OPNsense Forum
English Forums => General Discussion => Topic started by: JL on August 20, 2018, 03:02:37 pm
-
Because of recurring performance issues with unbound i think it is wise to restart the service every n hours.
I could not find the way to configure this from the web interface or in the manual pages.
Please advise.
Thank you
-
Bump. Same problem. Thanks!
-
Bump, please. This is becoming a significant issue for us and requires manual restart of unbound at least daily.
-
Check this:
https://github.com/opnsense/core/issues/2894
the command to restart unbound is "/usr/local/sbin/pluginctl dns", just add it to /etc/crontab (the next firmware update will overwrite crontab, but if you're looking for a solution until unbound is updated that's probably it)
-
Confirmed, this is still an issue on:
OPNsense 18.7.10_3-amd64
FreeBSD 11.1-RELEASE-p18
OpenSSL 1.0.2q 20 Nov 2018
We are having to manually restart unbound on average at least once a day.
-
Working from this thread and the following posts: https://forum.opnsense.org/index.php?topic=2263.0 (https://forum.opnsense.org/index.php?topic=2263.0) and http://kb.unixservertech.com/other/networking/opnsense/cron-jobs (http://kb.unixservertech.com/other/networking/opnsense/cron-jobs) I was able to create the following and get everything to work from the command line, and schedule via the Cron GUI, but it is still failing to run via the Cron GUI ???
Here are the steps I followed, please help me understand where I failed.
Use vi to create file:
root@opnsense:~ # vi /usr/local/opnsense/service/conf/actions.d/actions_unbound_restart.conf
Information in file:
[restart]
command:/usr/local/sbin/pluginctl dns
parameters:
type:script
message:Restart Unbound DNS Service
description:Restart Unbound DNS Service
Restart configd service:
root@opnsense:~ # service configd restart
Stopping configd...done
Starting configd.
Verify new action file works as expected:
root@opnsense:~ # configctl unbound_restart restart
OK
Next I went to Services:Unbound DNS:Log File and the logs show Unbound restarted successfully.
Date Message
Jan 24 16:01:29 unbound: [67123:0] info: start of service (unbound 1.8.3).
Then I did this to ensure it would show up in the OPNsense GIU:
root@opnsense:~ # /usr/local/etc/rc.restart_webgui
Starting web GUI...done.
Generating RRD graphs...done.
I then went to System:Settings:Cron and created a cron job (image attached):
But when the time comes for it to run and I then check Services:Unbound DNS:Log File I do not see that it has restarted.
Please help.
Thanks!
-
Screenshot
-
Are you guys with crashing Unbound using:
[ ] LibreSSL
[ ] DNS over HTTPS (manual options)
[ ] DNS over TLS (manual options)
Cheers,
Franco
-
My apologies, we have no idea why unbound keeps dying. If you can direct me where to look or which log files to post I will. Attached is a screenshot of our unbound config page. I do not think we are running LibreSSL as it is not selected in the firmware page, screenshot also attached.
OPNsense 18.7.10_3-amd64
FreeBSD 11.1-RELEASE-p18
OpenSSL 1.0.2q 20 Nov 2018
Many thanks!
-
It could be an unstable WAN causing this... unstable in general or IPv6 in particular. Make sure to disable IPv6 if you don't have connectivity from your ISP and watch out for the system log restarting the WAN interface.
In general, crashes for Unbound need to be reported with Unbound authors. We can deal with configuration errors, but not with segmentation faults without touching code we shouldn't touch.
Cheers,
Franco
-
Ok, we will investigate this, thank you!