OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: karlson2k on June 19, 2021, 05:16:00 pm

Title: DNSCrypt-Proxy + Unbound = need to restart service after the boot
Post by: karlson2k on June 19, 2021, 05:16:00 pm

Hello,

I have combination of DNSCrypt-Proxy + Unbound configured as described at https://docs.opnsense.org/manual/how-tos/dnscrypt-proxy.html and https://forum.opnsense.org/index.php?topic=10670.0.

The problem is uncoordinated starts of DNSCrypt-Proxy and Unbound.
During the boot process Unbound started usually before DNSCrypt-Proxy and even when DNSCrypt-Proxy is started, Unbound still fails to resolve addresses. This could be solved by manual restart of Unbound service, but it is quite annoying to manually restart Unbound after each reboot.

Could it be solved somehow?

Title: Re: DNSCrypt-Proxy + Unbound = need to restart service after the boot
Post by: blblblb on July 27, 2021, 10:54:55 pm

+1 this is causing me issues too. I also replied to the thread about SERVFAIL responses that creep up over time.

Title: Re: DNSCrypt-Proxy + Unbound = need to restart service after the boot
Post by: franco on July 28, 2021, 09:12:18 am

> The problem is uncoordinated starts of DNSCrypt-Proxy and Unbound.

For a rigid system and traceable bootup sequence "uncoordinated" is a strange word. If you rely with core tools like  Unbound on plugin tools such as Dnscrypt-proxy of course you will run into design obstacles for the simple fact that core tools are started before plugin tools.

If you just want to restart Unbound after Dnscrypt-proxy you can use the autostart described here:

https://docs.opnsense.org/development/backend/autorun.html

The "start" priority should be higher than 50 to let plugins start first, e.g. 60 is fine for the script. And the command to restart Unbound is:

pluginctl dns


Cheers,
Franco