rgnldo
Very Senior Member
Reported hereI took the plunge and installed Unbound. Seems to be working. I did notice this error message in my log after rebooting the router that indicated a parsing error for cron. Any ideas?
Reported hereI took the plunge and installed Unbound. Seems to be working. I did notice this error message in my log after rebooting the router that indicated a parsing error for cron. Any ideas?
I took the plunge and installed Unbound. Seems to be working. I did notice this error message in my log after rebooting the router that indicated a parsing error for cron. Any ideas?
Additionally, please take in account, if you use the UDP filter (-u switch), in some cases, due to UDP/netstat specifics, you will see the other "listening" ip+port combination.Since @rgnldo's unbound.conf on Github allows all interfaces to listen, you have to limit the netstat output to the 127.0.0.1 lines. Plus my method assumes that S61unbound has a "service restart_dnsmasq" POSTCMD included. Which it doesn't anymore on Github. That way dnsmasq is only modified after unbound is successfully started.
Return /etc/dnsmasq with line"$(netstat -nltp | awk '/unbound/ { print $4 } ' | tr ':' '#')"
server=127.0.0.1#953
0.0.0.0#53535
###53535
Uninstall unbound, then upgrade to v1.21 and select install
Yes, it's another point, why it required additionalReturn /etc/dnsmasq with line
Code:server=127.0.0.1#953 0.0.0.0#53535 ###53535
$(netstat -nltp | grep -V '0.0.0.0' | awk '/unbound/ { print $4 } ' | tr ':' '#')
server=
No. This error in cron does not interfere with the connection. Just schedule an update of root's server's. But it's quiet.Maybe I need to setup a different router for her only?
any error with direct run of the command ?Code:server=
It's optional. Adds a TCP/TLS proxy dns layerWhat is the difference if using Stubby or not?
any error with direct run of the command ?
please run
netstat -nltp | grep -V '0.0.0.0' | awk '/unbound/ { print $4 } ' | tr ':' '#'
not from the script ... but from command prompt directly ?
netstat -nltp | grep -V '0.0.0.0' | awk '/unbound/ { print $4 } ' | tr ':' '#'
netstat: showing only processes with your user ID
Excuse me -Code:netstat -nltp | grep -V '0.0.0.0' | awk '/unbound/ { print $4 } ' | tr ':' '#' netstat: showing only processes with your user ID
It's optional. Adds a TCP/TLS proxy dns layer
My own personal dnsmasq.conf contains a different command than adopted by the script. dnsmasq is only going to forward to a udp upstream port (I think), so I don't see the need to include tcp ports.Additionally, please take in account, if you use the UDP filter (-u switch), in some cases, due to UDP/netstat specifics, you will see the other "listening" ip+port combination.
When process via UPD after sending the request is waiting for the answer on request, it will be shown as a "listening" socket ....
To explain (in notation with # as port separator , like it used for the environment variable):
So, in case of configuring the unbound to work via both protocols (i.e. TCP and UDP), it make sense to use switch -t in "$(netstat -nltp | awk '/unbound/ { print $4 } ' | tr ':' '#')", to get only "real" listen IP+Ports ...
- unbound send DNS request to the external DNS server
- Connection from OUTGOING_IP#RANDOM_PORT to EXT_DNS#53
- will not be shown by your UNBOUNDLISTENADDR="$(netstat -nlup | awk '/unbound/ { print $4 } ' | tr ':' '#')" # unbound_installer
- unbound is waiting for the answer form remote DNS
- the answer will not be provided by previously established connection, it will be separate connection from external DNS to the unboud, so
- unbound will start listen on OUTGOING_IP#RANDOM_PORT
- and you can catch this IP+Port pair via "$(netstat -nlup | awk '/unbound/ { print $4 } ' | tr ':' '#')"
UNBOUNDLISTENADDR=$(netstat -nlup | grep "^udp.* 127\.0\..*\/unbound$" | head -1 | awk ' { print $4 } ' | tr ':' '#')
It depends, for me I was seeing over 300ms for initial lookups (before caching) with Stubby using Cloudflare DoH. But once cached, you will get 1ms DNS response as normal for Unbound.How much does this impact performance if any?
Excuse me -
small one -v instead capital one -V in grep ...
i.e.
netstat -nltp | grep -v '0.0.0.0' | awk '/unbound/ { print $4 } ' | tr ':' '#'
The script uses the PID condition. This is enough for unbound operation and configuration. There is no need for demand for TCP or UDP. Both will be served.My own personal dnsmasq.conf contains a different command than adopted by the script. dnsmasq is only going to forward to a udp upstream port (I think), so I don't see the need to include tcp ports.
if [ -n "$(pidof unbound)" ];then
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!