What's new

Unbound [Release] v3.22

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Martineau

Part of the Furniture
unbound_manager v3.22 and unbound.conf v1.12

Version: v3.22
Github md5=6b4a500c071bcbb3f4a6e9596a178d43


Use option 7 when v3.22 is shown as available in either amtm
Code:
 7  open     unbound Mgr    v3.22   <- v3.21

Use unbound_manager command option u when shown (or uf to FORCE the upgrade if it isn't)
Code:
u = Update (Major) unbound_manager v3.21 -> v3.22 (Change Log: https://github.com/MartineauUK/Unbound-Asuswrt-Merlin/commits/master/unbound_manager.sh)

Optional Install but recommended unbound.conf v1.12 to improve cache hits.

Use vb and 1 (or Advanced menu i config) commands to upgrade.
 
Last edited:
Is vb before 1 critical? I just opened unbound in amtm, saw that there was a 'major' update, and pressed one.

Yes, it has to be a major update from the length of time updating is taking...mine has been going for 10 mins and I'm still not back to a command prompt...
 
Last edited:
Is vb before 1 critical? I just opened unbound in amtm, saw that there was a 'major' update, and pressed one.
For the Easy menu mode users, then the need to execute vb to take a backup of 'unbound.conf' is probably moot, as they may have never customised unbound.

However, for Advanced menu mode users, it is prudent to ensure a backup is created so they can manually merge the new v1.12 'unbound.conf' or simply restore it if necessary.

the script has been reporting Updating S61unbound for quite a few minutes now...
EDIT: it has to be a major update from the length of time updating is taking...mine has been going for 10 mins and I'm still not back to a command prompt...
No idea.

You should ABORT the current upgrade process, and retry.

If it still stalls, then you will need to use debug mode to show precisely where the script is stalling.
 
Last edited:
I have updated via both the Easy and Advanced menus but it still says there is an update available.
 
Never mind, its good now!
 
I'm having an issue - unbound is reporting itself as running 3.22 with 1.12 conf, but amtm is still reporting 3.21 update available.

UPDATE- Hard reboot router and gateway and everything is back to normal. my bad for forgetting the ISP gateway - I usually don't need to.
 
Last edited:
Dear all,
just a simple question: After update to the new version my configuration of unbound was set to default. I manually switched to DOT, made a backup with vb and after the update, everything was lost, my backup as well.

First question: Can I have another name for the backup e.g.
Code:
First question: Can I have another name for the backup e.g. vb DOT.conf `?
`?

That entry didn´t work.
How to restore the backup :
Code:
rl  DOT.conf
?

Is it normal, that my configuration was overwritten by updating to 3.22 ?

Thanks a lot for your support

Hugo
 
Dear all,
just a simple question: After update to the new version my configuration of unbound was set to default. I manually switched to DOT, made a backup with vb and after the update, everything was lost, my backup as well.

First question: Can I have another name for the backup e.g.
Code:
First question: Can I have another name for the backup e.g. vb DOT.conf `?
`?

That entry didn´t work.
How to restore the backup :
Code:
rl  DOT.conf
?

Is it normal, that my configuration was overwritten by updating to 3.22 ?

Thanks a lot for your support

Hugo

As per the upgrade instructions, the vb command will always make a backup in both Easy and Advanced menu mode

Code:
e  = Exit Script [?]

E:Option ==> vb

 Active 'unbound.conf' backed up to '/opt/share/unbound/configs/20210202-170523_unbound.conf'

NOTE: The vb command does not let you specify the name, but you may rename the backup..or can reload it as-is
Code:
e  = Exit Script [?]

A:Option ==> rl  /opt/share/unbound/configs/20210202-170523_unbound

unbound-checkconf: no errors in /opt/share/unbound/configs/20210202-170523_unbound.conf

Reloading 'unbound.conf' status=17:18:34 Saving unbound cache to '/opt/share/unbound/configs/cache.txt' msg.cache=467/461 rrset.cache=2560/2553
ok

However, in Advanced Menu mode, if you use command i to do a FULL unbound installation upgrade/refresh, then when all files/modules have been retrieved, you are given the option to retain your current custom 'unbound.conf' config.
Code:
Auto install unbound Customisation complete 0 minutes and 16 seconds elapsed - Please wait for up to 10 seconds for status.....


    Installation of unbound completed

<snip>

Do you want to KEEP your current unbound configuration? ('20210202-171145_unbound.conf')

    Reply 'y' to KEEP or press [Enter] to use new downloaded 'unbound.conf'

FYI, unbound_manager also supports the use of the 'postconf' / 'unbound.conf.add' methods, to apply custom settings, which will always be applied after 'unbound.conf' is overwritten.

NOTE: If you decide to uninstall unbound then you are given the option to retain '/opt/share/unbound/configs*' or to erase it completely i.e. deleting all your backups.
 
Can I have another name for the backup e.g. vb DOT.conf ?
I have created Beta unbound_manager v3.23b to accommodate your suggestion.
Code:
e  = Exit Script [?]

A:Option ==> vb DoT

Active 'unbound.conf' backed up to '/opt/share/unbound/configs/DoT.conf'
Code:
e  = Exit Script [?]

A:Option ==> vb ?

    'unbound.conf' Configuration backups

        9.9K Tue Feb  2 12:12:48 2021 /opt/share/unbound/configs/20210202-121248_unbound.conf
       10.0K Tue Feb  2 17:12:07 2021 /opt/share/unbound/configs/reset.conf
       10.1K Tue Feb  2 17:12:20 2021 /opt/share/unbound/configs/user.conf
       10.2K Wed Feb  3 09:54:55 2021 /opt/share/unbound/configs/20210203-095455_unbound.conf
       10.2K Wed Feb  3 09:59:08 2021 /opt/share/unbound/configs/DoT.conf
Code:
A:Option ==> rl DoT

unbound-checkconf: no errors in /opt/share/unbound/configs/DoT.conf

Reloading 'unbound.conf' status=11:20:54 Saving unbound cache to '/opt/share/unbound/configs/cache.txt' msg.cache=805/374 rrset.cache=2552/1801
ok

Use command uf dev to test the Beta and uf to revert to v3.22
 
Last edited:
Thanks Martineau,
I will test it. Thanks a lot
Hi Marineau,
it seems to work. I am now on b2.
updating to next betas or higher versions will be possible via amtm or do I have to switch back to V3.22?

Exactly clear is the postconf method not for me.
Do I have to create a new unbound.conf.add file in /opt/share/unbound/unbound.conf.add and fill it with the sections of the unbound.conf file I had changed ?

e.g. for DOT use every line beginning with

"forward-zone: #DOT"

till the
#@@@@@@@@@@@@@@

?
Thanks a lot
Hugo
 
Last edited:
Hi Marineau,
it seems to work. I am now on b2.
updating to next betas or higher versions will be possible via amtm or do I have to switch back to V3.22?
When v3.23 is available on Github, then you should be prompted to upgrade i.e. enter command u
If it doesn't then command uf will force the upgrade
Exactly clear is the postconf method not for me.
Using the .postconf method gives you the ability to alter the current 'unbound.conf' in situ, but does require scripting knowledge.
Do I have to create a new unbound.conf.add file in /opt/share/unbound/unbound.conf.add and fill it with the sections of the unbound.conf file I had changed ?
Yes.

Any directives defined in '/opt/share/unbound/unbound.conf.add' will override existing directives in 'unbound.conf'.
 
I am using Unbound v3.22 in FW 386.1. It is working flawlessly with cache hit percentage above 70% at all times but my log is getting spammed with this:


Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 reply_domains...
Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 nx_domains...
Feb 8 15:57:01 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 RPZ events...

Is there a way to remove this from the log while maintaining the Unbound Stats in the addons page?
 
I am using Unbound v3.22 in FW 386.1. It is working flawlessly with cache hit percentage above 70% at all times but my log is getting spammed with this:


Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 reply_domains...
Feb 8 15:57:00 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 nx_domains...
Feb 8 15:57:01 RT-AC86U-7A60 (unbound_log.sh): 1705 Processed 0 RPZ events...

Is there a way to remove this from the log while maintaining the Unbound Stats in the addons page?
The log and the graphs are 2 different things...set the log to display warnings and above? you don't need to see every action, every proc in the log. the log is just so you can see problems and issues and errors. YMMV
 
tried making my own thread but got no attention for my issue so i am reposting it here in hopes someone will see it and have an idea.


I am running an ac68u on johns fork 47D7. i try to install and run unbound. everything installs ok but as soon as it tries to startup it goes awol after 1 second. i have tried rebooting uninstalling reinstalling formatting my usb drive formatting the jffs and even reinstalling johns fork via the cfe loader at 192.168.1.1 nothing has helped. ive fought off urges to smash things a few times already. i hope someone can help me.


here is the errors


Starting unbound... failed.
00:52:53 Checking 'unbound.conf' for valid Syntax.....
00:52:54 Requesting unbound (S61unbound) restart.....
Starting unbound... failed.
00:52:56 Checking status, please wait.....


***ERROR unbound went AWOL after 1 seconds.....

Try option 'debug' and check for unbound.conf or runtime errors!

Manual install unbound Customisation complete 5 minutes and 3 seconds elapsed - Please wait for up to 10 seconds for status.....



***ERROR unbound went AWOL after 1 seconds.....


***ERROR Unsuccessful installation of unbound detected

Feb 7 00:52:54 (none) user.warn (unbound_manager): 2383 Requesting unbound (/opt/etc/init.d/S61unbound$) restart.....
Feb 7 00:52:54 (none) user.warn S61unbound: restart Unbound DNS server /opt/etc/init.d/S61unbound
Feb 7 00:52:56 (none) user.warn (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
Feb 7 00:52:56 (none) user.warn GXXxxXXX: Failed to start unbound from .
Feb 7 00:52:57 (none) user.warn (unbound_manager): 2383 ***ERROR unbound went AWOL after 1 seconds.... Try 'unbound -dv' and check for unbound.conf or runtime errors!
[1612677178] unbound[30751:0] notice: Start of unbound 1.12.0.
Feb 07 00:52:58 unbound[30751:0] debug: increased limit(open files) from 1024 to 2286
Feb 07 00:52:58 unbound[30751:0] debug: creating udp4 socket 127.0.0.1 53535
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp4 socket 127.0.0.1 53535
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] debug: creating udp6 socket :: 53535
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp6 socket :: 53535
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] debug: creating tcp4 socket 127.0.0.1 953
Feb 07 00:52:58 unbound[30751:0] error: Setting TCP Fast Open as server failed: Protocol not available
Feb 07 00:52:58 unbound[30751:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:52:58 unbound[30751:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:52:58 unbound[30751:0] fatal error: could not set up connect SSL_CTX



Rerun unbound_manager nochk and select the Remove option to backout changes


XXXXX@RT-AC68U-43B8:/tmp/home/root# unbound -dv
[1612677236] unbound[31475:0] notice: Start of unbound 1.12.0.
Feb 07 00:53:56 unbound[31475:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:53:56 unbound[31475:0] fatal error: could not set up connect SSL_CTX
XXXXXX@RT-AC68U-43B8:/tmp/home/root#
 
XXXXX@RT-AC68U-43B8:/tmp/home/root# unbound -dv
[1612677236] unbound[31475:0] notice: Start of unbound 1.12.0.
Feb 07 00:53:56 unbound[31475:0] error: error in SSL_CTX verify crypto error:25066067:DSO support routines:dlfcn_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:25070067:DSO support routines:DSO_load:could not load the shared library
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E07506E:configuration file routines:module_load_dso:error loading dso
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0E076071:configuration file routines:module_run:unknown module name
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:02001002:system library:fopen:No such file or directory
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:2006D080:BIO routines:BIO_new_file:no such file
Feb 07 00:53:56 unbound[31475:0] error: and additionally crypto error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Feb 07 00:53:56 unbound[31475:0] fatal error: could not set up connect SSL_CTX
XXXXXX@RT-AC68U-43B8:/tmp/home/root#
On John's fork, I can't remember the location of the ca-cert bundle, but it might not be where Unbound_manager assumes it is (tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"). Update the path in unbound.conf or comment out the line and try again.

EDIT: look in /rom/ca-bundle.crt or /rom/etc/ssl/cert.pem

A while back I used the Entware CA bundle instead (see item #3 in the linked post).
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top