server:
interface: 127.0.0.1
interface: 192.168.20.3
#interface: to-do: v6
#do-ip6: yes
access-control: 0.0.0.0/0 refuse
access-control: ::0/0 refuse
access-control: 127.0.0.0/8 allow
access-control: ::1 allow
access-control: 192.168.20.0/24 allow
access-control: 192.168.0.0/24 allow
access-control: 10.0.5.0/24 allow
access-control: 10.0.10.0/24 allow
#access-control: to do: v6 ranges
do-not-query-localhost: no
hide-identity: yes
hide-version: yes
auto-trust-anchor-file: "/var/unbound/db/root.key"
val-log-level: 2
aggressive-nsec: yes
domain-insecure: "lysergic.dev"
domain-insecure: "10.0.10.in-addr.arpa"
local-zone: "10.in-addr.arpa." nodefault
tls-cert-bundle: "/etc/ssl/cert.pem"
remote-control:
control-enable: yes
control-interface: /var/run/unbound.sock
forward-zone:
name: "."
forward-addr: 192.168.0.115
forward-first: yes
stub-zone:
name: "lysergic.dev"
stub-addr: 127.0.0.1@5353
stub-no-cache: yes
stub-zone:
name: "10.0.10.in-addr.arpa"
stub-addr: 127.0.0.1@5353
stub-no-cache: yes
Hi,
I just installed a fresh copy of OpenBSD 7.1 and copied my working
Unbound configuration from a 7.0 install (attached).
Unbound version on the new system is 1.15.0, on the old one it is 1.13.2.
Upon starting it, I encounter this:
opaon$ doas rcctl enable unbound
opaon$ doas rcctl start unbound
unboundb/etc/rc.d/unbound: kill: 3957: No such process
(timeout)
opaon$ doas rcctl start unbound
unbound(timeout)
...
opaon# unbound-checkconf
unbound-checkconf: no errors in /var/unbound/etc/unbound.conf
opaon# rcctl start unbound
unbound/etc/rc.d/unbound: kill: 33461: No such process
(ok)
opaon# ps aux |grep unbound
_unbound 84446 0.0 2.1 13372 10356 ?? Ic 1:53PM 0:00.01
unbound -c /var/unbound/etc/unbound.conf
opaon# tail -n5 /var/log/daemon
May 29 13:52:16 opaon unbound: [80016:0] info: server stats for thread
0: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected
by ip ratelimiting
May 29 13:52:16 opaon unbound: [80016:0] info: server stats for thread
0: requestlist max 0 avg 0 exceeded 0 jostled 0
May 29 13:53:04 opaon unbound: [84446:0] notice: init module 0: validator
May 29 13:53:04 opaon unbound: [84446:0] notice: init module 1: iterator
May 29 13:53:04 opaon unbound: [84446:0] info: start of service (unbound
1.15.0).
opaon# rcctl restart unbound
unbound(ok)
unbound/etc/rc.d/unbound: kill: 77542: No such process
(ok)
opaon# rcctl stop unbound
unbound(ok)
opaon# ps aux |grep unbound
It seems to start/stop fine, but the rc script seems to either run into
a timeout or return this bogus `kill` output every time.
Any ideas what I could be checking here? I did not touch the rc.d
scripts, hence am unsure if it's specific to my system or if something
changed in the new version.
Thanks for reading!
Best,
Georg
No comments:
Post a Comment