' that cannot initially be resolved?
The only non-standard stuff I have are IPv6 interfaces
Code:
interface: ::1
interface: 2a02:dead:beef::1
I can comment it out before next reboot and see what happens. Do you think there could be some issue with S80pixelserv-tls overtaking S61unbound and locking it out from br0 configuration?
Code:
if [ -z "$1" ] || [ "$1" != "stop" ]; then
        ifconfig br0:pixelserv-tls $psIP up
        logger -st unbound "created br0:pixelserv-tls for $psIP"
fi
export TZ=$(cat /etc/TZ)
ENABLED=yes
PROCS=pixelserv-tls
ARGS="$psIP $switches"
PREARGS=""
PRECMD=""
DESC="$PROCS (Unbound)"
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
. /opt/etc/init.d/rc.func
 
I assume that some process is competing and preventing execution. Go deactivating some and checking.
ok thanks, let me play around with it - I can also dump a list of processes to see what's changing
 
Agreed, I used to see it easily climb into the 80%+ range (several weeks ago), but now it always hovers in the 60-63% range, regardless of how long it runs before a reboot (1 to 10 days).
I know there was some discussion of this a few weeks back, but it didn't seem to come to any conclusions as to why.
I have not observed this behaviour on my router - 10am is a reboot and then next day around 5am it refreshes adlock lists and binds them to pixelserv.

stats.png
 
The only non-standard stuff I have are IPv6 interfaces
Code:
interface: ::1
interface: 2a02:dead:beef::1
I can comment it out before next reboot and see what happens. Do you think there could be some issue with S80pixelserv-tls overtaking S61unbound and locking it out from br0 configuration?
Code:
if [ -z "$1" ] || [ "$1" != "stop" ]; then
        ifconfig br0:pixelserv-tls $psIP up
        logger -st unbound "created br0:pixelserv-tls for $psIP"
fi
export TZ=$(cat /etc/TZ)
ENABLED=yes
PROCS=pixelserv-tls
ARGS="$psIP $switches"
PREARGS=""
PRECMD=""
DESC="$PROCS (Unbound)"
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
. /opt/etc/init.d/rc.func
Apologies, I assumed you were still bypassing dnsmasq and probably migrated the dnsmasq interfaces. (Check /opt/share/unbound/configs/unbound.conf.localhosts')

So in lieu of providing any diagnostic logs, you will need to identify when/if unbound (S61unbound) is actually started in the boot sequence.
 
Last edited:
hmmm from one moment to another, my Unbound stopped working and i need to stop Unbound manually. Otherwise my Clients cant resolve a Host.

Is there a way to fully reset the Cache of Unbound ? maybe theres something faulty.

thanks guys !
 
hmmm from one moment to another, my Unbound stopped working and i need to stop Unbound manually. Otherwise my Clients cant resolve a Host.

Is there a way to fully reset the Cache of Unbound ? maybe theres something faulty.
Is there a message in the unbound log? or have you used the 'unbound_manager' 'dig' command to identify the reason unbound seemingly fails to resolve a specific host?

To flush the cache use
Code:
rs = Restart (or Start) unbound (use 'rs nocache' to flush cache)
or manually restart unbound
Code:
/opt/etc/init.d/S61unbound restart
 
Three weeks ago, I had 96% cache hits. (during one week)
Then I rebooted my router.
Since one week, I only get 40%. Why?
I always surf the same pages.

Edit:
I have the feeling something is wrong with unbound.
I restartet my PC and reopend my browser with 42 tabs. I reloaded all tabs.
Cache hits is down to 39%

Cache profiles will vary wildly, and can be influenced by three factors:
  • Cache size
  • Cache TTLs
  • Web access profile.

Usually the default cache size is ample for most. (8MB/8MB/16MB)

Cache TTL values may be examined and modified as necessary.
Code:
grep -E "cache-m..-ttl" /opt/var/lib/unbound/unbound.conf
Tweaking either of the two values may provide 'improvements' e.g. 'cache-min-ttl: 0' (or commented out) will use the TTL as defined by the domain owner.

Cache statistics may be reviewed, but unless there is only ever one user of the cache, then it is extremely difficult to determine why the cache contents are being flushed. Clearly you can dump the cache to a text file to determine its current contents, and confirm if the 42 tabs are always present.

Perhaps you could share your 42 Tab benchmark test for others to try?

Alternatively, setting the logging verbosity to 5 apparently will log cache misses info?
 
Last edited:
Is there a message in the unbound log? or have you used the 'unbound_manager' 'dig' command to identify the reason unbound seemingly fails to resolve a specific host?

To flush the cache use
Code:
rs = Restart (or Start) unbound (use 'rs nocache' to flush cache)
or manually restart unbound
Code:
/opt/etc/init.d/S61unbound restart

I don't know, seems like something was fishy with the Cache. Even a reboot didnt help at all.
Try'd rs nocache and everything is working now....
 
Why aren't these removed when I uninstall unbound & unbound_manager?

Edit:
Where is the cache located? Path?
 

Attachments

  • screen.PNG
    screen.PNG
    12.1 KB · Views: 103
Apologies, I assumed you were still bypassing dnsmasq and probably migrated the dnsmasq interfaces. (Check /opt/share/unbound/configs/unbound.conf.localhosts')

So in lieu of providing any diagnostic logs, you will need to identify when/if unbound (S61unbound) is actually started in the boot sequence.
I do use still bypass dnsmasq. Is there any other diagnostics log than unbound.log?
They are executed in lexographic order fron init.d as far as I understand
 
I do use still bypass dnsmasq. Is there any other diagnostics log than unbound.log?
They are executed in lexographic order fron init.d as far as I understand
Did you already try commenting out the additional IPv6 interfaces? ... If an interface you specified in the unbound.conf is down then unbound wont start per this post
If you find that is the case theres an config option you could try..... i have no idea if its applicable to your case
ip-freebind: <yes or no>
If yes, then use IP_FREEBIND socket option on sockets where
unbound is listening to incoming traffic. Default no. Allows
you to bind to IP addresses that are nonlocal or do not exist,
like when the network interface or IP address is down. Exists
only on Linux, where the similar ip-transparent option is also
available.
 
Last edited:
I did not wanted to post this question as a separate thread but here is goes. How would one make Unbound DNS a primary DNS? What I mean by that is when Unbound is down one would loose access to the internet, sort of like a kill switch in VPN. I understand that this would be possible when Unbound DNS replaces DNSMASQ DNS.
But, can something be done or configured when using Unbound with dnsmasq?
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top